gaxed.com/movie/hotel-transylvania-transformania-76336
172.67.151.112301 Moved Permanently 0 B URL HTTP/1.1 gaxed.com/movie/hotel-transylvania-transformania-76336
IP 172.67.151.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /movie/hotel-transylvania-transformania-76336 HTTP/1.1
Host: gaxed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 23:54:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 00:54:23 GMT
Location: https://gaxed.com/movie/hotel-transylvania-transformania-76336
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3l4j%2BRStWAcuiOA8OPx9TOAHMP54h4EtNP6UzAFNygDi8pDpcUcl%2BCnqJ%2FtZ1NBw1NaLlHuyKf3FJavlmT%2B%2F7pfnHL%2Bu6xiMtx5Rn%2FAIye0Zb9z77m0V%2BW%2FnjzU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77068c86da21b529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17327
Expires: Sun, 27 Nov 2022 04:43:10 GMT
Date: Sat, 26 Nov 2022 23:54:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=130727
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:23 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:13:10 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20120
Expires: Sun, 27 Nov 2022 05:29:43 GMT
Date: Sat, 26 Nov 2022 23:54:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 23:19:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2106
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j/KLwwZ7iGojusnjPGIp9n0LwBxlDhP7Y/mczAbYL1EUxsOpIYiAMxswcYAJk/8qe8SqFNhnOdE=
x-amz-request-id: D3WFDH5GM43K6RJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:41:24 GMT
age: 779
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:54:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 13acacc4ece4aed134a483196b81b51a
e5f212c16df246667b769154d6b552a6c453b790
35ae724dd598a31ca80a34c7c1c32d992bbcf5d740f46978d0b104a632c75ce6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148695
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:23 GMT
Etag: "63824906-118"
Expires: Mon, 28 Nov 2022 17:12:38 GMT
Last-Modified: Sat, 26 Nov 2022 17:12:38 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 13acacc4ece4aed134a483196b81b51a
e5f212c16df246667b769154d6b552a6c453b790
35ae724dd598a31ca80a34c7c1c32d992bbcf5d740f46978d0b104a632c75ce6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=148695
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:23 GMT
Etag: "63824906-118"
Expires: Mon, 28 Nov 2022 17:12:38 GMT
Last-Modified: Sat, 26 Nov 2022 17:12:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6e423d0d3db3e21a2d306d1035330185
730e2858fb0dcbf5a2be3773a9e7eee9116a9ec0
c8c4cca5944034b747ae6a1511d105d34f60e40c57e1d2d5902d6c121de6c3d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63821516-116"
Last-Modified: Sat, 26 Nov 2022 23:21:09 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 11 kB IP 93.184.220.29:0
Hash adf0beeca6c504e5971c4dcbc0d9d236
a8ae4a16302ae2a57b40f34a10b7a8e103c05406
f98d96bfa0b962ba1a1b00d54bc0eb7d03680f2a9763f68d50ad895ea7a3bd42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5777
Cache-Control: max-age=117789
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "6381b9bc-117"
Expires: Mon, 28 Nov 2022 08:37:33 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:16 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=166760
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:13:44 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=166760
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:13:44 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5310
Cache-Control: max-age=165553
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:53:37 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 10 kB IP 93.184.220.29:0
Hash 967d5b9cb40172383acfcf0a949ab153
bd1f3145003a5bd798f0d908f74246f7be8b4bf9
ec05376cd1e31463632e01616003925a9e23312c331569c18d875f2eb716906c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3537
Cache-Control: max-age=163780
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:24:04 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
104.17.25.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32074)
Hash 8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14947313
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3qAfKOAXt4z%2FslstysvKiqcBRgKYRRXezJcMj5p8IQWbutvQdKGgcLhc5gxeg5%2FTLT3CpXR1IWsIvTn6jKNiUer9%2FliAXyTdrO2yCckln8hPJ8EHRJ5k1aokiiYZNbcCegTpDRi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e0b3db4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/qtip2/3.0.3/jquery.qtip.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/qtip2/3.0.3/jquery.qtip.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32049)
Hash aef66d03a7ddf1f78768d8fccf338b19
