ww4.0123movie.net/movie/avenged-1922.html
104.31.16.126301 Moved Permanently 0 B URL HTTP/1.1 ww4.0123movie.net/movie/avenged-1922.html
IP 104.31.16.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /movie/avenged-1922.html HTTP/1.1
Host: ww4.0123movie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 04:16:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 05:16:44 GMT
Location: https://ww4.0123movie.net/movie/avenged-1922.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuqAYpEGGCq%2FAjzRrxdi5LbbPDI2kQpukB8zEMX%2FaeY1E8hNX39rIwU8vOff%2Flhneq1Coeh6uarkQ91VikVg1bKpfblRddfN5jhzGB%2B5BpesQtnHrqKN8URY0jpK8ED7TTsJvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79385a536c1c0b45-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13309
Expires: Fri, 03 Feb 2023 07:58:33 GMT
Date: Fri, 03 Feb 2023 04:16:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7709
Expires: Fri, 03 Feb 2023 06:25:13 GMT
Date: Fri, 03 Feb 2023 04:16:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 03:36:09 GMT
content-type: application/json
age: 2435
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19023
Expires: Fri, 03 Feb 2023 09:33:47 GMT
Date: Fri, 03 Feb 2023 04:16:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z7wr7VXTFTvYz9lJvrMLk1fcERJBXBmh6LLbwsZExwaCZUCOXhpXxQLKP3NH+RzST2RMMKRBpXA=
x-amz-request-id: SK73PTNMR2GFGSH7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 03:52:15 GMT
age: 1469
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8d70da80e13b2f5a5f821803fc9c19a8
53f2a2f5d801dcd7d8ce16b5568cb92ab5686a9e
aa6c2927d56afa156a1aa548d20fdfc126a0526e320a0e94e28b05b0cb556227
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2683
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Last-Modified: Fri, 03 Feb 2023 03:32:01 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 04:16:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8d70da80e13b2f5a5f821803fc9c19a8
53f2a2f5d801dcd7d8ce16b5568cb92ab5686a9e
aa6c2927d56afa156a1aa548d20fdfc126a0526e320a0e94e28b05b0cb556227
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2683
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Last-Modified: Fri, 03 Feb 2023 03:32:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
dmz3nd5oywtsw.cloudfront.net/?dnzmd=837193
54.230.245.49200 OK 76 kB URL HTTP/2 dmz3nd5oywtsw.cloudfront.net/?dnzmd=837193
IP 54.230.245.49:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (18264)
Hash 91e9a3252086807face6f7b06f79e98a
d143a9812119c4adf9cf38c6e6f248ab08b2c697
0643d735d3e489b555fde88b8c4147ebe83c528b83edca2b4cf2a5afe46f4d0c
GET /?dnzmd=837193 HTTP/1.1
Host: dmz3nd5oywtsw.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68957
date: Fri, 03 Feb 2023 04:00:43 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iLu3WMBU-gnPD59Dkd-JYs150lQC0i_FERgwBekKyitMyI-oEAD-hw==
age: 961
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 64 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dabfa44fe2abba1009e77b870d007ef9
5df330297d3c1792444adaf346338458a49e1f1c
e22e640261a80355330173e527a18d1b8f6b239332555c86409a97030c62c6fb
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 03:44:08 GMT
expires: Fri, 03 Feb 2023 05:44:08 GMT
cache-control: public, max-age=7200
age: 1956
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14c026468add78dce992fc31dd21fd67
0451890cf8fb31a272a6f6f7d925f71df0a9e9ee
b413f5200049a4ab2aa14cdf7df0a41017e84eb874d6c9091e068a8f611bd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Etag: "63dc1d72-116"
