urlscan.io logo urlscan.io
SecurityTrails logo

mail.samptic.biz Open in urlscan Pro
162.213.255.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.samptic.biz/
Submission: On December 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 83 HTTP transactions. The main IP is 162.213.255.31, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mail.samptic.biz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 11th 2023. Valid for: a year.
This is the only time mail.samptic.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.213.255.31 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server144-5.web-hosting.com
mail.samptic.biz
6    2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
23    2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.samptic.biz
1    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2600:141b:1c00:d81::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    2607:fbe0:1:42::1a (United States)

ASN40824 (WZ-US-40824, US)
crafty-math.com
16    2607:fbe0:1:42::19 (United States)

ASN40824 (WZ-US-40824, US)
crookedchange.com
1    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    206.54.174.187 (United States)

ASN40824 (WZ-US-40824, US)
PTR: c-q100-u1152-187.webazilla.com
www.cruel-national.pro
7    206.54.174.20 (United States)

ASN40824 (WZ-US-40824, US)
PTR: c-d040-u2647-20.webazilla.com
10945-2.s.cdn15.com
3    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
Apex Domain
Subdomains		 Transfer
24 samptic.biz
mail.samptic.biz
www.samptic.biz
629 KB
16 cruel-national.pro
www.cruel-national.pro
422 KB
16 crookedchange.com
crookedchange.com
34 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
7 cdn15.com
10945-2.s.cdn15.com — Cisco Umbrella Rank: 283313
660 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3234
log.pinterest.com — Cisco Umbrella Rank: 4390
19 KB
2 crafty-math.com
crafty-math.com
15 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
83 11
Domain Requested by
23 www.samptic.biz mail.samptic.biz
16 www.cruel-national.pro crafty-math.com
crookedchange.com
16 crookedchange.com mail.samptic.biz
crookedchange.com
7 10945-2.s.cdn15.com crookedchange.com
6 pagead2.googlesyndication.com mail.samptic.biz
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 crafty-math.com mail.samptic.biz
crafty-math.com
2 assets.pinterest.com mail.samptic.biz
assets.pinterest.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 log.pinterest.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com mail.samptic.biz
1 mail.samptic.biz
83 14

This site contains links to these domains. Also see Links.

Domain
www.samptic.biz
generatepress.com
Subject Issuer Validity Valid
*.web-hosting.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-11 -
2024-04-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
samptic.biz
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
crafty-math.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
crookedchange.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
www.cruel-national.pro
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.s.cdn15.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-23 -
2024-10-31		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://mail.samptic.biz/
Frame ID: 4540E22C7880AE88D017C579A3882852
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 76D7432C0C1925F2CE9E65C39161B1ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639502498520649&output=html&adk=1812271804&adf=3025194257&lmt=1703178200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmail.samptic.biz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703178199763&bpp=209&bdt=220&idt=492&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5292660338619&frm=20&pv=2&ga_vid=279824134.1703178200&ga_sid=1703178200&ga_hid=1251077609&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31080104%2C95320868%2C95320885&oid=2&pvsid=2788312874841644&tmod=22820318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=522
Frame ID: 410D49DF7714EFE552FB9FA60015682C
Requests: 1 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xprqov
Frame ID: 1EEE8735A61F501F291AF6AE33127874
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=cvmxwd
Frame ID: 036F19675E5EE7F42B6C522604A382D0
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=uulaiz
Frame ID: 90F3F2771B537A122E89BC508118B04B
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=tvhqph
Frame ID: BE976EFCDC9FBD2038118ECA2245CAEF
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=qmkwos
Frame ID: C2C53D206FC2CB19C0EFCC1325069F17
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=ysrmqp
Frame ID: 0244A93695DC64751FA863CDFC96716A
Requests: 2 HTTP requests in this frame

Frame: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xnxmzj
Frame ID: 95FC0692106F3D571CF364289334972B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D93D298D176F08827FFE2FEA2F2D33E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76A9451D5B8499324C7E18F39785A1B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Samptic - Dogs and Pets