a37110df885a827292b9a30725bc6c08bd148888
bf2da4ac3864c7546b1cad6281393e30cd835bd75f4499272c049828ca2bea43
GET /ajax/libs/qtip2/3.0.3/jquery.qtip.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 14532
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fad-ad0f"
last-modified: Mon, 04 May 2020 16:15:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 353707
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfYxBeYyWYmngfSZX7hCOKHuB0llUXgR0409QcJPNnHaqp%2FCL%2BOocm8FGdEWUK2ONvNrUGC8xN%2FRHX%2F4d%2B9MSQKw7SDXt45sRp5FoKr2pMCDH6O8hK5NxS7mT0QyXI9BoiJZYkat"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e1b4cb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 239071
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=295U8cbR33JFcLK7y1%2BZUrwW3yETd%2FkzasNZIyNIeeUAjl3BKcMLIYFoebzGeOGebwhE4sLgdGt0YWpN4h2784Wl%2Bi7%2FFfJVA095uTEPSDPuW57AGmTwa0NntI9vfhcdQCrd76P%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e1b4db4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6517
Cache-Control: max-age=166760
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:13:44 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/qtip2/3.0.3/jquery.qtip.min.css
104.17.25.14200 OK 1.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/qtip2/3.0.3/jquery.qtip.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (8982), with no line terminators
Hash 120f6f316e1df65269caac36a70b153a
a7466a5e3ebb6cd76fb2ef8f70bcc016709ce360
973eae57a49e0115792281ff9b9103c66c047501855d792c7dcfb7c32a1119c7
GET /ajax/libs/qtip2/3.0.3/jquery.qtip.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: text/css; charset=utf-8
content-length: 1821
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fad-2316"
last-modified: Mon, 04 May 2020 16:15:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 251102
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYuY5Wbxb3GOWaAbT7mg3Um5pp7a9juPkBu3RV82fv1ylN02wISTjfreZychS7DG3qqpwqmEcQBMDZ4auEil%2Bf0n%2BaukQGWb3C%2BJ2w0fgK4Ise6qVWMUhsTime6XO2Dr0%2FB3OgGQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e7be1b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-cookie@beta/dist/js.cookie.min.js
151.101.85.229200 OK 728 B URL HTTP/2 cdn.jsdelivr.net/npm/js-cookie@beta/dist/js.cookie.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (1464)
Hash 10e1d412a891140480ee59c17ec11661
5a5b3bb74ea7526a8fa4aa517313368eb1e45c0a
99297119d3c367af9e3a9ceb86ecc93db66993912ef0c4f8fa4154394c29744d
GET /npm/js-cookie@beta/dist/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.0.0-beta.4
x-jsd-version-type: version
etag: W/"5de-umxYiZHe1aDZ+J/AVp+cMSpsIxY"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 23:54:24 GMT
age: 42169
x-served-by: cache-fra-eddf8230032-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 728
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (57791)
Hash f7ec1f608a6644d182a2aef3308d3fc1
504609ff13eb3af8a2364b6753f73bc3ad3b4e1b
398376b9590200f385c71475b834492c281ce9cd34bc137a57f087e7a65bd7fb
GET /ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 13537
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-e2d8"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20400861
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgOCDG18NMYPJriaLP9p8Msu8wNdu%2Fk1TLj73WtDVfiRbWpRUwz8yvu89mfUrcT5tMSe7%2BHeWn%2BoPFt0Gat1OlZ6re1z%2Bxnr0UX4nC12wALjn7Ka0lf3XAeAGkAi7VpDPBpX1amU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e7c7db521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.1/lazysizes.min.js
104.17.25.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.1/lazysizes.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (7031)
Hash 379c5aa33e89ac9f77eb76b172a90412
cf0ec5f99553b412715a023f8f645eb8366cc254
a859d73a0cab8a91abb9abcb384c6e495dee74176769927affef9a1d53a295b0
GET /ajax/libs/lazysizes/5.1.1/lazysizes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 2950
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed0-1b91"
last-modified: Mon, 04 May 2020 16:12:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3307264
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3XT2Dyh61%2BC1Heb6HrCq67JIY1vR%2BtCwFASO0ebGnmX%2FIPyEcNsEefBC1Sz7af%2BSnujshjAhu4FmVgqov0Ydf0SN0XCddg6ILHW7MtNG3UH4zOIxJ6RSxruz5qpwzHJQozMwQ2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8e7c7eb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4772
Cache-Control: max-age=124319
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:26:23 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d8726abc129a171336f2dd77bd5a744
70e44f661b5e92374fa76db71d09c0ce504ade53