Last-Modified: Fri, 03 Feb 2023 03:21:11 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14c026468add78dce992fc31dd21fd67
0451890cf8fb31a272a6f6f7d925f71df0a9e9ee
b413f5200049a4ab2aa14cdf7df0a41017e84eb874d6c9091e068a8f611bd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Last-Modified: Fri, 03 Feb 2023 03:21:11 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14c026468add78dce992fc31dd21fd67
0451890cf8fb31a272a6f6f7d925f71df0a9e9ee
b413f5200049a4ab2aa14cdf7df0a41017e84eb874d6c9091e068a8f611bd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Last-Modified: Fri, 03 Feb 2023 03:21:11 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14c026468add78dce992fc31dd21fd67
0451890cf8fb31a272a6f6f7d925f71df0a9e9ee
b413f5200049a4ab2aa14cdf7df0a41017e84eb874d6c9091e068a8f611bd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 961
Cache-Control: max-age=145799
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Etag: "63dc1d72-116"
Expires: Sat, 04 Feb 2023 20:46:43 GMT
Last-Modified: Thu, 02 Feb 2023 20:30:42 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 04:07:19 GMT
age: 565
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
IP 142.250.74.131:0
Hash bb996bfb8a858ecd05a2428121b1837b
f038902eb9d1ffe474531280ec3be1b5a74bb579
3258a8c2ea7f9d4a779c6c9df530ea3fa47ffe2b74a5395a390080cb22493702
POST /s/gts1p5/QJ2XgEbwD7g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hatwasallo.com/UHRWb2IxFjUCXTFJNEkXIhhrSlAWUWQpBj0OZQEGZRsvGBYjA3gMDj8BMgkQPxoiQQw1AHNdJB8tPR8uBTEDLSgDIWQKCgkeGl1TaCFlJRgJLBgqKxQTc10kGwwcXCkUHxslIQVMHj5aIhYSVxMZIm9ZAAQDPSshYUYyBiMdPw41CgkDGxopB0UuPSZoBTQ8BR45FSZaGyUYGQcCLiE7KiABDwE0GyQFJkdiNh8+Umk7HjlRBR0HSlAWEA4LMTVHIkpQEhADC1cTLABcNzpEPz8MHiM0XAUDLRAtVB1GDBcwYx8cCzo0JxkrU2EQPyFVNUYAHTc9OiM2DAUyGhZPN0MdBAZkMAElUwVHJlg7CCICDVE8Ex8YEWQ4PDYTFxlvWiQ+JgUJUAYTDxcGYxExSQgjGzgfXzMdHykNJzkcJg
54.230.111.17200 OK 1.2 kB URL HTTP/2 hatwasallo.com/UHRWb2IxFjUCXTFJNEkXIhhrSlAWUWQpBj0OZQEGZRsvGBYjA3gMDj8BMgkQPxoiQQw1AHNdJB8tPR8uBTEDLSgDIWQKCgkeGl1TaCFlJRgJLBgqKxQTc10kGwwcXCkUHxslIQVMHj5aIhYSVxMZIm9ZAAQDPSshYUYyBiMdPw41CgkDGxopB0UuPSZoBTQ8BR45FSZaGyUYGQcCLiE7KiABDwE0GyQFJkdiNh8+Umk7HjlRBR0HSlAWEA4LMTVHIkpQEhADC1cTLABcNzpEPz8MHiM0XAUDLRAtVB1GDBcwYx8cCzo0JxkrU2EQPyFVNUYAHTc9OiM2DAUyGhZPN0MdBAZkMAElUwVHJlg7CCICDVE8Ex8YEWQ4PDYTFxlvWiQ+JgUJUAYTDxcGYxExSQgjGzgfXzMdHykNJzkcJg
IP 54.230.111.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash 0153a3e669e4cd8787dd12a4b6eb7975
5416ebbc5fee0238ac4d6f46e680f817925f901e
eee89a946bb42ceab848413765fcd42951cc295cdc8e95469815d980df07b0a6
GET /UHRWb2IxFjUCXTFJNEkXIhhrSlAWUWQpBj0OZQEGZRsvGBYjA3gMDj8BMgkQPxoiQQw1AHNdJB8tPR8uBTEDLSgDIWQKCgkeGl1TaCFlJRgJLBgqKxQTc10kGwwcXCkUHxslIQVMHj5aIhYSVxMZIm9ZAAQDPSshYUYyBiMdPw41CgkDGxopB0UuPSZoBTQ8BR45FSZaGyUYGQcCLiE7KiABDwE0GyQFJkdiNh8+Umk7HjlRBR0HSlAWEA4LMTVHIkpQEhADC1cTLABcNzpEPz8MHiM0XAUDLRAtVB1GDBcwYx8cCzo0JxkrU2EQPyFVNUYAHTc9OiM2DAUyGhZPN0MdBAZkMAElUwVHJlg7CCICDVE8Ex8YEWQ4PDYTFxlvWiQ+JgUJUAYTDxcGYxExSQgjGzgfXzMdHykNJzkcJg HTTP/1.1
Host: hatwasallo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1170
date: Fri, 03 Feb 2023 04:16:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: he33FQqHaashywS3dGmgu_zBK8f2Az1CortmZgfL6b7qUwUZInwoSQ==
X-Firefox-Spdy: h2
hatwasallo.com/VWFoZDY0AwsJCTRcCkJDJw1VQQQTRFoiUjgbWwpSYA4RE0ImFkYHWjoUDAJEOg8cSlgwFU1WcA02PwBOBFIhUnUXWQQwZWUuLjwDHgAEJncwCi5BBBMlOS1FHSIEBXgGOCk0YAQiJg97GCI8JWMQGxsdfWc0Ly1BGywLVWdkIwBcXQFSUCd+LCM4BXMQMCIcdD40WQcFFAsxKWIWDj4oZAA4JjZFYyIfIloXGwAFfhYWISl3JgUhCFInKD02QgQPEDJnAhIuKXc+NyQlYyQwAypMHSJZJ2dmLywFYzkjMg9zNzADKkwXNSkuZGYFMAVfAzQLMX89ND1JYDgwOhB1BFIlJXplKyslXRsRPQgPLzZbHGAEMjk8eTIWDT5dFAc+MXAsMAUIYQQ5IjxXZAIwL1EUWSk2AmI3WhdeBCkmLFJkBTAqXWwOTg5FOg8YWXIwEwxXRSBQPQp3AgAKMWw
