firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hO0dKUAzvZd2MrbgvFEJYm-cBy7ukstrzwYYp8gUnYnDQYVX9WDYpA==
Age: 216985
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Sat, 08 Oct 2022 04:41:25 GMT
Date: Sat, 08 Oct 2022 04:03:43 GMT
Connection: keep-alive
ultracine.online/alexandre/
301 Moved Permanently 162 B URL HTTP/1.1 ultracine.online/alexandre/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /alexandre/ HTTP/1.1
Host: ultracine.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 04:03:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ultracine.online/alexandre/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FLlu%2B9TPP6g4GAfsldWOwzzg6N3UiTrhv6UDHAn5TuiB2N5URsfQqIB68%2FZYjLhRUNN6DOyCm%2BY1W8fGh3Zz6WO1FFq0eYsnCOFN%2F7uNIdnw6stTvlxdWwB5Tb4pXcqgQW%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 756bfd0518b50b31-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16180
Expires: Sat, 08 Oct 2022 08:33:23 GMT
Date: Sat, 08 Oct 2022 04:03:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h27gmR4RfrzPmnZb8rVqhQGcs53TLfKv6RWTMY8BnBl1X/OmA+7/hkFEWwZ/osW+5kCqGdk2wrY=
x-amz-request-id: WB5S7JGHWJP16GAX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 03:59:26 GMT
age: 257
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash ba98e02496010e2052b43c03c21bef15
80f9620f26171e689f07c678064cdf0e62f70da6
9d19d590ac87e98153afb34584c0c2f035f62b2d0657f8ef5eb37c16221f3a89
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9D19D590AC87E98153AFB34584C0C2F035F62B2D0657F8EF5EB37C16221F3A89"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21500
Expires: Sat, 08 Oct 2022 10:02:04 GMT
Date: Sat, 08 Oct 2022 04:03:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 03:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 04:22:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zil4I_b0nLgG0KB7udWnc-GVKmDjnFvhrcngRp1kcbaENI56vx0UDw==
Age: 2043
ocsp.digicert.com/
200 OK 471 B IP
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:44 GMT
Last-Modified: Sat, 08 Oct 2022 03:09:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash ba98e02496010e2052b43c03c21bef15
80f9620f26171e689f07c678064cdf0e62f70da6
9d19d590ac87e98153afb34584c0c2f035f62b2d0657f8ef5eb37c16221f3a89
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9D19D590AC87E98153AFB34584C0C2F035F62B2D0657F8EF5EB37C16221F3A89"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21500
Expires: Sat, 08 Oct 2022 10:02:04 GMT
Date: Sat, 08 Oct 2022 04:03:44 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f1wUxBjlTTn5+TiNjbBuAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dvUG6see9hSOijOT9k297iS4lb0=
ocsp.pki.goog/gts1c3
200 OK 35 kB IP
Hash 0f2307d82755e63bdd63acfbb943f91e
42d9ee45c160b869f4fd78647cb7b1e9781c2190
e0bdfcd9fdc3226001948d19bee56472267daa95eb767d67bed150006d4088c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/lazyload@2.0.0-beta.2/lazyload.min.js
200 OK 896 B URL HTTP/2 cdn.jsdelivr.net/npm/lazyload@2.0.0-beta.2/lazyload.min.js
IP
File type ASCII text, with very long lines (1932)
Hash 7337b1082c3a644c615e34a49cb29bca
6f8d7d501aa14dedc1ad846655323ee794bbe37b
1f7ef30e51984123c72a1fae4775b60ca7cde0389d10d651b2c3d0ece688c56e
GET /npm/lazyload@2.0.0-beta.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.0-beta.2
x-jsd-version-type: version
etag: W/"7dc-ZYDS+h6t41BWJ8GTlxqTzMLliKY"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 08 Oct 2022 04:03:44 GMT
age: 362151
x-served-by: cache-fra19128-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 896
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 33 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash bbfb1be0f49612a19602336e34983c91
b8686446f5a567eb1fca8f3351dce74206b94b3e
9ebad765ae7e33f54308c97a5f1dd7d724cce4403224f04d5b95b36282ac0b65
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "70E370BB82BC8B6F9838FAFEDBFD09C98D732196"
Expires: Sat, 08 Oct 2022 14:00:00 GMT
Last-Modified: Sat, 08 Oct 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3566
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756bfd0d6c5cb506-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202240.js
200 OK 23 kB IP
File type ASCII text, with very long lines (2690)
Hash 9784fd61f9455bd0a18cec7276cf3c34
a5be02e3deeef605e479a9a0a2a581620ea98965
734b51eff2681784045620c304ad21fdb70e10c79b53079066916801d00ead3d
GET /e-202240.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 25 Sep 2023 06:12:14 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 203377
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Oct 2022 16:04:44 GMT
expires: Sat, 07 Oct 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 43141
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 166854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:11:04 GMT
expires: Tue, 03 Oct 2023 21:11:04 GMT
cache-control: public, max-age=31536000
age: 370361
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 203377
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Hash a0f235512a4dfc1533bb3099ca56810d
da5b731e7cbbd7a79579dfe7f426817f949cb819
c32ce23583f1e5a858a8065809b3deea39c82aaa6e0d3d9d80d5d7ac287adc11
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 203364
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=189079057&post=55786&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=0&rand=0.3437585506228812
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=189079057&post=55786&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=0&rand=0.3437585506228812
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.4&blog=189079057&post=55786&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=0&rand=0.3437585506228812 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 22:17:40 GMT
expires: Wed, 04 Oct 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 279965
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 222973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ultracine.online/alexandre/
200 OK 110 kB URL HTTP/2 ultracine.online/alexandre/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Size 110 kB (110080 bytes)
Hash 1f65d13967005b20b8233a5e3d84bc80
931b09e4a216eb029ca34e043f6daabacf70aca4
a2ce963bd95dc56e58f16e01065dd8ad2e03956f7aa65fcbb0c3ba90b4dc2daf
GET /alexandre/ HTTP/1.1
Host: ultracine.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://ultracine.online/xmlrpc.php
link: <https://ultracine.online/wp-json/>; rel="https://api.w.org/", <https://ultracine.online/wp-json/wp/v2/posts/55786>; rel="alternate"; type="application/json", <https://ultracine.online/?p=55786>; rel=shortlink
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCrYG1%2BVV3vV%2BY7aSXoLHMFehJYKIUyoIKMF2deZvL%2FY%2BJopsuOWxJ9YS1Xi4HFQudRRJ2q4%2Bq8blS%2BOlqE1krLYw6HQUNZzcWEYcokOlNwabVxYPYC18Wq1idT4JEAF9oxj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 756bfd084d35b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f937b10c994763b79be85f3e682168cb
4cbdb0c5f370f8b614e4146cbe6abdf89dedfb39
d91ebd3dc5e5ec6dedc2bd0be6555d4810580c0c8b7ab787713eab5afc88bc0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D91EBD3DC5E5EC6DEDC2BD0BE6555D4810580C0C8B7AB787713EAB5AFC88BC0B"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2661
Expires: Sat, 08 Oct 2022 04:48:06 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f937b10c994763b79be85f3e682168cb
4cbdb0c5f370f8b614e4146cbe6abdf89dedfb39
d91ebd3dc5e5ec6dedc2bd0be6555d4810580c0c8b7ab787713eab5afc88bc0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D91EBD3DC5E5EC6DEDC2BD0BE6555D4810580C0C8B7AB787713EAB5AFC88BC0B"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2661