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

83
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

15
IPs

1
Countries

2101 kB
Transfer

4079 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.samptic.biz/ 		240 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.213.255.31 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server144-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
ea049c14b3883c4309ac692f061e421febb132c30ef0ba682e2571f1a4e648bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 17:03:19 GMT
etag
"1439-1703178199;br"
link
<https://www.samptic.biz/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
263_HTTP.200,263_home,263_URL.6666cd76f96956469e7be39d750cc7d9,263_F,263_
x-turbo-charged-by
LiteSpeed
x-ua-compatible
IE=edge
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639502498520649
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
663dbd06a436203105d25b9bd8c95adf563e41df63b9df46429acb1e48d34f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.samptic.biz/
Origin
https://mail.samptic.biz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51281
x-xss-protection
0
server
cafe
etag
12389740415519731480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 17:03:19 GMT
style.min.css
www.samptic.biz/wp-includes/css/dist/block-library/ 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;3a7dc1c4f5e531276e7f7834eea34ec4;2-537171-1;ba1fd4ce-657b-4be3-68dd-30f9f12f8aee
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 06 Nov 2023 06:10:32 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
blocks.style.build.css
www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/ 		79 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/blocks.style.build.css?ver=3.2.13
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
95dcd13a118a39f7a1b770bc957300c47f88720389b521d6fdc2f715af448e33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;34057089581076774109ae2ca915aa74;2-537171-1;fd080c7a-9fde-4ad7-7b18-bec29c80de74
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Tue, 01 Aug 2023 13:26:46 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
icon-fonts.build.css
www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/assets/css/ 		64 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/assets/css/icon-fonts.build.css?ver=3.2.13
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
433b0c78b07c51ffe1dd5a124d7cc45a09e30178a7b2ce1cf1e8c50909697a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;61ba87004b42176eb831f93140de95f0;2-537171-1;496e11f0-06ab-4b36-5c7f-9c0f56bf0622
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 30 Jan 2023 16:06:30 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
wpautoterms.css
www.samptic.biz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 		547 B
273 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.4.2
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;c39636fd0db37e83ef279595b4c2bc1c;2-537171-1;8e7e4a81-e067-4913-5013-e6655289ac62
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
143
response
200
last-modified
Wed, 22 Nov 2023 08:18:22 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
styles.css
www.samptic.biz/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.5
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;b4c70a6c2e52abbb5b22164dfbb6fc95;2-537171-1;df02a3a9-4663-4fdb-4be9-462efdce49f4
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
892
response
200
last-modified
Thu, 16 Nov 2023 07:57:00 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
main.min.css
www.samptic.biz/wp-content/themes/generatepress/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;cc6e6f9ba173d37cc1620b02d6104be0;2-537171-1;66dd2be8-1dde-4752-5160-aa66fcaee08b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Tue, 25 Oct 2022 20:14:22 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
jquery.min.js
www.samptic.biz/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;2504b3336889fbfa28448633d8869634;2-537171-1;2616e8ce-9e95-498d-6efe-9b94b568c21b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Tue, 29 Aug 2023 02:44:24 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
jquery-migrate.min.js
www.samptic.biz/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;850436bc3db9315481fb5c408d646f6c;2-537171-1;f005a37b-2e6a-4c5a-55fd-f4a031ff0c8b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Fri, 09 Jun 2023 15:19:24 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
wp-polyfill-inert.min.js
www.samptic.biz/wp-includes/js/dist/vendor/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;e09c844feef02b3ae6868087767a6e1b;2-537171-1;650136fa-20b6-4e9e-762c-67fc7ea7de0b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Wed, 18 Jan 2023 21:46:34 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
regenerator-runtime.min.js
www.samptic.biz/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;2744d12585f5b3244f8c9ed204ccb852;2-537171-1;3fdf0e78-f0a6-4ad4-5750-070619556e7c
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Wed, 20 Sep 2023 05:00:24 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
wp-polyfill.min.js
www.samptic.biz/wp-includes/js/dist/vendor/ 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;f30fa12bdbf098bc2534ae13cee48404;2-537171-1;255687f8-9642-43ed-4586-4d258480990a
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Tue, 26 Sep 2023 23:53:26 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
dom-ready.min.js
www.samptic.biz/wp-includes/js/dist/ 		498 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;5bef881bbab35a02df9a30f5caf94b61;2-537171-1;10a7353f-23ec-42ef-79ec-1a9f10a771f7
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
283
response
200
last-modified
Thu, 21 Sep 2023 22:56:32 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
base.js
www.samptic.biz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 		720 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;4ad06a1bb869df4e271d5f56d9da9853;2-537171-1;3ffc7124-2073-4bbb-5401-679aaa347d50
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
250
response
200
last-modified
Wed, 22 Nov 2023 08:18:22 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-KV5DZGL
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a3e66f7e47a0d3789f23253db2fcca7129ed97023298d64d225a166c78199d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93182
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 17:03:20 GMT
91401daa-8323-4eb1-9385-5b2fa3b525bf
https://mail.samptic.biz/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.samptic.biz/91401daa-8323-4eb1-9385-5b2fa3b525bf
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
BEST-INTERNATIONAL-DOG-GAMES.png
www.samptic.biz/wp-content/uploads/2023/12/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samptic.biz/wp-content/uploads/2023/12/BEST-INTERNATIONAL-DOG-GAMES.png
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ba417a72323dd8716006a865eb42f245ac869024648b030420063a3e77008e7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;61b7408cbfa44a25dd50b20364370275;2-537171-1;a3e4bfa3-00e6-4e76-75c7-d9bee28cc595
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 20 Dec 2023 10:01:45 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
PET-TRADE-SHOWS.png
www.samptic.biz/wp-content/uploads/2023/12/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samptic.biz/wp-content/uploads/2023/12/PET-TRADE-SHOWS.png
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
44cc6a92ec7c36d7ba892c5a023331cc316e45e3c3c7154e0ace158102ece4af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;9b508029b3386fbc8e28f18da7d1b000;2-537171-1;6473cae0-1b73-4b54-6313-89596d5e7812
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 20 Dec 2023 08:30:03 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
Best-wet-Food-for-indoor-Cats.jpg
www.samptic.biz/wp-content/uploads/2023/12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samptic.biz/wp-content/uploads/2023/12/Best-wet-Food-for-indoor-Cats.jpg
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c3bc56bf88a942fc25c68c8551b5be6b0fca2685952cb102794de8b7942b0578