54.230.111.17200 OK 1.2 kB URL HTTP/2 hatwasallo.com/VWFoZDY0AwsJCTRcCkJDJw1VQQQTRFoiUjgbWwpSYA4RE0ImFkYHWjoUDAJEOg8cSlgwFU1WcA02PwBOBFIhUnUXWQQwZWUuLjwDHgAEJncwCi5BBBMlOS1FHSIEBXgGOCk0YAQiJg97GCI8JWMQGxsdfWc0Ly1BGywLVWdkIwBcXQFSUCd+LCM4BXMQMCIcdD40WQcFFAsxKWIWDj4oZAA4JjZFYyIfIloXGwAFfhYWISl3JgUhCFInKD02QgQPEDJnAhIuKXc+NyQlYyQwAypMHSJZJ2dmLywFYzkjMg9zNzADKkwXNSkuZGYFMAVfAzQLMX89ND1JYDgwOhB1BFIlJXplKyslXRsRPQgPLzZbHGAEMjk8eTIWDT5dFAc+MXAsMAUIYQQ5IjxXZAIwL1EUWSk2AmI3WhdeBCkmLFJkBTAqXWwOTg5FOg8YWXIwEwxXRSBQPQp3AgAKMWw
IP 54.230.111.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 6f3e87cc8bcf91fb67fe13966ed5ac79
e479840d2ef5d94d3fdc32a6db309328d5189a16
f9508491c1aa211c17608fd82c49e7cf5db8b39175d68b67d118b7e7efb581c5
GET /VWFoZDY0AwsJCTRcCkJDJw1VQQQTRFoiUjgbWwpSYA4RE0ImFkYHWjoUDAJEOg8cSlgwFU1WcA02PwBOBFIhUnUXWQQwZWUuLjwDHgAEJncwCi5BBBMlOS1FHSIEBXgGOCk0YAQiJg97GCI8JWMQGxsdfWc0Ly1BGywLVWdkIwBcXQFSUCd+LCM4BXMQMCIcdD40WQcFFAsxKWIWDj4oZAA4JjZFYyIfIloXGwAFfhYWISl3JgUhCFInKD02QgQPEDJnAhIuKXc+NyQlYyQwAypMHSJZJ2dmLywFYzkjMg9zNzADKkwXNSkuZGYFMAVfAzQLMX89ND1JYDgwOhB1BFIlJXplKyslXRsRPQgPLzZbHGAEMjk8eTIWDT5dFAc+MXAsMAUIYQQ5IjxXZAIwL1EUWSk2AmI3WhdeBCkmLFJkBTAqXWwOTg5FOg8YWXIwEwxXRSBQPQp3AgAKMWw HTTP/1.1
Host: hatwasallo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Fri, 03 Feb 2023 04:16:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zh0uD6PN4ylnSNkTdAzeNH4Mocx84myZI92PXzX4mBHF5rJSvfwWiQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
IP 142.250.74.131:0
Hash bb996bfb8a858ecd05a2428121b1837b
f038902eb9d1ffe474531280ec3be1b5a74bb579
3258a8c2ea7f9d4a779c6c9df530ea3fa47ffe2b74a5395a390080cb22493702
POST /s/gts1p5/QJ2XgEbwD7g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 14c026468add78dce992fc31dd21fd67
0451890cf8fb31a272a6f6f7d925f71df0a9e9ee
b413f5200049a4ab2aa14cdf7df0a41017e84eb874d6c9091e068a8f611bd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3334
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Last-Modified: Fri, 03 Feb 2023 03:21:11 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 06e6c458e601407cc01ff4e2899352fd
67aa08578bc19b0663d6a573779dbbbd8bc16931
6cfa991865813b8476f5b22e05b6248d0c536a4149f959201c1ee33d9b241428
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CFA991865813B8476F5B22E05B6248D0C536A4149F959201C1EE33D9B241428"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6292
Expires: Fri, 03 Feb 2023 06:01:37 GMT
Date: Fri, 03 Feb 2023 04:16:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13914
Expires: Fri, 03 Feb 2023 08:08:39 GMT
Date: Fri, 03 Feb 2023 04:16:45 GMT
Connection: keep-alive
lehebraverooper.xyz/MG1EOUQfUidKeWM6fQ8VXD8zYXRIXyZxNGc8Km8uVTsscyFdNGJNLVRQfQh8CFxyHzRZCXkIfBYeMFgwRR55CGJZAyJWeRYbeQhqAEN2F3YWGHkIYkQdJV55AUs0TTBcUHUPcwVefQ58A1l0Dnc
104.21.68.94204 No Content 0 B URL HTTP/2 lehebraverooper.xyz/MG1EOUQfUidKeWM6fQ8VXD8zYXRIXyZxNGc8Km8uVTsscyFdNGJNLVRQfQh8CFxyHzRZCXkIfBYeMFgwRR55CGJZAyJWeRYbeQhqAEN2F3YWGHkIYkQdJV55AUs0TTBcUHUPcwVefQ58A1l0Dnc
IP 104.21.68.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MG1EOUQfUidKeWM6fQ8VXD8zYXRIXyZxNGc8Km8uVTsscyFdNGJNLVRQfQh8CFxyHzRZCXkIfBYeMFgwRR55CGJZAyJWeRYbeQhqAEN2F3YWGHkIYkQdJV55AUs0TTBcUHUPcwVefQ58A1l0Dnc HTTP/1.1