Expires: Sat, 08 Oct 2022 04:48:06 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f937b10c994763b79be85f3e682168cb
4cbdb0c5f370f8b614e4146cbe6abdf89dedfb39
d91ebd3dc5e5ec6dedc2bd0be6555d4810580c0c8b7ab787713eab5afc88bc0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D91EBD3DC5E5EC6DEDC2BD0BE6555D4810580C0C8B7AB787713EAB5AFC88BC0B"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2661
Expires: Sat, 08 Oct 2022 04:48:06 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3dd052a9239a922169f662f24c988525
5e1aaf0db6c6da58bde568b61bc848919ab82124
938af5cdb3f37f4d4a2809972659a0a1d1c1a76b695931c486bce27ecdfd4537
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938AF5CDB3F37F4D4A2809972659A0A1D1C1A76B695931C486BCE27ECDFD4537"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Sat, 08 Oct 2022 10:03:29 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
image.tmdb.org/t/p/w1280/o5Uy3zM1SNxzoMwy5H04GQAmfNF.jpg
200 OK 42 kB URL HTTP/2 image.tmdb.org/t/p/w1280/o5Uy3zM1SNxzoMwy5H04GQAmfNF.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash ae964963634863a914eb732cb3f6ac74
7d93e5f10b0ed98bb7ef94c9cb2adecbd3563e20
0afe3c27c8b5c5c8dbcf26cdf1e3d3a1b7d2e780262aa902630fed783161914c
GET /t/p/w1280/o5Uy3zM1SNxzoMwy5H04GQAmfNF.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: image/jpeg
content-length: 42273
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62aba3d7-a521"
last-modified: Thu, 16 Jun 2022 21:42:47 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 363
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:12:21
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 925dbfe59393df340df3fbda58c51cc5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w1280/mKyGisiT2ZrfKC9Bb7yK9lO7T8q.jpg
200 OK 112 kB URL HTTP/2 image.tmdb.org/t/p/w1280/mKyGisiT2ZrfKC9Bb7yK9lO7T8q.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size 112 kB (111579 bytes)
Hash c0ef3da75e9390b4b61c0aa357337d0f
2e7a28fbb48133d42ed98f6ea1dea5d3394201c2
5a30fba48aabd3b71d9f38de888efa4c8641be1a9b3e22738b585c088d5386de
GET /t/p/w1280/mKyGisiT2ZrfKC9Bb7yK9lO7T8q.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: image/jpeg
content-length: 111579
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62c9fd6c-1b3db"
last-modified: Sat, 09 Jul 2022 22:13:00 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 404
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/23/2022 06:06:35
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: 7c3c93e67f91db640a77f98dda2637a0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300_and_h450_bestv2/7JTsbi6Tw9ieR4stSKNGXgwFJnN.jpg
200 OK 26 kB URL HTTP/2 image.tmdb.org/t/p/w300_and_h450_bestv2/7JTsbi6Tw9ieR4stSKNGXgwFJnN.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash c90f4291d3bd04b496bf0a5641277f42
8d53ac7d5e306544aba787c16b85557a8789c82c
d5d5395158c9a3d25cc0727385a3e260d7b49f7a6f3a10af25a812eaf28210ef
GET /t/p/w300_and_h450_bestv2/7JTsbi6Tw9ieR4stSKNGXgwFJnN.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: image/jpeg
content-length: 26199
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
accept-ranges: bytes
cache-control: public, max-age=31919000
etag: "62cdf9d6-6657"
last-modified: Tue, 12 Jul 2022 22:46:46 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/08/2022 04:03:45
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 9cfcd89ec9adf9f9bd3c8c5cb6711c03
cdn-cache: MISS
X-Firefox-Spdy: h2
fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
200 OK 2.5 kB URL HTTP/2 fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (745)
Hash 7ae6afaac58006b3d25e681fd0e2d6a6
e19638a0dbaa7df93f5c3cae188f3bfee9d3734c
bb7417a8bcd06e15cd175bf04fad461e44b8589725a1f69cd69dd4c7e743be7b
GET /filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=nkt2bfq198tlvdpa1m6utug9mf; path=/
popads=1; expires=Sat, 08-Oct-2022 04:05:45 GMT; Max-Age=120; path=/
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 2534
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arc.io/widget.min.js
200 OK 2.9 kB IP
File type ASCII text, with very long lines (7592), with no line terminators
Hash 47c38643f553c00e981c1698593769f0
c6135834bf0a03fc7423e0fd7f84c2e476cdef77
2cb4ea2ec606cf56802c26dd43d8d8f4a125088d017986bcca2813cf5595b5fc
GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2933
last-modified: Fri, 07 Oct 2022 20:41:03 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 08 Oct 2022 03:52:14 GMT
cache-control: public, max-age=3600, stale-while-revalidate=864000
etag: "63408edf-b75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _zuhAIIrI9LGu3-KbxngW8geQ30WnRQmhGtAA21Hb8HVDeFcwu0iLQ==
age: 743
X-Firefox-Spdy: h2
i.imgur.com/fCLaZFD.png
200 OK 878 B IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e32cd36af2d2a9c1d437254908cc967
8d4e4e37d9a753e5088fc177cff0efea1dfe1fe6
41bb74ee705dd7679fe8407e17c4ad8fac76ef629b232a2d26b94aca8c6a7bc3
GET /fCLaZFD.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 26 Sep 2021 02:04:42 GMT
etag: "2e32cd36af2d2a9c1d437254908cc967"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 08 Oct 2022 04:03:45 GMT
age: 2644320
x-served-by: cache-iad-kiad7000084-IAD, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 361, 1
x-timer: S1665201825.481404,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 878
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-0SEMV10735
200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0SEMV10735
IP
File type ASCII text, with very long lines (21373)
Hash f751300ddd20d11e74549cad01cd2863
a7f5a16f379ab56e17c04b0642315af252e40e98
b6dfdc140a05e1181e1da8b65c6f5e5e405556e70e1502faa302ac17b3b602c4
GET /gtag/js?id=G-0SEMV10735 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
expires: Sat, 08 Oct 2022 04:03:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fshd.link/css/player.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
200 OK 1.8 kB URL HTTP/2 fshd.link/css/player.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
IP
File type ASCII text, with CRLF line terminators
Hash 49e570a34e1b70bd8215d9d81c61504f
903c8a8f47bf35be146323f4c98cd2aecc42ba24
00e6ea5aea14c79a9c2bc52abfb69f296ce5a764f64ff8b91f8b4d6871cf2aff
GET /css/player.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 15 Oct 2022 04:03:45 GMT
etag: "23bd-62ef6610-b010a7;br"
last-modified: Sun, 07 Aug 2022 07:13:20 GMT
content-type: text/css
content-length: 1827
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fshd.link/css/lancaster_io.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
200 OK 201 B URL HTTP/2 fshd.link/css/lancaster_io.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
IP
File type ASCII text, with CRLF line terminators
Hash bde9d951c1847272de121c4c886869d2
217bddd75e52cc041e74a93e1c7f6ddfafa92073
3f69b56856b831acfe189fe654f4038dff381e85ff19e7e9a6d5fd60e2bf8ffe
GET /css/lancaster_io.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 15 Oct 2022 04:03:45 GMT
etag: "271-62ef660f-b010a9;br"
last-modified: Sun, 07 Aug 2022 07:13:19 GMT
content-type: text/css
content-length: 201
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700
200 OK 27 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700
IP
File type ASCII text, with very long lines (24064)
Hash 4d3cf2ef276c87d7f80c3bf748d8e323
35fcb19f37d969b00de3e3a32c62f7a18ca5f7a0
e4a3a954b0f4174613f45c22b9d484d147ac2a6ceffde536536a4f0f63242cec
GET /css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 08 Oct 2022 04:03:44 GMT
date: Sat, 08 Oct 2022 04:03:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fshd.link/css/remixicon.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