58e8477c9460c09b96bd6ef1c62776cb8f14e26385a67fcb585234e5195cbc5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6116
Cache-Control: max-age=136468
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63820160-118"
Expires: Mon, 28 Nov 2022 13:48:52 GMT
Last-Modified: Sat, 26 Nov 2022 12:06:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 4.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
Hash 5d29a5ab91e1a2ac970df96745d041dc
be9f752f746fe7c44e1cc814c406b53ebe3ef807
f3804e44916c26aef541b121a7ff3bbe94cd59825cac377dca021ce9617522e9
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 23:08:54 GMT
cache-control: public,max-age=3600
age: 2730
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js
104.17.25.14200 OK 6.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20989)
Hash 12823d3177e37701ecf67f10fe002251
d9a4c13eb4557008f46b063948f2997a55c498e8
a58e2e99f9569a968e240697a5ef755e73a677746f4fc5ba11cfea02260f13cd
GET /ajax/libs/popper.js/1.15.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 6680
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-52aa"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5170551
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shvuzOc%2FzbLrJ3bNuCz10xTrYqPtV8F%2FrLo6WBq2%2Fe9ikqruXKqtF3f%2B84mshwMY8ed4SyOnl3V4ji5NVabcWfOI3rPypNdMMjcA7re81%2BECB6Zb8FJUjjRKsRbJWlVuM60PVWU5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8eacd2b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
104.17.25.14200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14788526
expires: Thu, 16 Nov 2023 23:54:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijdAtgonVMB%2BDTHRMGFnfUxrh2d4p9TVoeh9oo2FnOIVdB4AUQOUAX7AZkXuXJGP3ASAyxIIJTaUReibzOh4jIY1aiEUP3bg4hjdUO%2BDQ4Sv43Jw5%2BBGzs%2FFqRrIiivOElTaWxYq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77068c8ebce2b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116388 bytes)
Hash fef08c9f8bacc1b0eed3950dbe7d0f87
e9a3b98cad1e2d58eab1e2cbaa51cb979dc45075
55b3d5b3acd46444cc1844a676c75ba25209ce371065791cd4fbdc9da60aea34
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116388
date: Sat, 26 Nov 2022 23:54:24 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5777
Cache-Control: max-age=117789
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "6381b9bc-117"
Expires: Mon, 28 Nov 2022 08:37:33 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:16 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5310
Cache-Control: max-age=165553
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:53:37 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6e423d0d3db3e21a2d306d1035330185
730e2858fb0dcbf5a2be3773a9e7eee9116a9ec0
c8c4cca5944034b747ae6a1511d105d34f60e40c57e1d2d5902d6c121de6c3d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Last-Modified: Sat, 26 Nov 2022 23:21:09 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js
151.101.85.229200 OK 828 B URL HTTP/2 cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (1649)
Hash dff4990c99380998d281b867fded327e
9cfce40f3a0c0b1a13ff68cb0eb45cf618ab9e6b
53bd06a588b483526252f983d1f79e06dfa4da66de4a033c161ae4a9f1352765
GET /npm/js-cookie@rc/dist/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.0.0-rc.4
x-jsd-version-type: version
etag: W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 23:54:24 GMT
age: 40957
x-served-by: cache-fra-eddf8230062-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 828
X-Firefox-Spdy: h2
img.2embed.to/xxrz/1200x600/100/1c/cc/1cccfdd8e2841743d46f05fcdb5fc729/1cccfdd8e2841743d46f05fcdb5fc729.jpg
104.21.72.64200 OK 264 kB URL HTTP/2 img.2embed.to/xxrz/1200x600/100/1c/cc/1cccfdd8e2841743d46f05fcdb5fc729/1cccfdd8e2841743d46f05fcdb5fc729.jpg
IP 104.21.72.64:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 1068x600, components 3\012- data
Size 264 kB (263711 bytes)
Hash febf7d22ec6d9fbc64a14d9ef8411a8f
dcea6d323643649e439d45e20237bc1d6b6b0bdb
8ff1222abd1cfbc0bb753100c577137a565fbc07691fd3a6b74e17d39a1ca9d4
GET /xxrz/1200x600/100/1c/cc/1cccfdd8e2841743d46f05fcdb5fc729/1cccfdd8e2841743d46f05fcdb5fc729.jpg HTTP/1.1
Host: img.2embed.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: image/jpeg
content-length: 263711
last-modified: Fri, 14 Jan 2022 03:00:03 GMT
vary: Accept-Encoding
etag: W/"61e0e733-1a0e0"
x-cache: HIT
expires: Sun, 11 Dec 2022 09:32:02 GMT
cache-control: public, max-age=1296000
pragma: public
cf-cache-status: HIT
age: 51742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbUj7SHgzRiQBjMKvIU4IQyyM2bzBpaleMxwNZoQGv3OV5jcvLSiF1AjF1Qu1lTl7PVfacp9%2BaOD1VjhbiexSJ70PJpB6x52YFSAsX%2BCKyyd8WZcyjjIct8aXLKqnrUe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77068c8fbf021c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SzwrYMoXRIIzyNnX/usB8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TFL15Ey7vWPtga+ORYmxMlGtkJ4=