Host: lehebraverooper.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 04:16:45 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4Ze6MBEJa7QqwTVJ74%2F%2FiHb58qbWXoFtc%2BLw3VEcBexcJwqD2CXgI%2Bsf39jMeqshS0MkkH5XtCsYXOmuoS2yMFnEED6DOa1rs8SEFfHk%2FGQS9Nm%2BsRymGqruhtCmXVqs2ekeQjd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79385a598f41b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lehebraverooper.xyz/RU9iOUJqcAFKfyEZDnYmAnovW3FwDjV8CDUqUggbFAgWDRMTOERNKyFyWgp1dHZRHzIsK18IZDY7A003NnJTHysrKQ0EZDNyUxdxcWFRCGx3aRcEc2M7ElgleH5ESTYxI18IdHJ6UQB1fXxWCXdx
104.21.68.94204 No Content 0 B URL HTTP/2 lehebraverooper.xyz/RU9iOUJqcAFKfyEZDnYmAnovW3FwDjV8CDUqUggbFAgWDRMTOERNKyFyWgp1dHZRHzIsK18IZDY7A003NnJTHysrKQ0EZDNyUxdxcWFRCGx3aRcEc2M7ElgleH5ESTYxI18IdHJ6UQB1fXxWCXdx
IP 104.21.68.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RU9iOUJqcAFKfyEZDnYmAnovW3FwDjV8CDUqUggbFAgWDRMTOERNKyFyWgp1dHZRHzIsK18IZDY7A003NnJTHysrKQ0EZDNyUxdxcWFRCGx3aRcEc2M7ElgleH5ESTYxI18IdHJ6UQB1fXxWCXdx HTTP/1.1
Host: lehebraverooper.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 04:16:45 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FpDpEtL4VwRjlOk%2B75ynlMM4qG9cSxaRO979Ihilc6sqPLpAY1Rrebduw0qwmCUNBV0aGj3lDldEAxWw9e%2F5HA74ChgkiLcy2MmpiUxJJ9931NFRyubZZezPyh1K7XhR912z5hh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79385a599f49b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dmz3nd5oywtsw.cloudfront.net/OYkpLUEUBJSU2ehYjL218U3JzYXNEIDg/KxJ3KDkMJCU8HQ8rbD8qIV96bTwkDC12diAMKXZhYwMuKW1xRD8qbSgNMCI8KQNveRZwTHpuYnVKPSI+IQ09OHV3UiQ/dXdSe3t+dUd5CXV3Uj0iPnNWb3gSYFB6M2ZxR3kJdXdSOD11diN7e2VrUmNuYnUFLy-g7Kkd4DWJ1U3p7YXVTb3lgIws4LjYqGm95FnRSf2VgYxd3eg
54.230.245.49200 OK 187 B URL HTTP/2 dmz3nd5oywtsw.cloudfront.net/OYkpLUEUBJSU2ehYjL218U3JzYXNEIDg/KxJ3KDkMJCU8HQ8rbD8qIV96bTwkDC12diAMKXZhYwMuKW1xRD8qbSgNMCI8KQNveRZwTHpuYnVKPSI+IQ09OHV3UiQ/dXdSe3t+dUd5CXV3Uj0iPnNWb3gSYFB6M2ZxR3kJdXdSOD11diN7e2VrUmNuYnUFLy-g7Kkd4DWJ1U3p7YXVTb3lgIws4LjYqGm95FnRSf2VgYxd3eg
IP 54.230.245.49:0
File type ASCII text, with no line terminators
Hash 456ff127cee5adadbbeae2c463b2261e
4ee657d84a88d2643fd5ed95009a15a138ef201a
fb2ef64ee8d1a366fb92b9946b514f6679bc6dfbf9dbad6a1f8d918fd4c9c904
GET /OYkpLUEUBJSU2ehYjL218U3JzYXNEIDg/KxJ3KDkMJCU8HQ8rbD8qIV96bTwkDC12diAMKXZhYwMuKW1xRD8qbSgNMCI8KQNveRZwTHpuYnVKPSI+IQ09OHV3UiQ/dXdSe3t+dUd5CXV3Uj0iPnNWb3gSYFB6M2ZxR3kJdXdSOD11diN7e2VrUmNuYnUFLy-g7Kkd4DWJ1U3p7YXVTb3lgIws4LjYqGm95FnRSf2VgYxd3eg HTTP/1.1
Host: dmz3nd5oywtsw.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatwasallo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 187
date: Fri, 03 Feb 2023 04:16:45 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TeFfnHJipTzXIMm73vs_G_ekM_xZMQFKIWc1q7McGrAHamcMsn3oiw==
X-Firefox-Spdy: h2
dmz3nd5oywtsw.cloudfront.net/XWWdxQ3I6CB8lTS0OFX5KalBAekF/DQIsHClaNSYAPVQCNkMMCTAUEzsyK2UGIwNMc1Q1Bh8kT38CHyBPaEEQJxBkU1c3AjYMTCoVLRUYNRs6CwFlBzhaHCwIMAsdIldrIURtQnxVQWsFMAkVLAUqQkNzHC1CQ3NDaUlBZkEbQkNzBTAJR3dXaiVUcUIhUU-VmQRtCQ3MAL0JCAkNpUl9zW3xVQSQXOgweZkAfVUFyQmlWQXJXa1cXKgA8AR47V2shQHNHd1dXNk9o
54.230.245.49200 OK 566 B URL HTTP/2 dmz3nd5oywtsw.cloudfront.net/XWWdxQ3I6CB8lTS0OFX5KalBAekF/DQIsHClaNSYAPVQCNkMMCTAUEzsyK2UGIwNMc1Q1Bh8kT38CHyBPaEEQJxBkU1c3AjYMTCoVLRUYNRs6CwFlBzhaHCwIMAsdIldrIURtQnxVQWsFMAkVLAUqQkNzHC1CQ3NDaUlBZkEbQkNzBTAJR3dXaiVUcUIhUU-VmQRtCQ3MAL0JCAkNpUl9zW3xVQSQXOgweZkAfVUFyQmlWQXJXa1cXKgA8AR47V2shQHNHd1dXNk9o
IP 54.230.245.49:0
File type ASCII text, with very long lines (772), with no line terminators
Hash 713dcfc28226eda4be2761d760965ca5
a176b47959e6bb17d0a5f9b67922dae1f66e0b62
8189d39f4638e57f32278cadbfde6cde8a0f2bdf000b4596375fed1d729fa8f8