200 OK 13 kB URL HTTP/2 fshd.link/css/remixicon.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
IP
Hash cbc44ae2079ceac2db351393ade3605d
aeb58990cdaa5ff0182e7f1b7b1f242e448195f5
3a9390f87a8e336c2cdcda4e753a4ba622414d7844f62dc37d14c8a99d25bfc8
GET /css/remixicon.css?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 15 Oct 2022 04:03:45 GMT
etag: "1af8a-62ef6612-b010a6;br"
last-modified: Sun, 07 Aug 2022 07:13:22 GMT
content-type: text/css
content-length: 12947
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3dd052a9239a922169f662f24c988525
5e1aaf0db6c6da58bde568b61bc848919ab82124
938af5cdb3f37f4d4a2809972659a0a1d1c1a76b695931c486bce27ecdfd4537
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938AF5CDB3F37F4D4A2809972659A0A1D1C1A76B695931C486BCE27ECDFD4537"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Sat, 08 Oct 2022 10:03:29 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a49cc5a89b486035174fecf538ca6523
e775ba2bdc01803ca5834bbae6e59289fcee90a8
582fb4609d8a9fe8f26323f828df09a5ae5da8968758a850ea401e3dafad83ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582FB4609D8A9FE8F26323F828DF09A5AE5DA8968758A850EA401E3DAFAD83ED"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16315
Expires: Sat, 08 Oct 2022 08:35:40 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
fshd.link/js/jquery.min.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
200 OK 30 kB URL HTTP/2 fshd.link/js/jquery.min.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
IP
File type ASCII text, with very long lines (65451)
Hash 1114c2c5603cbab60fed87d89198d75a
19aebd714c367b5a41ad74f5d2a832f00dd2b307
4f8d0558da6026e52af5b306c323cd4f081badd1ec231a6ee0065c4afde08564
GET /js/jquery.min.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 15 Oct 2022 04:03:45 GMT
etag: "15d84-62ef6687-b01086;br"
last-modified: Sun, 07 Aug 2022 07:15:19 GMT
content-type: application/x-javascript
content-length: 30121
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fshd.link/js/rteam_native_notify.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
200 OK 482 B URL HTTP/2 fshd.link/js/rteam_native_notify.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7c1f216e1ebd60dac6ffdb41bc8580f4
d0cd89ffac73a7c0bd58fa9b7ba457dd8025bd84
0d70ea8842bd4a5e014c10269c8a92c5055bbbd6906272670785e0b12e597fea
GET /js/rteam_native_notify.js?v=1.0.0.0_developermode_eefbb5172ec47c8b20f7edd2d7c96970 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt0346491?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 15 Oct 2022 04:03:45 GMT
etag: "4ab-62ef668b-b0108c;br"
last-modified: Sun, 07 Aug 2022 07:15:23 GMT
content-type: application/x-javascript
content-length: 482
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 04:03:45 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 869ceef3d2f34f2378ca647c8226c765
a25daf3f92918707d9252a22947dad8ea3c45d07
aeaf1db6fbb371d1ca2c1e46f74ca834ea32e14987810181afc3d0245c430446
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 08 Oct 2022 04:03:45 GMT
server: ESF
cache-control: private
content-length: 30902
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
waust.at/d.js
200 OK 38 kB IP
File type ASCII text, with very long lines (14714), with no line terminators
Hash 1a4e969c672bc9f17b376419d85a7dee
7869ba34d63fa8c3f63c4567bef3b526c8d24900
77a1e1358e160c6c08efab69549db2edd078f8aebaa9f6e5a58b47f934fe46ab
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:33 GMT
etag: W/"630d0191-397a"
expires: Sun, 09 Oct 2022 03:51:55 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfTIue20N%2FHGtwBF8%2B5kUyd9n9anZLdxu8fCZhhxtrOP9OMFqEsWYrplDcAXlWXkWre2OUCCHIU2onVcRY05EEPSxXZycCPmz5IkxtX%2Bjj8HhizmQH2mfxUl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756bfd10f86bb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js
IP
File type ASCII text, with very long lines (36250)
Hash 853d44bb14963607c5a97d5cb86adfcf
7fd1eeb29cdfcd28ea7e6158308ed1cc37d654d9
16304e4de8928d432ff6d0d8b5fecf6ef550bed098921d99fe0c8a23d918b02f
GET /js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14322
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 05:04:05 GMT
expires: Thu, 05 Oct 2023 05:04:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 11:00:00 GMT
content-type: text/javascript
age: 255580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18911
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 04:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18910
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18910
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18910
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 60945
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 858ed0836905ecdddb33e61b51863680
3114ab034d43316d00b75cec5605a5310533f653
959cc3cec578c7e4fb5b83abd332b0fc6a0862dc59ef871ea186e9dd68674af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "959CC3CEC578C7E4FB5B83ABD332B0FC6A0862DC59EF871EA186E9DD68674AF4"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10571
Expires: Sat, 08 Oct 2022 06:59:57 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42bf99a697af9de2a20b88fc7c519ba7
26985ab555bcf5ef508bcde14b669651bb9970e2
0514154aeceaad9cae847d2601c13a56b6e651294b5dab72340fe8b049101767
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0514154AECEAAD9CAE847D2601C13A56B6E651294B5DAB72340FE8B049101767"
Last-Modified: Fri, 07 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6333
Expires: Sat, 08 Oct 2022 05:49:19 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f930414-193c-40b3-9ede-82dcc34798da.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f930414-193c-40b3-9ede-82dcc34798da.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 761eacc5155a05c070d06dae3c56e824
5142109da128754d55412915f29b853e6473e7b1
04d4acd58bb76eacfa038e9c8f143e7051931ac2c91e088a3929503d6443fe98
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f930414-193c-40b3-9ede-82dcc34798da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13972
x-amzn-requestid: 37a983be-a598-46a5-89c2-20a91c4c665d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1DrFHBoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb0-20ff89497af2bda30d3314ff;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VXDOXFwJ2gxNAsRT5h0CEdTwCQlVZkn7YX1fphtdZBAYwFjmOA_SgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:35:45 GMT
age: 23281
etag: "5142109da128754d55412915f29b853e6473e7b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6207431ae268d805fb92237925c8fc0
075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87
bb8966bd5b80f1ba6c974925df0610e0a219759ab92df062e135baae02fa0071
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5440
x-amzn-requestid: c9408e3c-29f6-4a53-b09d-0c3f49e99287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp3AzFQ3oAMF_Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409ed1-1da6e8c500879b080c66fdfe;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:49:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bpAfspjZlm1y-CxYtXbhfwPHzcNxLJGVh_j685Z-TvTV-kdRttBjhg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:11:50 GMT
etag: "075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87"
content-type: image/jpeg
age: 21116
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec5a542-4e93-4d7a-a09f-5cebcce8d0c5.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec5a542-4e93-4d7a-a09f-5cebcce8d0c5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 778aa3b0222b676e80806676ae716298
6a952d1135175cc4a2fc849cfd844ba069dfee8b
e4c9a9c773e0f50b30fe53039a973d8e1f13f6fbd6599780352ec7d15753060b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec5a542-4e93-4d7a-a09f-5cebcce8d0c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7624