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:19 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;9d1884b143be84f8641b43dda5af4a2f;2-537171-1;151b3114-57b7-4742-700a-fdb8045ebcd5
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 18 Dec 2023 10:59:17 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639502498520649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137916
x-xss-protection
0
server
cafe
etag
1305020384322512277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 17:03:20 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 76D7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639502498520649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:24:56 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 16:24:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
script.js
www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/recipe-card-blocks-by-wpzoom/dist/assets/js/script.js?ver=3.2.13
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8029049b43ca108b4dbc103496a08ea0b5f1828aaa2c5e5ffa0b94306c924fbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Wed, 18 Oct 2023 13:32:52 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
expires
Thu, 28 Dec 2023 17:03:20 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js?ver=6.4.2
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:d81::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
203
index.js
www.samptic.biz/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.5
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 16 Nov 2023 07:57:00 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
expires
Thu, 28 Dec 2023 17:03:20 GMT
index.js
www.samptic.biz/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;4a0ff9219c7f3c84a122ecd920c12e8a;2-537171-1;394e94e6-1931-4e83-6017-646b366d522e
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 16 Nov 2023 07:57:00 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
menu.min.js
www.samptic.biz/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Wed, 22 Mar 2023 20:14:28 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
expires
Thu, 28 Dec 2023 17:03:20 GMT
1r
crafty-math.com/c.D/9C6sb/2v5/lpS_WvQK9/N-DckI2/M/DVEmxqNWCb0L0vOcT/Y_wQMCT/E/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crafty-math.com/c.D/9C6sb/2v5/lpS_WvQK9/N-DckI2/M/DVEmxqNWCb0L0vOcT/Y_wQMCT/E/1r
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1a , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
73097193ad35b54ee095321d3719ed0e412a9960f961aa3aecafdcf8cfd7b244
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Mon, 26 Jul 2011 05:00:00 GMT
zsMAwM
crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5da988463d2016c8bf4a7f2520ab40cfa0f1b2834c62ed841191bb03b2a19f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://mail.samptic.biz
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Mon, 26 Jul 2011 05:00:00 GMT
Best-Bedding-for-Outdoor-Cat-House.png
www.samptic.biz/wp-content/uploads/2023/12/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samptic.biz/wp-content/uploads/2023/12/Best-Bedding-for-Outdoor-Cat-House.png
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c85f3b205ffc6b1533e20f78eda9b61802498e289e5e277e90e47e2eaa0f563a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;8dc84c2bdece3ab9d78273257ee7d9e2;2-537171-1;0d17f054-da60-4d8c-4f28-856bf53d7553
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 18 Dec 2023 09:15:29 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
Best-Bark-Collars-For-Dogs.jpg
www.samptic.biz/wp-content/uploads/2023/12/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samptic.biz/wp-content/uploads/2023/12/Best-Bark-Collars-For-Dogs.jpg
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1602a78ea9b8471a80c6a585193b9755c0740dfd5d8db7fa3bfc16aa45257974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;416e7a3909ef730b3f18a5585914df0a;2-537171-1;94b56e45-da70-45f8-7219-80aa59b7c355
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 14 Dec 2023 08:31:16 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P4MBNJ7EXP&gtm=45Pe3bt0v9171592546&_p=1703178199969&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=279824134.1703178200&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703178200&sct=1&seg=0&dl=https%3A%2F%2Fmail.samptic.biz%2F&dt=Samptic%20-%20Dogs%20and%20Pets&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3459
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KV5DZGL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.samptic.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 410D 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639502498520649&output=html&adk=1812271804&adf=3025194257&lmt=1703178200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmail.samptic.biz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703178199763&bpp=209&bdt=220&idt=492&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5292660338619&frm=20&pv=2&ga_vid=279824134.1703178200&ga_sid=1703178200&ga_hid=1251077609&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31080104%2C95320868%2C95320885&oid=2&pvsid=2788312874841644&tmod=22820318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=522
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 17:03:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
www.samptic.biz/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samptic.biz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: mail.samptic.biz