GET /XWWdxQ3I6CB8lTS0OFX5KalBAekF/DQIsHClaNSYAPVQCNkMMCTAUEzsyK2UGIwNMc1Q1Bh8kT38CHyBPaEEQJxBkU1c3AjYMTCoVLRUYNRs6CwFlBzhaHCwIMAsdIldrIURtQnxVQWsFMAkVLAUqQkNzHC1CQ3NDaUlBZkEbQkNzBTAJR3dXaiVUcUIhUU-VmQRtCQ3MAL0JCAkNpUl9zW3xVQSQXOgweZkAfVUFyQmlWQXJXa1cXKgA8AR47V2shQHNHd1dXNk9o HTTP/1.1
Host: dmz3nd5oywtsw.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatwasallo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 566
date: Fri, 03 Feb 2023 04:16:45 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7KZDRUBmULcjLDYZQ6kICl2uivvM3Cd43U2RXy2nq1pNMJHMGfwkPA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Last-Modified: Fri, 03 Feb 2023 03:27:41 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8d777e9406316814b36e3c580cccd4c8
7653df86c61ff7c801e35da9eeca3ecc70c7d7e8
2c4bb952aa3359712306a7c20b845627ee26689aacdb2560a61fc175e7c0c731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8d777e9406316814b36e3c580cccd4c8
7653df86c61ff7c801e35da9eeca3ecc70c7d7e8
2c4bb952aa3359712306a7c20b845627ee26689aacdb2560a61fc175e7c0c731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QJ2XgEbwD7g
IP 142.250.74.131:0
Hash bb996bfb8a858ecd05a2428121b1837b
f038902eb9d1ffe474531280ec3be1b5a74bb579
3258a8c2ea7f9d4a779c6c9df530ea3fa47ffe2b74a5395a390080cb22493702
POST /s/gts1p5/QJ2XgEbwD7g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.vxdn.net/t-max/w_160/h_240/negar-23322.webp
172.64.108.33200 OK 7.7 kB URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/negar-23322.webp
IP 172.64.108.33:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 37148c5d781cbefa171a21be0b456531
dd320229539853ef6fe4eb74ddde59473f6e6171
73b998cbe261d4bdd0e22d2377a1ed846cf0b66003dc29e0c2ce2773f7a55d92
GET /t-max/w_160/h_240/negar-23322.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0Pl0ACVs64WDlwbOzqXStUpZEQnCV744d96q6pEqFt3s6JDR0IFcAmj%2Fk%2Fry3pvD16MjCfkK5ozUmNOV8FpZm9gNxXT1A1A6V4pY8aD5mKW2CkTbn9%2FiQd2Duo7aRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58892c8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/moving-parts-24259.webp
172.64.108.33200 OK 13 kB URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/moving-parts-24259.webp
IP 172.64.108.33:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e73a5d2c0780cd4af0adf9be0cc0edde
fb1565912eb4d90d65a17a653d513d48dd51ed8e
4c2b66a35ec074c3c8dab871dc937ff3e2dfbe9f160336ce4c240a3d45f928e5
GET /t-max/w_160/h_240/moving-parts-24259.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq8jv6cEci7ZUutl0vtYR0bX8QRXaOk8IYySAsoEbEnx7uUDcXsaDgBo5JRJmVhsba%2BhIakmRYyWZRgJ8Ft%2BWuDy52lAk%2FfUwDeHq9ButRPdb5tgSi%2FpMSg58pMhTFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58c9698880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.vxdn.net/c-max/w_1200/h_500/avenged-1922.webp
172.64.108.33200 OK 27 kB URL HTTP/2 img.vxdn.net/c-max/w_1200/h_500/avenged-1922.webp
IP 172.64.108.33:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a9d6a916d98cafd7c359afd394af6ffe
0385ce04bdd40f78de693108e4adf87ce98c05a1
8ab074503a13eb7aed2039f738e96e52799683cf1169ea8435d3f21a76a5f712
GET /c-max/w_1200/h_500/avenged-1922.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VqkIn4fI6o5wIrFv2ARxsafVmCvtkRpoVGEnB9pIGgTB15GB828c7467i0p4FMvULdR3Cqg2XRnuY6ICQrkpFic66cAx5D%2FHoEGm5Iym3%2FeqUDySpK%2BSw3rgUCjjKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58892f8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:16:45 GMT
Last-Modified: Fri, 03 Feb 2023 03:27:41 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9711