x-amzn-requestid: 05581c97-c2c5-4216-8241-5fd08619289a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1DkFqqoAMFmQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb0-6c6a6bee11ea0a9f5c573818;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqPhVPAPNLkBhd5jaZhT-RutgwM9vh7qoNmWxWMFfAGXIYmMTUA4Yg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:23 GMT
age: 23183
etag: "6a952d1135175cc4a2fc849cfd844ba069dfee8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cb7f8ab237dd24c47b5f491241b55075
3c029c6bb10e16198a5e3905c2a03dd713796c53
09dcc3fd5ab388368263efc48359b45112a0583208198b8b957318618dd189a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09DCC3FD5AB388368263EFC48359B45112A0583208198B8B957318618DD189A3"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3992
Expires: Sat, 08 Oct 2022 05:10:18 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9176a06a-294d-4b65-8535-846b9386ccc6.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9176a06a-294d-4b65-8535-846b9386ccc6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c7f371036a91fd437db5abc3decdfd
46583b7657dadcffbea286bd45fad99a10f81335
7da3c89d51447ee13c701c892e6b7a4094da97cd1cd7c08322e085d0f49586b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9176a06a-294d-4b65-8535-846b9386ccc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6766
x-amzn-requestid: 8534c4a9-161b-4f7d-a956-36f5d35fde26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1DmGLzIAMFxbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb0-7b2d96e3559d6d057f27d9cf;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NV1e4Qk40mQQBEQsD87vjiyz0yqsw8UYCfyq27LIgA5aOfZkRpKmFQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:55:32 GMT
age: 22094
etag: "46583b7657dadcffbea286bd45fad99a10f81335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd89e5875-73b4-4f15-aac6-071bfc8498ed.webp
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd89e5875-73b4-4f15-aac6-071bfc8498ed.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd0ab497911e2464396765c020d84720
6251eba2c6c9bedc6d595371f6e7906a01ab5722
c8027e7e1f0b3ab842ccc5fb2ac839d7b4c2335f205bf8eeeb91b22998110ac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd89e5875-73b4-4f15-aac6-071bfc8498ed.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4825
x-amzn-requestid: e08a8427-7ca5-44eb-9100-4e7817918c52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dTHzhIAMF57w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-5a9dd7d110d833a83e6f8fb9;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ITEZUYognyg2yIZtvCX9sVwYYsp_YWUINcoMWMKjaN09Yn3hc4Gyrg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 03:34:57 GMT
age: 1729
etag: "6251eba2c6c9bedc6d595371f6e7906a01ab5722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e3ac279ec612ab81587879cc8c5e6e9f
c59bf25525bf331236bb50a231ddb600ff9546a2
e1320d587316deed01e681f268108a70b151084df60965a1a0fc88ce69e5b38b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1320D587316DEED01E681F268108A70B151084DF60965A1A0FC88CE69E5B38B"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1928
Expires: Sat, 08 Oct 2022 04:35:54 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 9d7d232c94a2109cb859d8a99c78ad3f
b2641f27f85977c3202f202e3ae27c3eff705ea9
8114c57e85c79fbb7f1fe0798eef5afe2d43534d2d84873759eb78e26e1f3852
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 17:56:47 GMT
Expires: Wed, 12 Oct 2022 17:56:46 GMT
Etag: "b2641f27f85977c3202f202e3ae27c3eff705ea9"
Cache-Control: max-age=394979,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756bfd15192db4f3-OSL
t.dtscout.com/i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F
200 OK 19 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F
IP
Hash af6a7dae5bb5edda13eea1b5b7abb727
576edde0502b7e09a18496100615fec4951bc13a
945b31d7ab88d97f3e98cca1579fabb29075bb02b00264a0183cd551cdef8dc7
GET /i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 08 Oct 2022 04:03:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=1; Domain=dtscout.com; Expires=Sat, 08-Oct-2022 05:27:06 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sat, 08-Oct-2022 08:03:46 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1665201826; Domain=dtscout.com; Expires=Mon, 16-Jan-2023 04:03:46 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.442
Expires: Sat, 08 Oct 2022 04:03:45 GMT
Cache-Control: no-cache
image.tmdb.org/t/p/originalhttps://www.themoviedb.org/t/p/original/sCuirbSphSVRExPF70S6JrrRQcb.jpg
200 OK 363 kB URL HTTP/2 image.tmdb.org/t/p/originalhttps://www.themoviedb.org/t/p/original/sCuirbSphSVRExPF70S6JrrRQcb.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 363 kB (362689 bytes)
Hash 9de9d044df872e4b98df09a247808244
496c89fc8ecab4651e608cdeaca2d4e879c20ae2
a761564b685e460d892e92787b1c88d8f9fd73ab4005ba014d0f475374488f8d
GET /t/p/originalhttps://www.themoviedb.org/t/p/original/sCuirbSphSVRExPF70S6JrrRQcb.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: image/jpeg
content-length: 362689
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "629d1acf-588c1"
last-modified: Sun, 05 Jun 2022 21:06:23 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/08/2022 04:03:45
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 080d327e0cd49842607b06f6cad489e9
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
static.arc.io/broker/js/chunk-vendors.5e1d8045.js
200 OK 74 kB URL HTTP/2 static.arc.io/broker/js/chunk-vendors.5e1d8045.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (36366)
Hash 5c5e956771396b84d651bbf671902944
fef18ce7c255d3927cbbe240bd46d10976e89079
df01c9b2d4a881cd447ff4c01b513f3188f17c372028ce137911c18aebef9f11
GET /broker/js/chunk-vendors.5e1d8045.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: Lg09pm0SMLA2gDpgvbsYLOJ6t8VM7iye6bHwugpdkzqKL5tqPfuDc6xQsPbM2BumjX36g9SpKpc=
x-amz-request-id: K2YYHZ7GZXR992N5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 06/29/2022 22:31:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: be7e7eab1de4e699b06feac5342be451
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5690c00c386c753af6de22646db06434
aa5b0574bf8aa58bc5608d593e7dcba23100b454
741af8ab8cb30aac3a08fe0ae823577cb602c717416f9bcd52cef5b830b5fb0e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 18:25:20 GMT
Expires: Thu, 13 Oct 2022 18:25:19 GMT
Etag: "aa5b0574bf8aa58bc5608d593e7dcba23100b454"
Cache-Control: max-age=483092,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756bfd14f8b3b511-OSL
my.rtmark.net/gid.js?userId=242705a513e04330b445ee0737a80e86
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=242705a513e04330b445ee0737a80e86
IP
File type JSON data\012- , ASCII text
Hash a8b26b482178296c03bdd3db523a9902
1812c58b4e5d64b35cbd17037a0467d9eeced899
ead60bcdca809363c1d350bd3fbe01dc30af0a97c5fbb4a077f7482308e63ffa
GET /gid.js?userId=242705a513e04330b445ee0737a80e86 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fshd.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=242705a513e04330b445ee0737a80e86; expires=Sun, 08 Oct 2023 04:03:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-ui.js?784632c0
200 OK 14 kB URL HTTP/2 static.arc.io/widget/js/widget-ui.js?784632c0
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (41203), with no line terminators
Hash 6db5720e3637c8537e1381da08c9c7de
95b53a7bff334d1b07ffec4a811f0c1e37a36ddc
65079edf2148993999496d6662f68cb6b84f2a8e684f7cff251bca2a84d3b075
GET /widget/js/widget-ui.js?784632c0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8eb55cec1e5c585cbaf385deac8191aa