URL: https://mail.samptic.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 02 Feb 2023 11:23:26 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
expires
Thu, 28 Dec 2023 17:03:20 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/c.D/9C6sb/2v5/lpS_WvQK9/N-DckI2/M/DVEmxqNWCb0L0vOcT/Y_wQMCT/E/1r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 143106
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/c.D/9C6sb/2v5/lpS_WvQK9/N-DckI2/M/DVEmxqNWCb0L0vOcT/Y_wQMCT/E/1r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 130901
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Ye2fx.pgZ_Wi5j0kZlG-Fn0oYpTq9_ysctmulvk-PxTykzwAM_GCIDzEYFz-MHxIOJGKI_zMMNmOMP4-MRGSNTlUY_mWVXhYNZz-NbjcYdTeZ_hgNhDiMj5-ZljmZnko
crafty-math.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crafty-math.com/Ye2fx.pgZ_Wi5j0kZlG-Fn0oYpTq9_ysctmulvk-PxTykzwAM_GCIDzEYFz-MHxIOJGKI_zMMNmOMP4-MRGSNTlUY_mWVXhYNZz-NbjcYdTeZ_hgNhDiMj5-ZljmZnko
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/c.D/9C6sb/2v5/lpS_WvQK9/N-DckI2/M/DVEmxqNWCb0L0vOcT/Y_wQMCT/E/1r
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1a , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
server
nginx
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame 1EEE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xprqov
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
7028ad42eaeead7ff9a0cfd32328f74adfda00e4c6ab141d9623f38b7b6893e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 143106
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 130901
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame 036F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=cvmxwd
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
26fb24025cf0c9c1e7c2c40d4424ef766228bb7ac56ec24fe94aba65a1bc1025
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 131138
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 130901
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame 90F3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=uulaiz
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
fa7151394c9572509bc8345fec84955d6ef8ee67a388ff1cf26835e20fd9f386
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 80448
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 130901
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame BE97 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=tvhqph
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
c0768a2f071579620f1d6623031b059a550739fdcfacf8c2cfee17fed874e488
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 131138
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 130901
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame C2C5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=qmkwos
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
b86e3d6638b7a114ca31a376231555b84d71bdb363c723af1117eb79acfb8e38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 103567
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 113076
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame 0244 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=ysrmqp
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
d04f03e68c942ae0d12a616c45e89e072de31977cbf716ce496109c1319415d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 131138
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 99403
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY...
crookedchange.com/ Frame 95FC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xnxmzj
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
997035d2fb1b5bd0f96d070e713e2c9eeb5e6902fc0b3b2f345a09d077455831
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 21 Dec 2023 17:03:20 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Thu, 21 Dec 2023 17:03:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 90502
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
37fd9ab7afd7.js
www.cruel-national.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cruel-national.pro/dea777/37fd9ab7afd7.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.187 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-q100-u1152-187.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:20 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+geIhOIVwmhbQ4uePDVNfcl+b7Bsl49WP5YDGxQXEo1UmbzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
333, 88990
cache-control
max-age=315327739, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNWOUP0-MR2SETzUZ_GWVXiYNZD-Qb0cYdzeY_5gYhjicj0-OlGmQn4oM_DqFrjsMtz-VviwMxTyV_jAYBTCID1-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.samptic.biz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:20 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.3526156794762556
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:d81::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
content-length
18679
535732_98397.png
10945-2.s.cdn15.com/creatives/71940/284135/ Frame 1EEE 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284135/535732_98397.png
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xprqov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
74b9d124352e62e85b44140ff70e8f4e75089b5deba6ca69293f6f51f4acc8ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
tx141d3fc555f34cf2bc2c5-00651bf8e9
content-length
145969
x-trans-id
tx141d3fc555f34cf2bc2c5-00651bf8e9
last-modified
Mon, 02 Oct 2023 15:22:15 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92utEGEFsgp0Saeyt7UYJrROxu+/ThX10k5rdTAQ2swmYU=