Expires: Fri, 03 Feb 2023 06:58:36 GMT
Date: Fri, 03 Feb 2023 04:16:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9711
Expires: Fri, 03 Feb 2023 06:58:36 GMT
Date: Fri, 03 Feb 2023 04:16:45 GMT
Connection: keep-alive
hatwasallo.com/utx?cb=hvmO9P1mm1po&top=ww7.0123movie.net&tid=837193
54.230.111.17204 No Content 0 B URL HTTP/2 hatwasallo.com/utx?cb=hvmO9P1mm1po&top=ww7.0123movie.net&tid=837193
IP 54.230.111.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=hvmO9P1mm1po&top=ww7.0123movie.net&tid=837193 HTTP/1.1
Host: hatwasallo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww7.0123movie.net
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 04:16:45 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww7.0123movie.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 03 Feb 2023 04:17:45 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kI5JKBG7yzM9nndyoit_8MlcJmSI0gao6LEp_02RlLrfPjtw3K1Jmg==
X-Firefox-Spdy: h2
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8S3zYMEs1y1AHLO3jPL+kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QG1awY8mQpLbo9s6yY8rAevfPxI=
begantotireo.xyz/utx?tid=837194&top=ww7.0123movie.net&cb=tU0De8FOLpys
143.204.55.63204 No Content 0 B URL HTTP/2 begantotireo.xyz/utx?tid=837194&top=ww7.0123movie.net&cb=tU0De8FOLpys
IP 143.204.55.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=837194&top=ww7.0123movie.net&cb=tU0De8FOLpys HTTP/1.1
Host: begantotireo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww7.0123movie.net
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 04:16:45 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww7.0123movie.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 03 Feb 2023 04:17:45 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 37OrIlzbu-Z8kx2_BXMK0bzcDWQbXfxLJ1FBc0eyA38044cWm4pxmw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9711
Expires: Fri, 03 Feb 2023 06:58:36 GMT
Date: Fri, 03 Feb 2023 04:16:45 GMT
Connection: keep-alive
tsapphires.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://ww7.0123movie.net
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tsapphires.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.0123movie.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://ww7.0123movie.net
Content-Length: 349
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tsapphires.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.0123movie.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://ww7.0123movie.net
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:16:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:16:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:16:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:16:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:16:46 GMT
Connection: keep-alive
tsapphires.buzz/eUJ1am8iYE1ZWEh7QUhDW2BZSFgaIEAJDB90WF8JTXFYXgpKdFhSWxp1WFkJGCFAWgxMchNcDVtuV11bTXZDU11KbxddXxpvQVhYQW8UXltJb01cXkx1EFhYSXNFW01VYAYdTVVgARkOCTIdAx0cMVsIGgM4V0ZNSHJbX01VJBQGHBxuEwsDCidZDA4VMRA3
54.162.51.18200 OK 20 kB URL HTTP/2 tsapphires.buzz/eUJ1am8iYE1ZWEh7QUhDW2BZSFgaIEAJDB90WF8JTXFYXgpKdFhSWxp1WFkJGCFAWgxMchNcDVtuV11bTXZDU11KbxddXxpvQVhYQW8UXltJb01cXkx1EFhYSXNFW01VYAYdTVVgARkOCTIdAx0cMVsIGgM4V0ZNSHJbX01VJBQGHBxuEwsDCidZDA4VMRA3
IP 54.162.51.18:0
Hash 2a91656094e08d1ce15822284292bee7
4ed8144fbb7bbd5ea9b01333f0d294f99dd1af5b
e1afa84cbe0eed292efd872434a12a47467835953180034dfb0b731b3b037e05