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash abb2a2d66ba69a0f81fc23242e727f1b
4e79ed02d1650f8774e67a0899c21e475d90661b
9da9900fe2e5558f3e8e222c0b083355e59a67293ca80975d3df2b63f05b471e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:54:24 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EB093FEB67FC9886982DC1E7DB9B6BE615FFA3B1"
Expires: Sun, 27 Nov 2022 10:00:00 GMT
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2997
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77068c904befb52d-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500,700
142.250.74.10200 OK 968 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP 142.250.74.10:0
Hash b7fcb154e6c546e95a06fad5cc5f8764
bb5828e75e892c4377171ad3e4cac2ff86a6334c
02b7aec21a97226879d034212de3d1c35e7964f639e2bbd0d1cb82bd93bf6b88
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:54:24 GMT
date: Sat, 26 Nov 2022 23:54:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bccfbbaeb385fccdfa66e323e6f7d3c1
e236b7277e0a979b5b04e82a4cd1c335de6fb95b
51fc5bc045b21f99225e97f4b2c5c784d831f6b420d2f8c07cf5c059158982db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51FC5BC045B21F99225E97F4B2C5C784D831F6B420D2F8C07CF5C059158982DB"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=116
Expires: Sat, 26 Nov 2022 23:56:20 GMT
Date: Sat, 26 Nov 2022 23:54:24 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-8ST3M82VHM
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-8ST3M82VHM
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 18b498b34076112616697b3f2e2d5520
ffa9ad71c14e7bb1f308f23be892747aa1c84a4f
9c0f15f037c9013ed0e394a32df8732df0f2eabf1425e76f6796bb35307c8220
GET /gtag/js?id=G-8ST3M82VHM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 23:54:24 GMT
expires: Sat, 26 Nov 2022 23:54:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lf2aYsgAAAAAFvU3-ybajmezOYy87U4fcEpWS4C
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lf2aYsgAAAAAFvU3-ybajmezOYy87U4fcEpWS4C
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 323c112e55f5c34878e0d482bc2937f1
e0c59c2df1e38cc9b6c63838394381db65d2733d
875711e8ef33f35ae15473270345686bd0d860b994533aa5333325860e55aa37
GET /recaptcha/api.js?render=6Lf2aYsgAAAAAFvU3-ybajmezOYy87U4fcEpWS4C HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 23:54:24 GMT
date: Sat, 26 Nov 2022 23:54:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
IP 142.250.74.10:0
Hash 3350fc8349ce3b56eb6df1bac493009e
713db777894136f1476b9668a18670ebcea92d6b
d62c77e607f13f185985dbfa1a7351531ff61e716584692a0fb77afe281aedc0
GET /css2?family=Montserrat:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:54:24 GMT
date: Sat, 26 Nov 2022 23:54:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 277235
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 274803
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 294412
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=59314
date: Sat, 26 Nov 2022 23:54:25 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-6063241b05554ae4/_ate.track.config_resp
23.38.200.123200 OK 523 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-6063241b05554ae4/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (1481), with no line terminators
Hash 85336ec8f23ea4b65ec34088bc6eb756
14055219c2eb287046f8a984fbde32f8086480ae
ff207e985d03570999b71aa5e4b648d934b6138d596fde0393cec2f1b8c7e213
GET /live/boost/ra-6063241b05554ae4/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 523
etag: 1763707788--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=6, s-maxage=86400
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=6382a7301a21218c&bkl=0&bl=1&pdt=862&sid=6382a7301a21218c&pub=ra-6063241b05554ae4&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=gaxed.com&fp=movie%2Fhotel-transylvania-transformania-76336&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20123movies%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20putlockers%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20full%20movie&colc=1669506865160&jsl=1&uvs=6382a7303a7ff429000&skipb=1&callback=addthis.cbs.jsonp__51701850840670770
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6382a7301a21218c&bkl=0&bl=1&pdt=862&sid=6382a7301a21218c&pub=ra-6063241b05554ae4&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=gaxed.com&fp=movie%2Fhotel-transylvania-transformania-76336&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20123movies%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20putlockers%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20full%20movie&colc=1669506865160&jsl=1&uvs=6382a7303a7ff429000&skipb=1&callback=addthis.cbs.jsonp__51701850840670770