etag
"c8f9bff0557a36cf9e426391f1dda792"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
x-vhostid
271, 47559
access-control-allow-origin
*
x-timestamp
1696260134.95299
cache-control
max-age=7264919
accept-ranges
bytes
expires
Thu, 14 Mar 2024 19:05:20 GMT
534535_291e1.jpg
10945-2.s.cdn15.com/creatives/71940/283394/ Frame 036F 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/283394/534535_291e1.jpg
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=cvmxwd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
ec4173554a4384a96c339ff67b48102c8c14a24646fbca239379a3d0de8372c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
tx1e069041c58b4907bda7e-006516eff7
content-length
121313
x-trans-id
tx1e069041c58b4907bda7e-006516eff7
last-modified
Thu, 28 Sep 2023 15:24:36 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92uYOThZaqhdTglqb+Du/5+jBu+/ThX10k5rdTAQ2swmYU=
etag
"cb30cac111fdf178283c0c11a01e0470"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
x-vhostid
190, 47559
access-control-allow-origin
*
x-timestamp
1695914675.13927
cache-control
max-age=6934949
accept-ranges
bytes
expires
Sun, 10 Mar 2024 23:25:50 GMT
535691_fe31e.jpg
10945-2.s.cdn15.com/creatives/71940/284135/ Frame BE97 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284135/535691_fe31e.jpg
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=tvhqph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
c4a01641caf3c7212d32b3ba27b60a5cb665f5963a44b70af88af78fdd76f5b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
tx965513a2517142109e08f-00651bf8fb
content-length
13937
x-trans-id
tx965513a2517142109e08f-00651bf8fb
last-modified
Mon, 02 Oct 2023 14:26:20 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92utEGEFsgp0Saeyt7UYJrROxu+/ThX10k5rdTAQ2swmYU=
etag
"068ce388c2a2e8eea8370abd4de17009"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
x-vhostid
227, 47559
access-control-allow-origin
*
x-timestamp
1696256779.01814
cache-control
max-age=7264937
accept-ranges
bytes
expires
Thu, 14 Mar 2024 19:05:38 GMT
535731_4e069.png
10945-2.s.cdn15.com/creatives/71940/284135/ Frame 90F3 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284135/535731_4e069.png
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=uulaiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
54e9fd67d9ae4efca1b6085916c96e1352fd423005502d332546618b2b6f47c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
tx674dd16ec312475aa5e61-00651c0543
content-length
131144
x-trans-id
tx674dd16ec312475aa5e61-00651c0543
last-modified
Mon, 02 Oct 2023 15:22:15 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92utEGEFsgp0Saeyt7UYJrRO+XUjxhkkQf5/0miK7og3wvvC9u7Zjs4dN2wNcOzEIUJ
etag
"8ef0522e400e358fed755e30d2e90cfb"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
x-vhostid
401, 47559
access-control-allow-origin
*
x-timestamp
1696260134.83151
cache-control
max-age=7268081
accept-ranges
bytes
expires
Thu, 14 Mar 2024 19:58:02 GMT
535732_98397.png
10945-2.s.cdn15.com/creatives/71940/284135/ Frame 95FC 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284135/535732_98397.png
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=xnxmzj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
74b9d124352e62e85b44140ff70e8f4e75089b5deba6ca69293f6f51f4acc8ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
tx141d3fc555f34cf2bc2c5-00651bf8e9
content-length
145969
x-trans-id
tx141d3fc555f34cf2bc2c5-00651bf8e9
last-modified
Mon, 02 Oct 2023 15:22:15 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92utEGEFsgp0Saeyt7UYJrROxu+/ThX10k5rdTAQ2swmYU=
etag
"c8f9bff0557a36cf9e426391f1dda792"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
x-vhostid
271, 47559
access-control-allow-origin
*
x-timestamp
1696260134.95299
cache-control
max-age=7264919
accept-ranges
bytes
expires
Thu, 14 Mar 2024 19:05:20 GMT
535712_14f54.jpg
10945-2.s.cdn15.com/creatives/71940/284135/ Frame 0244 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284135/535712_14f54.jpg
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=ysrmqp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
23de8fd505c81357f2eb712d04404ba793517bedbb9e1cb72da89491b11d9fee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
txef1c281298a54d4ea8d9a-00651bf8ca
content-length
22450
x-trans-id
txef1c281298a54d4ea8d9a-00651bf8ca
last-modified
Mon, 02 Oct 2023 14:26:54 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92uO2YtkP8cF7d/jYDaW03ZIRu+/ThX10k5rdTAQ2swmYU=
etag
"d67673c77960747507563624b6bf3ba0"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
x-vhostid
297, 47559
access-control-allow-origin
*
x-timestamp
1696256813.44656
cache-control
max-age=7264888
accept-ranges
bytes
expires
Thu, 14 Mar 2024 19:04:49 GMT
534541_d178d.jpg
10945-2.s.cdn15.com/creatives/71940/283394/ Frame C2C5 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/283394/534541_d178d.jpg
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/afWgZ_y.Pi2jQk9lM-TncowpMqz_Es3tOuDvI-wxMyDzIA2_NCzDcExFN-zHUI1JNKC_ZMpNZO2P5-vRcSmTVUw_bW3XBYzZY-2bhcldbeW_Ug9hMiSjZ-tldmWnxo0_aqXrRshtZ-2vJwhxbym_5AlBcCjD1-0FcGnHVIl_JKnLpMvNb-mPVQpRZSD_0U0VOWTXY-wZMaTbQcw_?iframeId=qmkwos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.54.174.20 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
c-d040-u2647-20.webazilla.com
Software
ucdn/1.24.0 /
Resource Hash
8486bcc4bd2307a9ea50a6b77062913f6a5dc67fdf86796ce55c5a10c36ca944