GET /eUJ1am8iYE1ZWEh7QUhDW2BZSFgaIEAJDB90WF8JTXFYXgpKdFhSWxp1WFkJGCFAWgxMchNcDVtuV11bTXZDU11KbxddXxpvQVhYQW8UXltJb01cXkx1EFhYSXNFW01VYAYdTVVgARkOCTIdAx0cMVsIGgM4V0ZNSHJbX01VJBQGHBxuEwsDCidZDA4VMRA3 HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 41de356e6ddeadbe6fc762f4435f7cc4=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-Uu488ZUl9WTyh7c2utM5fYpRI5I"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XNO6ArxsjiZTxcoSn1Fmhso5bpWNIvzT9nplF6UGTiHVxXlJiv7bJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:58:40 GMT
age: 22686
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1d6fa4715c4e78250b2f72ddd2706f1
be04ac3a50aa6f1b349a2410ad386d92de3222be
d1c3c1b7016428bf2a085b71ca0d1e215a64b3d31ff15b0ef8bf5a78f11d9ae5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8543
x-amzn-requestid: 3dc0960e-97db-42c8-99ac-623a44e8bb3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv0wGJhIAMFaTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ceb-5ad3ef033a62559762db42b9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EKWOeGruQEm9HuSlJMiEEw_gN1p37qTTIhYqaiQ6bFaCF65kUfmMtA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:20 GMT
age: 22766
etag: "be04ac3a50aa6f1b349a2410ad386d92de3222be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/takedown-transparency-20358.webp
172.64.108.33200 OK 16 kB URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/takedown-transparency-20358.webp
IP 172.64.108.33:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2503a683cdb6bbc21cf4241ecbc4c51
caf40f77965747d91377984f306aaf9987e72ff2
7c6700c4be62a0fb9e3b07e830fa6dc3d0120e8c7bc9b8fe6857cfdd4a9502a9
GET /t-max/w_160/h_240/takedown-transparency-20358.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cvot0XjHBfCQllqezCWRkCyczczpe5l3f3WdXZOGI74iv5wS9dulFNUZ%2BDgXonqBw8fgDiN1G2r9F4EKbzR6rCPEul4En8P%2BBwwbHAghyoEbX5%2FWqJ9w3pp3irfrlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58892e8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 56 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 1879d0f6ae56663c3600324e5c52e541
c623343784c54436beee6c1009d64147aa637909
6e1b5967d422ef5a328048b749e7530272a76b792882a06f7105c672e20c730c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 23325
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:08:32 GMT
age: 4094
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/avenged-1922.webp
172.64.108.33200 OK 0 B URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/avenged-1922.webp
IP 172.64.108.33:0
GET /t-max/w_160/h_240/avenged-1922.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe%2Bzk%2BSO%2B37lie3YOiCuWx2g%2BAnu3TiEnTkBhGOIK7Pmqs2H3c75%2BsgDBV8Oai3jfTGVeReTTL2nD%2FSPcRoj6cYkd3aEC7TS5Jx7ol2qvYfQmDiIM16phZiQTKAfcuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58892a8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/ransom-season-2-24395.webp
172.64.108.33200 OK 0 B URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/ransom-season-2-24395.webp
IP 172.64.108.33:0
GET /t-max/w_160/h_240/ransom-season-2-24395.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Sat, 03 Feb 2024 04:16:44 GMT
cache-control: max-age=31536000, public
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 04:16:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwRP%2FNNcChcSSmDsaBH30ujNixwv7x3tK3v%2BFV1Nf9lsae18u%2FIN42Z8CiftK%2FXE8HgQBnESn5ABBnVFYn%2FKzRsAculZ2WzWIQMf6nmSPormO%2FVJek73Md87KOJ08Dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58a94d8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsapphires.buzz/cFYwbzULdEMYagUkXE0PUj5EG0UDbB9AQgdhHl8EQmVdAEMZMx4BUAR5QxgbGiUSQxcDO1ZND0F6EhxYBnQKTQFeZRJDFwQ3VzBcFHQKTQ1DYQFWAVJ6EhxAEglZCwdSbBJYVhJjUwxTRnsFCQFDewQKBkZ7CFtWR3sDCVQTYwAMAEAwBg0XDQ