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 2e252a55e880521e09dd0c9472f7efd0
fbea77a4122e904b1e4fca0bce9f64cc4cd14446
11fc2e9858c14cefe9bb0e1d8d6a84b0b057b2a7f839bd37808808befe29c437
GET /live/red_lojson/300lo.json?si=6382a7301a21218c&bkl=0&bl=1&pdt=862&sid=6382a7301a21218c&pub=ra-6063241b05554ae4&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=gaxed.com&fp=movie%2Fhotel-transylvania-transformania-76336&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20123movies%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20online%20free%20putlockers%2Cwatch%20Hotel%20Transylvania%3A%20Transformania%20full%20movie&colc=1669506865160&jsl=1&uvs=6382a7303a7ff429000&skipb=1&callback=addthis.cbs.jsonp__51701850840670770 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 26 Nov 2022 23:54:25 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 176c5bdeeb799ec212e8b21126aa58d5
02c76719828821643ec84cfe61ecb4499838021c
eaa1c4ffce046f2951b93258d2c8c396da596a86c40cb3954ea8ceb4b13aa842
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:54:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:30:36 GMT
Expires: Wed, 30 Nov 2022 16:30:35 GMT
Etag: "02c76719828821643ec84cfe61ecb4499838021c"
Cache-Control: max-age=318369,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77068c949800b4f3-OSL
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-5dfcff342ed3295a/_ate.track.config_resp
23.38.200.123200 OK 21 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-5dfcff342ed3295a/_ate.track.config_resp
IP 23.38.200.123:0
Hash 5c289417e8ef255a6c435853eda61a97
1cb45011b9728a2ae606306713538f301f564560
e0063768384170c104c6e163864a98fe7f879d87fd693e6d485aac7296c02054
GET /live/boost/ra-5dfcff342ed3295a/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 536
etag: 1445230834--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=47, s-maxage=86400
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.3.1/css/all.css
172.64.133.15200 OK 11 kB URL HTTP/2 use.fontawesome.com/releases/v5.3.1/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (48464)
Hash 5c0f7fce0b8dc54b8b2f622759ba1a1b
96d26f61c30f6ef1e6a19572f2fa4b8d1311ef12
38090b7e6e5faf8aacb08e8db6f18c13bd29e0f0db5e60f0c397416036a987ab
GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: text/css
x-amz-id-2: g9cG5D2U2jvw5lhw2MSpJuLgRePsXLFGDaNCXHkAoQlc+eEhmJzZq9PHMbWjBR9EVBGHW1pAgGs=
x-amz-request-id: F0PKAQSVAWNYEX9N
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"10519cfd3206802f58315b877a9beab5"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AzCV%2BazUMuGiHsw9B4IKJ9BEqQWFEwIpoYnU7t0qCNXBRftbdnuAPOE9voVXENKO0hQy6OSuXk5lcwBryCRfQ%2FVr4zJuOq4VOThmi905%2BUFkdjPv5g3vxJ8nTiVDrYnDEQc%2FiZ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77068c8f7d1671ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=c1f8bc352ffd41efa6b4566caee3b036
139.45.195.8200 OK 179 B URL HTTP/2 my.rtmark.net/gid.js?userId=c1f8bc352ffd41efa6b4566caee3b036
IP 139.45.195.8:0
Hash f07ee9f1700456c24887bec6263f8d4b
09a8096fb1912f029f031aa8040ff0a92b751e0c
1a415b4cf948de117f99a8e1fe9dd1cc8a4c4ff7284fcf06a5a29fa13f7f7c49
GET /gid.js?userId=c1f8bc352ffd41efa6b4566caee3b036 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.2embed.to
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:54:25 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.2embed.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c1f8bc352ffd41efa6b4566caee3b036; expires=Sun, 26 Nov 2023 23:54:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=6382a7315f974949&bkl=0&bl=1&pdt=528&sid=6382a7315f974949&pub=ra-5dfcff342ed3295a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.2embed.to&dr=gaxed.com&fp=embed%2Ftmdb%2Fmovie%3Fid%3D585083&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1669506865365&jsl=1&skipb=1&callback=addthis.cbs.jsonp__450859547411270430
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6382a7315f974949&bkl=0&bl=1&pdt=528&sid=6382a7315f974949&pub=ra-5dfcff342ed3295a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.2embed.to&dr=gaxed.com&fp=embed%2Ftmdb%2Fmovie%3Fid%3D585083&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1669506865365&jsl=1&skipb=1&callback=addthis.cbs.jsonp__450859547411270430
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 7fadf9699de887f7d51142df3778727a
ccedb45cd5bbfb0272ca2f5ea25903e30947bda4
794030a95d35c55b9b262dcf98370af605798826fd3e0bb0ded48bf820754013