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crookedchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
x-openstack-request-id
txa0f12ca38ffc4d46b7ba3-006516f3c7
content-length
91223
x-trans-id
txa0f12ca38ffc4d46b7ba3-006516f3c7
last-modified
Thu, 28 Sep 2023 15:24:37 GMT
server
ucdn/1.24.0
x-ureq-id
ZS1VbLjeI7FJwHu0yuqc1BDQfTeXuMASd9BwMBOh+gfTLJy/teEnwYXq0JQbK92u317YlX7fiWW4GtBRI9tEBhu+/ThX10k5rdTAQ2swmYU=
etag
"a0cf9861f111feb71e7d5bb3fe0b0fbb"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
x-vhostid
240, 47559
access-control-allow-origin
*
x-timestamp
1695914676.00119
cache-control
max-age=6935925
accept-ranges
bytes
expires
Sun, 10 Mar 2024 23:42:06 GMT
aGWH1-w.cJmKVLzMc_2OlPvQbRj-9ThUZVGWl_kYPZTaUbz-NdTecf0gM_yiZjikdlG-4n9oQp2qd_KsVtluVv4-SxUypzZAb_kCpD2EWFV-dHSIaJVKl_XMNNWOtPN-TRmSpTmUa_2WFX3YRZ0-9bKccdmeF_CgRhWidjG-JlmmQn9oM_TqcrwsMtz-Ev3wOxDyI...
crookedchange.com/ 		0
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/aGWH1-w.cJmKVLzMc_2OlPvQbRj-9ThUZVGWl_kYPZTaUbz-NdTecf0gM_yiZjikdlG-4n9oQp2qd_KsVtluVv4-SxUypzZAb_kCpD2EWFV-dHSIaJVKl_XMNNWOtPN-TRmSpTmUa_2WFX3YRZ0-9bKccdmeF_CgRhWidjG-JlmmQn9oM_TqcrwsMtz-Ev3wOxDyI_wAMBDCID2-NFzGcHxIN_zKUL1MNNC-ZPpQZRnSJ_hUbVWWVXp-ZZDa1b4cc_HeJfxgbh3-YjmkalWmd_uobp3qJrl-ctGu9vwwc_2yNzoAZBW-1DlEPFTGE_mIbJXKVLs-dNGOlP0QY_WSdTiUYVW-5XuYZZXaI_9cddHeJf1-ZhSiZj6kb_2m5nloapW-Qr9sNtDuk_2wMxDyEz0-MBAC
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XVVPsDdxGwlc0xYLWdd/iQYUWe5JupZMXpIg/ReLm/9EuxZyU/lDkeP/T-Qu5/NujUAsxCMyzlIZtDNhDRkh2dMqDsE/zsMAwM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::19 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 17:03:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Dec 2023 17:03:21 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
content-type
application/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5263cc0b19f3aa2fdfb4af6fdb7479e697f89866a7d3ee99e5eaa8263e182bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12341
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 17:03:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D93D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:25:02 GMT
expires
Fri, 20 Dec 2024 16:25:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 76A9 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
171a908a51fb08d29366320490584ce893ad36e6c437549777e397105ddd1e06
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EuK2pgP1HluPB8_jf8-2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.samptic.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EuK2pgP1HluPB8_jf8-2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 17:03:21 GMT
expires
Thu, 21 Dec 2023 17:03:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D93D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:25:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