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd079bc50fb41779d9fdac62b364f36c
3110f7b66c44197cbca5f4b2626a8391c63f4274
d23c99f6b55fc5dcfc63e11f386c91086f6477214da809c8f3a971bcc12c6cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D23C99F6B55FC5DCFC63E11F386C91086F6477214DA809C8F3A971BCC12C6CFF"
Last-Modified: Fri, 07 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5879
Expires: Sat, 08 Oct 2022 05:41:45 GMT
Date: Sat, 08 Oct 2022 04:03:46 GMT
Connection: keep-alive
disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Falexandre%2F&t_d=Assistir%20Alexandre%20Online%20-%20UltraCine&t_t=Assistir%20Alexandre%20Online%20-%20UltraCine&s_o=default&l=pt
200 OK 2.8 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Falexandre%2F&t_d=Assistir%20Alexandre%20Online%20-%20UltraCine&t_t=Assistir%20Alexandre%20Online%20-%20UltraCine&s_o=default&l=pt
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3032)
Hash f28f853fa98cb81befe017917a153233
cdc201578dea41e662d3e86c1ee27430c3615986
9e45573e6e3e0bfb68ba4398335456d67598fafe2be2a4faf0ef0997ab47aeef
GET /embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Falexandre%2F&t_d=Assistir%20Alexandre%20Online%20-%20UltraCine&t_t=Assistir%20Alexandre%20Online%20-%20UltraCine&s_o=default&l=pt HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2837
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 24 May 2022 17:33:02 GMT
ETag: W/"lounge:view:8891338775.6d8f48ca9a49a7e72f3d3aefde7fc41c.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 08 Oct 2022 04:03:46 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8f914c75d78aabd8f442473c89339139
65f9275088f83adaabf31e48c76de615ceaf238d
e609b19f355624c89679e3029f5f54f6c1b0398d8b13aae97c6d11b2598dee66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 12:52:20 GMT
Expires: Thu, 13 Oct 2022 12:52:19 GMT
Etag: "65f9275088f83adaabf31e48c76de615ceaf238d"
Cache-Control: max-age=463112,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756bfd188a37b4f3-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Content-Type: text/plain;charset=UTF-8
Origin: https://fshd.link
Content-Length: 1825
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 08 Oct 2022 04:04:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://fshd.link
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
c.disquscdn.com/next/embed/lounge.load.f68f052361d84779441371b7020dc538.js
200 OK 496 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.f68f052361d84779441371b7020dc538.js
IP
File type ASCII text, with very long lines (958), with no line terminators
Hash 10f3c14dc3d623a7d0dd74691ff2e303
240973cd4b4e1afdf284e1f5ffd802428ff52fdc
60641f5dd1464b69d38ca96cb7f3550e7a2206c9dc964c162f52cbff94c25f80
GET /next/embed/lounge.load.f68f052361d84779441371b7020dc538.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 496
date: Wed, 05 Oct 2022 08:26:38 GMT
server: nginx
last-modified: Wed, 05 Oct 2022 08:22:48 GMT
etag: "633d3ed8-1f0"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 08:26:38 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Ljkp9v0yMMhHZHYEaVpKjvpQtAhNVV3agrLzPiH4ofmIxvBAHDE_A==
age: 243428
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Wed, 21 Sep 2022 04:49:43 GMT
server: nginx
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
etag: "63243521-17223"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 21 Sep 2023 04:49:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cvbVHvshxAXcBLhRBEk7pnIprZLZRwVsEGJwNWq-QtgyLKDwnR-NSw==
age: 1466043
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
200 OK 6.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 917e47a52f93b9e90a881ddb89c2a3f8
03f866ff2fc6f4803120f03cd19940005a4c726e
17b8deba1c93b311c073c1f2e09e765ec681fc6065adec2e773395948d03b3cf
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 45813
expires: Tue, 11 Oct 2022 04:03:46 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 756bfd19b820b518-OSL
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.62d2159c406b6c067144a0ba5681724e.css
200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.62d2159c406b6c067144a0ba5681724e.css
IP
File type ASCII text, with very long lines (65469)
Hash f1bb6f7c783c8ca2f39a1ab629926bd1
5c65330b140a1dc141a60eb66a76b52f519fed01
18e4d767bb9355528fb0278c76e3c0a8c28eaadaca43fb01d4144975f8a46279
GET /next/embed/styles/lounge.62d2159c406b6c067144a0ba5681724e.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26187
date: Tue, 04 Oct 2022 18:54:18 GMT
server: nginx
last-modified: Tue, 04 Oct 2022 18:32:46 GMT
etag: "633c7c4e-664b"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 18:54:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jmatwv26cCGe5H2rrsz2A6Aom-GiT0wrD7psQK02KW6DN2vvTaM3Jw==
age: 292168
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.baabe0e921041a0435be1aa95c2633a0.js
200 OK 124 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.baabe0e921041a0435be1aa95c2633a0.js
IP
File type ASCII text, with very long lines (32035)
Size 124 kB (123994 bytes)
Hash 96266646c0b2d0bb6a243f3757ac43a9
96b99fe92159c1793c1cde2542c87f8f3f65d4d4
30b75896cb3d057b6d89a39f2670f026049c098b28ff4455f1623650a74814df
GET /next/embed/lounge.bundle.baabe0e921041a0435be1aa95c2633a0.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 123994
date: Wed, 05 Oct 2022 08:26:38 GMT
server: nginx
last-modified: Wed, 05 Oct 2022 08:22:48 GMT
etag: "633d3ed8-1e45a"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 08:26:38 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0CVm9MsMqdUD_rET8hYIQr4uhICy9hyJ8qNs__GummxkGhiYpf-fhg==
age: 243428
X-Firefox-Spdy: h2
oaphoace.net/401/5400680
200 OK 31 kB IP
Hash 2f4596ecd48d3c3a2f1b731ec184ba1d
42173e25b91e2adfd8f0cabf820810d3f450b64f
7a3c345eab33d2a221cc43936931ba5617333bf5a826634cae2a1b0dec12db15
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5400680 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
x-trace-id: 8e0d4683d4993f8abf895fa81a8f24c8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=726495554e6e410fb57d923fd59ba707; expires=Sun, 08 Oct 2023 04:03:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=i5oe219853gt844527567a3z8wsge634
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=i5oe219853gt844527567a3z8wsge634
IP
File type JSON data\012- , ASCII text
Hash a8b26b482178296c03bdd3db523a9902
1812c58b4e5d64b35cbd17037a0467d9eeced899
ead60bcdca809363c1d350bd3fbe01dc30af0a97c5fbb4a077f7482308e63ffa
GET /gid.js?userId=i5oe219853gt844527567a3z8wsge634 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: ID=242705a513e04330b445ee0737a80e86
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fshd.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=242705a513e04330b445ee0737a80e86; expires=Sun, 08 Oct 2023 04:03:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/embed/lang/pt.js
200 OK 8.9 kB URL HTTP/2 c.disquscdn.com/next/current/embed/lang/pt.js
IP
File type Unicode text, UTF-8 text, with very long lines (24258), with no line terminators
Hash 3afaa08e0cad4a01bcfbbfaf084dab70
e46b4086ee6ec526623aa91fe9b8b29e765ab0f9
a2a910b31231941a3476adc00477e7b8f524727eb03819a9e63cf76897f26296
GET /next/current/embed/lang/pt.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 8873
server: nginx
last-modified: Wed, 05 Oct 2022 08:22:48 GMT
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 08 Oct 2022 04:03:47 GMT
expires: Sat, 08 Oct 2022 04:07:53 GMT
cache-control: max-age=300, public
etag: "633d3ed8-22a9"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e856QEoEXiJaJ6QNOgqctFQpLpSguZX7wivAtlUm9Nb4QJZP1TDQaQ==
age: 53
X-Firefox-Spdy: h2