GET /live/red_lojson/300lo.json?si=6382a7315f974949&bkl=0&bl=1&pdt=528&sid=6382a7315f974949&pub=ra-5dfcff342ed3295a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.2embed.to&dr=gaxed.com&fp=embed%2Ftmdb%2Fmovie%3Fid%3D585083&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1669506865365&jsl=1&skipb=1&callback=addthis.cbs.jsonp__450859547411270430 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 26 Nov 2022 23:54:25 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c1110d51de4424a45f2b55d25cce77aa
6c65ff3af4d33ba452c703a5e0649ada35f3c4ab
68d44af5dca12d99ea7a2d7ed2877375db59cdd8286fa12d50fcb574fbade9e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:25 GMT
Etag: "6381cbec-118"
Server: ECS (amb/6B85)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c1110d51de4424a45f2b55d25cce77aa
6c65ff3af4d33ba452c703a5e0649ada35f3c4ab
68d44af5dca12d99ea7a2d7ed2877375db59cdd8286fa12d50fcb574fbade9e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:54:25 GMT
Last-Modified: Sat, 26 Nov 2022 22:39:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Sat, 26 Nov 2022 23:54:25 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10546
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:54:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10546
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:54:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10546
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:54:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10546
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:54:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 7369
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7Hy7zEJmW8khrRb_uNcDa3UATX8DaKsdis-wUJAXfOZN4BM-0JtvQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:46:48 GMT
age: 79658
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D24B6xoLZ2nu1NdlMU5TgJSc-DfzD6vrMzgU3s6tAiAsUuzBb_t89Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:23:04 GMT
age: 55882
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 13 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 7c4a7c3525b8b991088a5a4eec65160b
8db1784155085620938163d82aa93747d57ef93c
152bff106857adff6af1cf3fcb15d69ceb1978dce0736e141c0bea9152a4bcab
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:25 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5925
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSbtAyUAJ99IW9fALJ7JsXP4kjkjNLKNZ8O1IOzA1Jrv2tkQiWsj39zUFq%2FECDkzxAW9aBJ8AFynldj27N1EXK2yIHMPoSAq9eh3cndemMXPLg9FHIujWka8LtrL0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77068c977dc1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://gaxed.com/movie/hotel-transylvania-transformania-76336
last-modified: Sat, 26 Nov 2022 23:00:00 GMT
access-control-allow-origin: https://gaxed.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 26 Nov 2022 23:54:26 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 7365
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: agN3iI99V_lKDGyKTEkZg_jgR8P6nrI53d-fXsHGHkQP55suaCC2xA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:30:06 GMT
age: 66260
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=_ate.cbs.rcb_1uoc0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=_ate.cbs.rcb_1uoc0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash cab6f3fb81dbd85e508262c54b4f2fab
5b879e09bb2bf07a261ddfa9e19976395c2adbb5
2f87221a5766e8ea310c2ce526cf3af86758b01e00e4833ee368128e2b84b8bd
GET /url/shares.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=_ate.cbs.rcb_1uoc0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: gaxed.com/movie/hotel-transylvania-transformania-76336
last-modified: Sat, 26 Nov 2022 23:54:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sat, 26 Nov 2022 23:54:26 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=12657228&u1=C24CA005074F4F00FC5B8E7604B13EC7&java=1&security=aaeb670e&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//gaxed.com/movie/hotel-transylvania-transformania-76336&t=Watch%20Hotel%20Transylvania%3A%20Transformania%20Online%20Free%20full%20HD%20movie%20-%20Gaxed&invisible=1&sc_rum_e_s=2635&sc_rum_e_e=2640&sc_rum_f_s=0&sc_rum_f_e=2528&get_config=true
104.20.228.67200 OK 203 B URL HTTP/2 c.statcounter.com/t.php?sc_project=12657228&u1=C24CA005074F4F00FC5B8E7604B13EC7&java=1&security=aaeb670e&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//gaxed.com/movie/hotel-transylvania-transformania-76336&t=Watch%20Hotel%20Transylvania%3A%20Transformania%20Online%20Free%20full%20HD%20movie%20-%20Gaxed&invisible=1&sc_rum_e_s=2635&sc_rum_e_e=2640&sc_rum_f_s=0&sc_rum_f_e=2528&get_config=true
IP 104.20.228.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 47133adc3ea6f073926474b3c453ea76