2299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 16:25:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 76A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2788312874841644&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D93D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CXQtwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:03:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
log.pinterest.com/ 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=s91o7cSECzdq&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.samptic.biz%2F&viaSrc=canonical
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 21 Dec 2023 17:03:22 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
5
x-pinterest-rid
4718392686098352
content-length
0
x-served-by
cache-yyz4541-YYZ
pragma
no-cache
server
envoy
x-timer
S1703178202.979710,VS0,VE27
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2788312874841644&bg=!OTqlOnXNAAY3kmNgF5I7ADQBe5WfON0L4PBYCaau21xuT-6F0BdY_rWlDQHIEcqA54rUNagjcP4RE2KWg4wUzQkqzBcHAgAAAJdSAAAAA2gBB5kC-WiSD_CpTP8rxiMUxovL2VPwKI668VNkDPIl7TnN8FvLxI-9wWAT8j4ocwYk9s-OSjEoVd23v6afjnEcOH0yQUrYq4BqNzJrQ7aYIqy4pI_ZjB3t4nA22ZeQ2WF7RY1XlYhkqlxz6xt9bdhEXahR3r8rrIyrCllUFhOsT-377CbWpFR_v5aP37Ple2za9O6LyiYja23XzVne4qs_4vs2tTktDY0E0cB0rEq-qZwd4KltAToV6bkiUszb4-TeqBqe7Y5-Xx43oweaGAGuMk24NVOzy3bra4_jblL5-uQbzl1LuvB1AB3YLSKxQ39Yam2YT3lRynjUatXEHtmffFqDubBhHOjnC7DCRnWoEL7GmKW-VWVPC-pPFTY4wobjQpgMCZuyNboPly8zQNjcYmwOnuRK_G89ZPIS3JppeozCXQi53lthaSay5S-h4PUAkol3CxVcgZAtZOhY5H4FGsWw1Ih5ZNaj3gX96cObqhIe2Qt9qvmLx4UnzZpQtOzi5FFFQuJklRIS4oAEY-yY1KNNrGB_JRgncSm5k62zi7hJ6UsgSQGhxgCxMC0PSbEOiNH8N2MRlGkkHBw6DfKL9G9yxZY9B-Dw4xJuZfZ5b_a2DVB4DhbrSjmRUyaCCGUwb2vZgrTv7JQYp3c1MBzVGZeNoB-k3oc58ed-Qyfe0lz8lV3Buxvvja3ugTdFbaOXqDYvpHP8Vg7Wp0-GPSL2pSUcJ4l9pem7FxuWKznTHvMe_E7uMYqGg4rDckCNKLi5_kkfNQ5sdlUpKIs_Orzq7SY7vzjcNlVUoFFTGmVlwW3yq2WrPiVUq7zxE7daikdIm0a5YbOkr1DGPCBB-lD8q8ACYckC_zwI88u1tJ2bGYgB_ByQgUvqSY-yoGdLKm8d3Bz_JyFbB9rOESZjqcG9VAM9yHfnTF8VB2vJ2EGbHDVeiy-AMnVnuzKvTmMRMQOKTcpyf2MuZq3U4aUBbqwgaKiTn2ELy3tCJcte4_RoaktSm6iO6rW3EfDUyaYJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.samptic.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery object| runtime object| regeneratorRuntime object| wp function| wpAutoTermsDomReady function| gtag object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map function| _storage object| wpzoomRecipeCard function| recipeCardResponsiveEmbeds object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| PIN_19712 object| swv object| wpcf7 object| generatepressMenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code string| dea777 boolean| ppuDisableTrigger object| twemoji object| PIN_1703178200904 string| value object| key object| PinUtils function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 function| N4kk object| vifkhq object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