oaphoace.net/500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 0 B URL HTTP/2 oaphoace.net/500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fshd.link/
Origin: https://fshd.link
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:47 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fshd.link
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ossnatuer.com/500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 0 B URL HTTP/2 ossnatuer.com/500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fshd.link/
Origin: https://fshd.link
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:47 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fshd.link
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.62d2159c406b6c067144a0ba5681724e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Mon, 19 Sep 2022 03:05:23 GMT
server: nginx
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
etag: "63243521-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 03:05:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FyNSGdNQpkJCdeEn1xRtivNYG0OdPXHeuSvu6JMGVPDsFWxDryD0-g==
age: 1645104
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.62d2159c406b6c067144a0ba5681724e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Tue, 20 Sep 2022 11:48:31 GMT
server: nginx
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
etag: "63243521-6e3"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 20 Sep 2023 11:48:31 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C63WFWijvd5QUjKFgRsEvTpN044iKrUd3B_LpQCqmc3e5S3ehquuzA==
age: 1527316
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Mon, 29 Aug 2022 03:15:49 GMT
server: nginx
last-modified: Fri, 26 Aug 2022 22:07:42 GMT
etag: "6309442e-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 03:15:49 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V1dA7lFoHunhrKR_V3K240QYaumXd05Pv-IKc110vSskASX8WV8cUg==
age: 3458878
X-Firefox-Spdy: h2
oaphoace.net/500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 2.8 kB URL HTTP/2 oaphoace.net/500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
Hash fa8e9971347e563028bcdc9f90eeb71a
0780a2c8997a144f79b4fad08a378b23962b3556
d69b01403473b21e6aa1249068058456cec1ead6473b3e1d05277158400a7fa9
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5400680?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: OAID=726495554e6e410fb57d923fd59ba707
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:47 GMT
content-type: application/javascript
x-trace-id: aa8fa7b3afaf3e419ac4de0ccfc93c09
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://fshd.link
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=i5oe219853gt844527567a3z8wsge634; expires=Sun, 08 Oct 2023 04:03:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.2 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
File type JSON data\012- , ASCII text, with very long lines (3229), with no line terminators
Hash 75f6619150dee1822478fe9d98fc28c9
c13fd02457b5cb220b32d788188f2a63c9d91480
eca2077adb324bfe2cd5094655b6cc97f320b9bc13ce90b272b465e28cab0870
GET /api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Falexandre%2F&t_d=Assistir%20Alexandre%20Online%20-%20UltraCine&t_t=Assistir%20Alexandre%20Online%20-%20UltraCine&s_o=default&l=pt
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3229
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sat, 08 Oct 2022 04:03:47 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Thu, 08 Sep 2022 01:31:12 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:38 GMT
etag: "630e4dee-67d2"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 08 Sep 2023 01:31:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AGCV7kdTcwL0LURh_QI-eGyliWmLqPT7NZa8Rmbq8GJcEiSMYikY6w==
age: 2601154
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=313&event=init_embed&thread=8891338775&forum=https-www-cinefilmeshd-org&forum_id=6360634&imp=4q28l2p1clihbk&thread_slug=assistir_alexandre_online_ultracine&user_type=anon&referrer=https%3A%2F%2Fultracine.online%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=313&event=init_embed&thread=8891338775&forum=https-www-cinefilmeshd-org&forum_id=6360634&imp=4q28l2p1clihbk&thread_slug=assistir_alexandre_online_ultracine&user_type=anon&referrer=https%3A%2F%2Fultracine.online%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=313&event=init_embed&thread=8891338775&forum=https-www-cinefilmeshd-org&forum_id=6360634&imp=4q28l2p1clihbk&thread_slug=assistir_alexandre_online_ultracine&user_type=anon&referrer=https%3A%2F%2Fultracine.online%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Falexandre%2F&t_d=Assistir%20Alexandre%20Online%20-%20UltraCine&t_t=Assistir%20Alexandre%20Online%20-%20UltraCine&s_o=default&l=pt
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sat, 08 Oct 2022 04:03:47 GMT
Cross-Origin-Resource-Policy: cross-origin
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Alexandre%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
200 OK 97 kB URL HTTP/2 offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd
GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:47 GMT
content-type: image/png
content-length: 96644
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-17984"
expires: Sat, 08 Oct 2022 18:44:42 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 33545
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756bfd1dbccc15f8-ARN
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
200 OK 281 B IP
Hash 9b16dccc40ac052c7b6c6b411de89e34
0dfeae860bfc9672d5a660cdd0d803aac7351cd0
ad41b738199c18eacd4454eebe363758228fe08e7f7766570fb750249fcdd8c1
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:47 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 00:47:11 GMT
Expires: Sat, 15 Oct 2022 00:47:10 GMT
Etag: "0dfeae860bfc9672d5a660cdd0d803aac7351cd0"
Cache-Control: max-age=592402,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756bfd1d48beb4f9-OSL
de.tynt.com/deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sun, 09 Oct 2022 04:03:47 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Sat, 08 Oct 2022 04:03:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
200 OK 281 B IP
Hash 9b16dccc40ac052c7b6c6b411de89e34
0dfeae860bfc9672d5a660cdd0d803aac7351cd0
ad41b738199c18eacd4454eebe363758228fe08e7f7766570fb750249fcdd8c1
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 04:03:47 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 00:47:11 GMT
Expires: Sat, 15 Oct 2022 00:47:10 GMT
Etag: "0dfeae860bfc9672d5a660cdd0d803aac7351cd0"
Cache-Control: max-age=592402,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756bfd1d4f820b31-OSL
cdn.viglink.com/images/pixel.gif?ch=1&rn=5.768221219617216
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=1&rn=5.768221219617216
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=5.768221219617216 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:47 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: kD5HFQ7P4sk58nUviFHtodFzywESjkvYEFN6CAJdKNnBQ3LORoGMIySQgNb4ujcgO3nwRASkhoU=
x-amz-request-id: NTCXD2WSTC4P5EFZ
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 6
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756bfd1e99a6b4fa-OSL
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=5.768221219617216
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=2&rn=5.768221219617216
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=5.768221219617216 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:47 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: kD5HFQ7P4sk58nUviFHtodFzywESjkvYEFN6CAJdKNnBQ3LORoGMIySQgNb4ujcgO3nwRASkhoU=
x-amz-request-id: NTCXD2WSTC4P5EFZ
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 6