54.162.51.18502 Bad Gateway 0 B URL HTTP/2 tsapphires.buzz/cFYwbzULdEMYagUkXE0PUj5EG0UDbB9AQgdhHl8EQmVdAEMZMx4BUAR5QxgbGiUSQxcDO1ZND0F6EhxYBnQKTQFeZRJDFwQ3VzBcFHQKTQ1DYQFWAVJ6EhxAEglZCwdSbBJYVhJjUwxTRnsFCQFDewQKBkZ7CFtWR3sDCVQTYwAMAEAwBg0XDQ
IP 54.162.51.18:0
GET /cFYwbzULdEMYagUkXE0PUj5EG0UDbB9AQgdhHl8EQmVdAEMZMx4BUAR5QxgbGiUSQxcDO1ZND0F6EhxYBnQKTQFeZRJDFwQ3VzBcFHQKTQ1DYQFWAVJ6EhxAEglZCwdSbBJYVhJjUwxTRnsFCQFDewQKBkZ7CFtWR3sDCVQTYwAMAEAwBg0XDQ HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 6ea6a2037f18b622cf03d42cc25f11a8=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
ww4.0123movie.net/movie/avenged-1922.html
104.31.16.126301 Moved Permanently 0 B URL HTTP/2 ww4.0123movie.net/movie/avenged-1922.html
IP 104.31.16.126:0
GET /movie/avenged-1922.html HTTP/1.1
Host: ww4.0123movie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 04:16:44 GMT
content-type: text/html
location: https://ww7.0123movie.net/movie/avenged-1922.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ayhu9keuPdDX3iswecCUf%2BdMFq1levtwenMhl5eDu%2B52xOJEPWfeFyNWSeQBmUYu%2BnWrnUSkHOuEQBTjkR56EhHDXxL%2FCIx4kSx4HM4NJXLxAZxwszhP5YTa8os%2F3bYG%2Ffatw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79385a55b8fa1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/ransom-season-3-28019.webp
172.64.108.33200 OK 0 B URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/ransom-season-3-28019.webp
IP 172.64.108.33:0
GET /t-max/w_160/h_240/ransom-season-3-28019.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Thu, 01 Feb 2024 17:54:24 GMT
cache-control: max-age=31536000, public
cf-cache-status: HIT
age: 123740
last-modified: Wed, 01 Feb 2023 17:54:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSDzwRsY9lYA9pZigDnxcdNwLWPfQ1ggJDCP3EWoa32O17ylQNHxBDmm6oTXNpZ%2BEEd2seVtXHe7eHmVP7mMd2i902OC%2Bb7WxOpaXestYQSjuAIzqqsgQg1D%2Fk%2FEd2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58993c8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.0123movie.net/
Origin: https://ww7.0123movie.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:45 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://ww7.0123movie.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3080
last-modified: Fri, 03 Feb 2023 03:25:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoWnMeJ2X0LOZiNr%2FVHMor9102Pd%2B4I%2Bkk2gdk4tVLZ9pL%2FPRJ4aA%2FEjpAqNlMBkKeO0plx%2FdFcji2bhe3VBagyOLIfTLJd477z0Mpf9v4MrziKSvukM%2F%2Bl9aNJGVc2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a5c2d9388b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.vxdn.net/t-max/w_160/h_240/broken-darkness-25698.webp
172.64.108.33200 OK 0 B URL HTTP/2 img.vxdn.net/t-max/w_160/h_240/broken-darkness-25698.webp
IP 172.64.108.33:0
GET /t-max/w_160/h_240/broken-darkness-25698.webp HTTP/1.1
Host: img.vxdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww7.0123movie.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:16:44 GMT
expires: Fri, 02 Feb 2024 02:37:11 GMT
cache-control: max-age=31536000, public
cf-cache-status: HIT
age: 92373
last-modified: Thu, 02 Feb 2023 02:37:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8tF8OT4FC5U%2FLSvWtUPcneBtKbUsD2NR2vwm4Wy20BHYA5XRmEiPMMauO%2BKjCoCRYezahowtP1YMo9Hetp3bhLkQ4QqK3mOIK8AOXGpvGVRang9MKZdP3v9u4ZRbho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79385a58b9558880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2