3 Cookies

Domain/Path Name / Value
.samptic.biz/ Name: _ga_P4MBNJ7EXP
Value: GS1.1.1703178200.1.0.1703178200.0.0.0
.samptic.biz/ Name: _ga
Value: GA1.1.279824134.1703178200
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639502498520649&output=html&adk=1812271804&adf=3025194257&lmt=1703178200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmail.samptic.biz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703178199763&bpp=209&bdt=220&idt=492&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5292660338619&frm=20&pv=2&ga_vid=279824134.1703178200&ga_sid=1703178200&ga_hid=1251077609&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31080104%2C95320868%2C95320885&oid=2&pvsid=2788312874841644&tmod=22820318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=522
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10945-2.s.cdn15.com
assets.pinterest.com
crafty-math.com
crookedchange.com
googleads.g.doubleclick.net
log.pinterest.com
mail.samptic.biz
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.cruel-national.pro
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.samptic.biz
151.101.0.84
162.213.255.31
206.54.174.187
206.54.174.20
2600:141b:1c00:d81::1931
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:824::2002
2607:fbe0:1:42::19
2607:fbe0:1:42::1a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0515f6bf0496033646b60f94540ab21de7965c2ba9dec849e182b8b12d462e4f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1602a78ea9b8471a80c6a585193b9755c0740dfd5d8db7fa3bfc16aa45257974
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
171a908a51fb08d29366320490584ce893ad36e6c437549777e397105ddd1e06
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
23de8fd505c81357f2eb712d04404ba793517bedbb9e1cb72da89491b11d9fee
26fb24025cf0c9c1e7c2c40d4424ef766228bb7ac56ec24fe94aba65a1bc1025
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
433b0c78b07c51ffe1dd5a124d7cc45a09e30178a7b2ce1cf1e8c50909697a36
44cc6a92ec7c36d7ba892c5a023331cc316e45e3c3c7154e0ace158102ece4af
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d5da988463d2016c8bf4a7f2520ab40cfa0f1b2834c62ed841191bb03b2a19f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54e9fd67d9ae4efca1b6085916c96e1352fd423005502d332546618b2b6f47c5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3e66f7e47a0d3789f23253db2fcca7129ed97023298d64d225a166c78199d4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dbd06a436203105d25b9bd8c95adf563e41df63b9df46429acb1e48d34f61
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7028ad42eaeead7ff9a0cfd32328f74adfda00e4c6ab141d9623f38b7b6893e1
73097193ad35b54ee095321d3719ed0e412a9960f961aa3aecafdcf8cfd7b244
74b9d124352e62e85b44140ff70e8f4e75089b5deba6ca69293f6f51f4acc8ee
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8029049b43ca108b4dbc103496a08ea0b5f1828aaa2c5e5ffa0b94306c924fbe
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
8486bcc4bd2307a9ea50a6b77062913f6a5dc67fdf86796ce55c5a10c36ca944
95dcd13a118a39f7a1b770bc957300c47f88720389b521d6fdc2f715af448e33
997035d2fb1b5bd0f96d070e713e2c9eeb5e6902fc0b3b2f345a09d077455831
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a5263cc0b19f3aa2fdfb4af6fdb7479e697f89866a7d3ee99e5eaa8263e182bb
b86e3d6638b7a114ca31a376231555b84d71bdb363c723af1117eb79acfb8e38
ba417a72323dd8716006a865eb42f245ac869024648b030420063a3e77008e7c
c0768a2f071579620f1d6623031b059a550739fdcfacf8c2cfee17fed874e488
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3bc56bf88a942fc25c68c8551b5be6b0fca2685952cb102794de8b7942b0578
c4a01641caf3c7212d32b3ba27b60a5cb665f5963a44b70af88af78fdd76f5b8
c85f3b205ffc6b1533e20f78eda9b61802498e289e5e277e90e47e2eaa0f563a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d04f03e68c942ae0d12a616c45e89e072de31977cbf716ce496109c1319415d3
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea049c14b3883c4309ac692f061e421febb132c30ef0ba682e2571f1a4e648bd
ec4173554a4384a96c339ff67b48102c8c14a24646fbca239379a3d0de8372c6
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
fa7151394c9572509bc8345fec84955d6ef8ee67a388ff1cf26835e20fd9f386