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756bfd1ea9b6b4fa-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1665201826845&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sat, 08 Oct 2022 04:03:47 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
links.services.disqus.com/api/ping
200 OK 316 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP
File type ASCII text, with very long lines (316), with no line terminators
Hash 322b1e8cd89efb4c4bf652fa3f698ddc
f5110664eb2262d561be35eaa09ba549457b3d9e
22d32872ae2bc87c24835826318d7ce3aa98954eb04c84e0884f2d892a68d07a
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 144
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 316
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ultracine.online
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sat, 08 Oct 2022 04:03:47 GMT
Set-Cookie: vglnk.Agent.p=8c1a77b1d00a71a934b871714ecee666; Expires=Sun, 08 Oct 2023 04:03:47 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Sun, 08 Oct 2023 04:03:47 GMT; path=/
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
200 OK 631 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
IP
File type ASCII text, with very long lines (1796)
Hash c27520fe60c6f5f7cba22d6912e04494
59bdd4f097d44825326bfa7fdf075669deabaa09
bfbb841e763e8cd7a378b0a6bb83b08251eb3ee0afd7bfcb6d55dae63f6f514d
GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:48 GMT
content-type: text/css; charset=utf-8
content-length: 631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2b-732"
last-modified: Mon, 04 May 2020 16:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 822823
expires: Thu, 28 Sep 2023 04:03:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOaoo8%2B7Fs%2BfRNE86utEuj4Z9N0i5Ku0mqZQgbStTc2ADQJYfJpCqL7qWaWWh7vxDHaAucJHWfoDy8LNREf2UWDUZ1xpWAdfJkNZCMTIFCk0skajMxMUkkrrRs7KU3wLWFg6d%2Bgc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756bfd212947b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sat, 08 Oct 2022 04:03:48 GMT
Set-Cookie: vglnk.Agent.p=35628b8cf08511e7a4750e60731c6ba6; Expires=Sun, 08 Oct 2023 04:03:48 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Sun, 08 Oct 2023 04:03:48 GMT; path=/
links.services.disqus.com/api/domains
200 OK 41 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 7988e8689974d83967b0e477c6b2a984
2bf614d73764e92167982ff0013e7c255a14b5ba
b8b3f327f20aa0d34fcb431db52f8ca84bf99d0e4205ad3a8abeb412007f0f28
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 275
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ultracine.online
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sat, 08 Oct 2022 04:03:48 GMT
Set-Cookie: vglnk.Agent.p=a777d36c38b5b128cdf28a7b227e174b; Expires=Sun, 08 Oct 2023 04:03:48 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Sun, 08 Oct 2023 04:03:48 GMT; path=/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 84e7287b27f8ed1502bed92ec11ff853
a5f26c7ba40df82936696d43686150f518b19c6a
b62853fbfd09262d06adeb861f97f4bf977d732033872a08f72b609b466fbd66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B62853FBFD09262D06ADEB861F97F4BF977D732033872A08F72B609B466FBD66"
Last-Modified: Fri, 07 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8103
Expires: Sat, 08 Oct 2022 06:18:51 GMT
Date: Sat, 08 Oct 2022 04:03:48 GMT
Connection: keep-alive
warden.arc.io/mailbox/nodes/WqqDjyrsWpiRR1q88XUWK8
204 No Content 0 B URL HTTP/2 warden.arc.io/mailbox/nodes/WqqDjyrsWpiRR1q88XUWK8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mailbox/nodes/WqqDjyrsWpiRR1q88XUWK8 HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Content-Type: text/plain;charset=UTF-8
Origin: https://fshd.link
Content-Length: 284
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 08 Oct 2022 04:03:48 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
oaphoace.net/impression/9ZN3d3U5c11m-Pptvo9wfy2VCsnzTEkffoHuZcz6uZPvWxRqTIKLcE-oPIBF6Hk8KooB4hqH6xVXfhuLcRYf31LAzq9q7eBzCHuUsiJ1S3IFr3qiecz5S5YnXosUN59YDunCVYYIeUPe7D2WGMNIDFNPRYDYf69iIfBSxkwlnRcJshO3vaCCqvmlcrdY12HKeuHAm54Mb7hvdbO9CY2ktD9yN05-Qqrot7vrdpBp74roA7ASpw7ovpkzsFGQpy_NBkIDby_qlsiX2EKn7P1ovyljExTn0pHijIes3hbAKXkYbtWyC-cBv-phvW5CKa1ozo4Y-GMx5emvXXl0dCzMPpF-4CQdv7vKHLa44s0mERysfzloNuX5P0PHEdKnNkoyLdsgy_nkOog8XQ2hPJhi9caZd9IlbRlDPvB_iySNNySHdzHje5N3bmMJLxAfMnLvZHE1EasTKm6PrfSaLWAp8tR_oQjN_xOg143pKgruPTM6m_kMtlDGtHncI83vQcVI9DMAl1Wym8qK_BO6byZJyzfhOiouxKbBV5TVPap2V4euf_cKir0uoKu4pRPXSGyyf-a7NYRoz3wAol2q-ZftSTsCfdw=?_z=5400680&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 43 B URL HTTP/2 oaphoace.net/impression/9ZN3d3U5c11m-Pptvo9wfy2VCsnzTEkffoHuZcz6uZPvWxRqTIKLcE-oPIBF6Hk8KooB4hqH6xVXfhuLcRYf31LAzq9q7eBzCHuUsiJ1S3IFr3qiecz5S5YnXosUN59YDunCVYYIeUPe7D2WGMNIDFNPRYDYf69iIfBSxkwlnRcJshO3vaCCqvmlcrdY12HKeuHAm54Mb7hvdbO9CY2ktD9yN05-Qqrot7vrdpBp74roA7ASpw7ovpkzsFGQpy_NBkIDby_qlsiX2EKn7P1ovyljExTn0pHijIes3hbAKXkYbtWyC-cBv-phvW5CKa1ozo4Y-GMx5emvXXl0dCzMPpF-4CQdv7vKHLa44s0mERysfzloNuX5P0PHEdKnNkoyLdsgy_nkOog8XQ2hPJhi9caZd9IlbRlDPvB_iySNNySHdzHje5N3bmMJLxAfMnLvZHE1EasTKm6PrfSaLWAp8tR_oQjN_xOg143pKgruPTM6m_kMtlDGtHncI83vQcVI9DMAl1Wym8qK_BO6byZJyzfhOiouxKbBV5TVPap2V4euf_cKir0uoKu4pRPXSGyyf-a7NYRoz3wAol2q-ZftSTsCfdw=?_z=5400680&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/9ZN3d3U5c11m-Pptvo9wfy2VCsnzTEkffoHuZcz6uZPvWxRqTIKLcE-oPIBF6Hk8KooB4hqH6xVXfhuLcRYf31LAzq9q7eBzCHuUsiJ1S3IFr3qiecz5S5YnXosUN59YDunCVYYIeUPe7D2WGMNIDFNPRYDYf69iIfBSxkwlnRcJshO3vaCCqvmlcrdY12HKeuHAm54Mb7hvdbO9CY2ktD9yN05-Qqrot7vrdpBp74roA7ASpw7ovpkzsFGQpy_NBkIDby_qlsiX2EKn7P1ovyljExTn0pHijIes3hbAKXkYbtWyC-cBv-phvW5CKa1ozo4Y-GMx5emvXXl0dCzMPpF-4CQdv7vKHLa44s0mERysfzloNuX5P0PHEdKnNkoyLdsgy_nkOog8XQ2hPJhi9caZd9IlbRlDPvB_iySNNySHdzHje5N3bmMJLxAfMnLvZHE1EasTKm6PrfSaLWAp8tR_oQjN_xOg143pKgruPTM6m_kMtlDGtHncI83vQcVI9DMAl1Wym8qK_BO6byZJyzfhOiouxKbBV5TVPap2V4euf_cKir0uoKu4pRPXSGyyf-a7NYRoz3wAol2q-ZftSTsCfdw=?_z=5400680&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Cookie: OAID=i5oe219853gt844527567a3z8wsge634
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:51 GMT
content-type: image/gif
content-length: 43
x-trace-id: d15f5a0a1271bed66ee29a5e1a7cc8a5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
200 OK 331 kB URL HTTP/2 static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (34291)
Size 331 kB (330976 bytes)
Hash 35aeaa1ca56f6438c2fc49424f5fc3c6
63b2e25f5fc496c018818fcaae1ccb99740e9ca5
de4b181218fd74ce1624400d26e1e5971ef7991c7469802fbbad067fba3cfe5b
GET /widget/js/vendors~widget-sc-client.js?35fccb86 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-10-08T04:03:46.105Z%22%2C%22dismissedAt%22:null}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:52 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
last-modified: Fri, 22 Jul 2022 23:08:54 GMT
x-amz-id-2: gO56M4SIXfLCyIfgDnIkEYznO/aSxbiWzPzBnkEFGYql1RoX90Evh/ZoIMm/6C+bN1XQIlxZGrE=
x-amz-request-id: HMFZR25VHVX61V98
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/25/2022 16:03:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b4861c3692cb7a62f29f122e9862c9f0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
t.dtscout.com/pv/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pv/ HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------303737842215599871751253342240
Content-Length: 1188
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: m=1; oa=1; df=1665201826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 08 Oct 2022 04:03:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.156
X-C: 0
Expires: Sat, 08 Oct 2022 04:03:51 GMT
Cache-Control: no-cache
static.arc.io/widget/js/core.js?6589b9f
200 OK 0 B URL HTTP/2 static.arc.io/widget/js/core.js?6589b9f