c5bdb21ea9e3c228ffc21d5cb8de11f15db5f67b
2eb6232fa02e0f3e55adeccd6af186f3747571db85525639d50fb01ba6bc130f
GET /t.php?sc_project=12657228&u1=C24CA005074F4F00FC5B8E7604B13EC7&java=1&security=aaeb670e&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//gaxed.com/movie/hotel-transylvania-transformania-76336&t=Watch%20Hotel%20Transylvania%3A%20Transformania%20Online%20Free%20full%20HD%20movie%20-%20Gaxed&invisible=1&sc_rum_e_s=2635&sc_rum_e_e=2640&sc_rum_f_s=0&sc_rum_f_e=2528&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaxed.com
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:25 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc12657228.1669506865.0; SameSite=None; Secure; Expires=Thursday, 25-Nov-2027 18:54:25 EST; Path=/; Domain=.statcounter.com
is_visitor_unique=1669506865139372163; SameSite=None; Secure; Expires=Monday, 25-Nov-2024 18:54:25 EST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://gaxed.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77068c96eeadb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:54:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=480529,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77068c9a8cc3b4f3-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 929
Origin: https://www.2embed.to
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 26 Nov 2022 23:54:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.2embed.to
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
waufooke.com/?rb=X3kjsBOXpUYHNkH_Dm8rrkWqGv9cf7c_-kw2KsnvAwyoaIi0siJ2yiAS7pVAMsKxhSkzKiuedOTPlsdd0NWEOX9ltMRhczzSFs7-Cp9xYz92lhIxTw9uGUVrerrJ87ZSgmgJzil_lViT0b7mfREqTCa_Ue_2lIXF-YTl5bXfMeJM7MQoHdBoOVisqXWAF0ZKRqOO2P_gDKpvLm03r3QxUaCMLmMm3sWa1344Zz6oCDTJnNS0&request_ab2=96003&zoneid=4697299&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1170&wih=658&wiw=1170&wfc=3&pl=https%3A%2F%2Fwww.2embed.to%2Fembed%2Ftmdb%2Fmovie%3Fid%3D585083&drf=https%3A%2F%2Fgaxed.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=987e85eb-2f6f-41ac-b493-d2f90ec4fa92&userId=c1f8bc352ffd41efa6b4566caee3b036&m=link
139.45.197.238200 OK 88 kB URL HTTP/2 waufooke.com/?rb=X3kjsBOXpUYHNkH_Dm8rrkWqGv9cf7c_-kw2KsnvAwyoaIi0siJ2yiAS7pVAMsKxhSkzKiuedOTPlsdd0NWEOX9ltMRhczzSFs7-Cp9xYz92lhIxTw9uGUVrerrJ87ZSgmgJzil_lViT0b7mfREqTCa_Ue_2lIXF-YTl5bXfMeJM7MQoHdBoOVisqXWAF0ZKRqOO2P_gDKpvLm03r3QxUaCMLmMm3sWa1344Zz6oCDTJnNS0&request_ab2=96003&zoneid=4697299&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1170&wih=658&wiw=1170&wfc=3&pl=https%3A%2F%2Fwww.2embed.to%2Fembed%2Ftmdb%2Fmovie%3Fid%3D585083&drf=https%3A%2F%2Fgaxed.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=987e85eb-2f6f-41ac-b493-d2f90ec4fa92&userId=c1f8bc352ffd41efa6b4566caee3b036&m=link
IP 139.45.197.238:0
Hash 4a718680c394cb386f9531dc769115e7
8aede041509bfe4edd9e33fb35b2608af775e82b
b2b47c274f5db8d1ed73c30c1ea699b3eeb6a571e62693bda544e8cd77f6d12e
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=X3kjsBOXpUYHNkH_Dm8rrkWqGv9cf7c_-kw2KsnvAwyoaIi0siJ2yiAS7pVAMsKxhSkzKiuedOTPlsdd0NWEOX9ltMRhczzSFs7-Cp9xYz92lhIxTw9uGUVrerrJ87ZSgmgJzil_lViT0b7mfREqTCa_Ue_2lIXF-YTl5bXfMeJM7MQoHdBoOVisqXWAF0ZKRqOO2P_gDKpvLm03r3QxUaCMLmMm3sWa1344Zz6oCDTJnNS0&request_ab2=96003&zoneid=4697299&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1170&wih=658&wiw=1170&wfc=3&pl=https%3A%2F%2Fwww.2embed.to%2Fembed%2Ftmdb%2Fmovie%3Fid%3D585083&drf=https%3A%2F%2Fgaxed.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=987e85eb-2f6f-41ac-b493-d2f90ec4fa92&userId=c1f8bc352ffd41efa6b4566caee3b036&m=link HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2embed.to/
Origin: https://www.2embed.to
Connection: keep-alive
Cookie: OAID=c1f8bc352ffd41efa6b4566caee3b036; oaidts=1669506864
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:54:26 GMT
content-type: application/json
x-trace-id: cf040552ff1bc2249e5eaf5199ca655e
access-control-allow-origin: https://www.2embed.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c1f8bc352ffd41efa6b4566caee3b036; expires=Sun, 26 Nov 2023 23:54:26 GMT; path=/; secure; SameSite=None
oaidts=1669506866; expires=Sun, 26 Nov 2023 23:54:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 03 Dec 2022 23:54:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gaxed.com/movie/hotel-transylvania-transformania-76336
172.67.151.112200 OK 0 B URL HTTP/2 gaxed.com/movie/hotel-transylvania-transformania-76336
IP 172.67.151.112:0
GET /movie/hotel-transylvania-transformania-76336 HTTP/1.1
Host: gaxed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:23 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmnKFi1fQzuR5Kah23yj22mh4aVc8e0mMgefcV2l1hwuZkIA%2FjszmYDZx3F3d1gmxxvJ1Ask1cB9laJ5LhUDt3Tf1dUUsM7e%2B9bjYv1HvmgDPAcdttDlxgLkfTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77068c8a1bafb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.2embed.to/css/embed.min.css?v=0.1