IP
ASN #34989 ServeTheWorld AS
GET /widget/js/core.js?6589b9f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"6c48787700207c1e30b51ff3b14ab5d1"
last-modified: Fri, 07 Oct 2022 20:41:23 GMT
x-amz-id-2: /nJFELjRoTOv0SjhMYJD9pdo+01oLjwil3CHXu+EhR4fMqJsLwGJ+ZWxwHoOev2TFZ+skLyDx3U=
x-amz-request-id: BQA1XQSSX4746YV2
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/07/2022 20:51:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4d1f39b2438ed9c4dcbd40a7c8469525
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
unvanilluxer.com/5/5294376
200 OK 0 B URL HTTP/2 unvanilluxer.com/5/5294376
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5294376 HTTP/1.1
Host: unvanilluxer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:45 GMT
content-type: application/javascript
x-trace-id: 134df16573a9cc44cea825e0321abe66
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=242705a513e04330b445ee0737a80e86; expires=Sun, 08 Oct 2023 04:03:45 GMT; path=/; secure; SameSite=None
oaidts=1665201825; expires=Sun, 08 Oct 2023 04:03:45 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
core.arc.io/broker.html?6589b9f
200 OK 0 B URL HTTP/2 core.arc.io/broker.html?6589b9f
IP
ASN #34989 ServeTheWorld AS
GET /broker.html?6589b9f HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"61e89f9d-612"
expires: Sun, 06 Nov 2022 20:51:26 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/07/2022 20:51:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6a32d3f1f651207ac24c4e34c23bb368
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-modules.a169b1ec.js
200 OK 0 B URL HTTP/2 static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP
ASN #34989 ServeTheWorld AS
GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 1HPOvli1UWDpUZXFWu6CwdlYyQUcdV4wPGgPy4nfB7B6fDlC7Q604ob7CUR3XzVeynp2AAE8mww=
x-amz-request-id: ST1DTDBD2C8CBP39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:43:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 632b007193ab9e5fea47a771c2c192d7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/broker/js/broker.b281d075.js
200 OK 0 B URL HTTP/2 static.arc.io/broker/js/broker.b281d075.js
IP
ASN #34989 ServeTheWorld AS
GET /broker/js/broker.b281d075.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 15mXd8XH2lx2CE03B29NPUH0DZY/LOqIKeKzeLqmQNgXs1snFjVDp9XICA09Vhudm/HuQ+kRbm0=
x-amz-request-id: 1BTZ9YPB4J9E9E0X
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 33146f452ec90a082b258b33ede8cbc7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/widget/css/widget.css?6589b9f
200 OK 0 B URL HTTP/2 static.arc.io/widget/css/widget.css?6589b9f
IP
ASN #34989 ServeTheWorld AS
GET /widget/css/widget.css?6589b9f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
last-modified: Fri, 07 Oct 2022 20:41:23 GMT
x-amz-id-2: GvjkqVVIzXAYPPmCcji8nOPLcOiKgfpZby+8vuvq3bB4YC69V6tktvvaY8wfTWN/UkC4oceKtD0=
x-amz-request-id: S0R9HEP9QQT2FYQ3
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/07/2022 20:51:27
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 35c9420dfe051c6fc2bd4d9eaaae73b9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=0x34535a&t=Alexandre%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1456
200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=0x34535a&t=Alexandre%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1456
IP
GET /pingjs/?k=0x34535a&t=Alexandre%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1456 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 756bfd180f12b4ee-OSL
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 7038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keOydb8iokNdZIh6Y9%2F1pMzs4je%2B3q%2BSOd23L9JdB9Mb4mVuezDM41FnNZ5rPtNL4N0kd975o4TplxbUSFuApWl0zkiYnz9Tg2oLSIEr3b3FFuABqokXNiczv78kMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756bfd168b4c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-sc-client.js?197dbd2e
200 OK 0 B URL HTTP/2 static.arc.io/widget/js/widget-sc-client.js?197dbd2e
IP
ASN #34989 ServeTheWorld AS
GET /widget/js/widget-sc-client.js?197dbd2e HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-10-08T04:03:46.105Z%22%2C%22dismissedAt%22:null}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:52 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"14884d9e881791d580471ec30f89f22a"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: URaeHor7BKsSAtcnqISpEn6E3w+xeceiV+yk3tYl1MHAPfIYu6QUy/mqJlWlIX9KQaPnVYygXzU=
x-amz-request-id: ZEX3NT5QY6GPK09Y
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/09/2022 11:22:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a04fa21f533e00bc17b3afef44ca72df
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ossnatuer.com/500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 0 B URL HTTP/2 ossnatuer.com/500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5294569?excludes=&oaid=i5oe219853gt844527567a3z8wsge634&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt0346491%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: OAID=734ba8fc99ea420284df6f52f662eb8e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:47 GMT
content-type: application/javascript
x-trace-id: 5e3417ffebc1a69baf536ab74376d5ed
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://fshd.link
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=i5oe219853gt844527567a3z8wsge634; expires=Sun, 08 Oct 2023 04:03:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ossnatuer.com/400/5294569
200 OK 0 B URL HTTP/2 ossnatuer.com/400/5294569
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5294569 HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
x-trace-id: 063b4cbe6ced36d5e4322c418c844fe1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=734ba8fc99ea420284df6f52f662eb8e; expires=Sun, 08 Oct 2023 04:03:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5351742
200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5351742
IP
GET /apu.php?zoneid=5351742 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 04:03:46 GMT
content-type: application/javascript
x-trace-id: 8b6088f8221e84fda29895524ed3109b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8d16793f55844224abaf11ee5697190f; expires=Sun, 08 Oct 2023 04:03:46 GMT; path=/; secure; SameSite=None
oaidts=1665201826; expires=Sun, 08 Oct 2023 04:03:46 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0
200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0
IP
GET /embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 08 Oct 2022 04:03:44 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+468; expires=Mon, 07-Oct-2024 04:03:44 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-iwc.9b430e25.js
200 OK 0 B URL HTTP/2 static.arc.io/broker/js/lazy-iwc.9b430e25.js
IP
ASN #34989 ServeTheWorld AS
GET /broker/js/lazy-iwc.9b430e25.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 04:03:48 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 0pqtvhmktNzG/kuXS+f70yU/1nrs8NiaC5jbPx0Ogn1zHjS1MBw3Ld9u+2vBvs1RgznasANnNaM=
x-amz-request-id: P7W24ZM6DAWWT664
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/30/2022 16:48:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2fbed4eed14cf4e994eed8f3f72298ed
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0
200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0
IP
GET /embed/Bh6LKIdxqCU?autoplay=0&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 08 Oct 2022 04:03:45 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+857; expires=Mon, 07-Oct-2024 04:03:45 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.155.13
151.101.85.229
139.45.195.254
104.22.33.172
23.36.76.226
138.199.37.232