104.21.72.64200 OK 0 B URL HTTP/2 www.2embed.to/css/embed.min.css?v=0.1
IP 104.21.72.64:0
GET /css/embed.min.css?v=0.1 HTTP/1.1
Host: www.2embed.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/embed/tmdb/movie?id=585083
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: text/css; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
last-modified: Sat, 19 Jun 2021 17:31:49 GMT
etag: W/"3427b-17a25542689"
vary: Accept-Encoding
cf-cache-status: HIT
age: 717246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqf5p8CuzQyi9f2h7dXF3Cf1AjJXhYOJCclvtoJ1BBK1qxQ2c%2F%2BQ%2BzDiFV3ibdaLyRwZmtT8W385RtoRoUnElYY4d3VWDfw1W%2F4VmTdvc1ncetPDjdSbV0WHKDhtXJUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77068c8f6ee41c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.2embed.to/js/player.min.js?v=4.0
104.21.72.64200 OK 0 B URL HTTP/2 www.2embed.to/js/player.min.js?v=4.0
IP 104.21.72.64:0
GET /js/player.min.js?v=4.0 HTTP/1.1
Host: www.2embed.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/embed/tmdb/movie?id=585083
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
last-modified: Fri, 14 Jan 2022 04:53:56 GMT
etag: W/"571cc-17e56ef63ec"
vary: Accept-Encoding
cf-cache-status: HIT
age: 717237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmW5ucDpJneuiS4vXNKdj2qfMsp61O3bBumFP2k7eSmY9yOCVVUdljXEuLbm5JknF5acp%2FZeFto362ENVM9nMS6XtMkSEj8TWhCkgJZhVUC78rkd%2FOZzb3gV%2Ft2YclMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77068c8fbf001c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.2embed.to
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 8901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.statcounter.com/counter/counter.js
104.20.228.67200 OK 0 B URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.228.67:0
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Nov 2022 14:36:48 GMT
etag: W/"6380d300-aa70"
expires: Sun, 27 Nov 2022 10:48:45 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 3939
server: cloudflare
cf-ray: 77068c95edc9b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 14947852
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77068c8dcde01c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.2embed.to/js/app.min.js
104.21.72.64200 OK 0 B URL HTTP/2 www.2embed.to/js/app.min.js
IP 104.21.72.64:0
GET /js/app.min.js HTTP/1.1
Host: www.2embed.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/embed/tmdb/movie?id=585083
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cache-control: public, max-age=2592000
last-modified: Fri, 14 Jan 2022 04:43:58 GMT
etag: W/"2932b-17e56e64497"
vary: Accept-Encoding
cf-cache-status: HIT
age: 717237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWEwq%2B6c2a255amfQ3TX12XKmEI%2Bds0N3axFtHtUrmTgoFb8QA%2B3sTjSFHRA2ZC2wEwqAikBgzimOSDHnuf0ZSC8yy1p8%2FVZt9gCQMwlOWynoN1xZJrlzfsElTx870MN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77068c8f8eea1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_fv2l0
151.101.84.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_fv2l0
IP 151.101.84.84:0
GET /v1/urls/count.json?url=https%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_fv2l0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 27 Nov 2022 00:09:26 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1203749678214680
date: Sat, 26 Nov 2022 23:54:26 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
waufooke.com/5/4697299
139.45.197.238200 OK 0 B IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4697299 HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2embed.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:54:24 GMT
content-type: application/javascript
x-trace-id: b10a1239368534c8fbdafe5a8fc7bd92
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c1f8bc352ffd41efa6b4566caee3b036; expires=Sun, 26 Nov 2023 23:54:24 GMT; path=/; secure; SameSite=None
oaidts=1669506864; expires=Sun, 26 Nov 2023 23:54:24 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_k6r60
151.101.84.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_k6r60
IP 151.101.84.84:0
GET /v1/urls/count.json?url=http%3A%2F%2Fgaxed.com%2Fmovie%2Fhotel-transylvania-transformania-76336&callback=window._ate.cbs.rcb_k6r60 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaxed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 27 Nov 2022 00:09:26 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 6937553119870430
date: Sat, 26 Nov 2022 23:54:26 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2