Overview

URL 18moviesonline.com/
IP172.67.212.52
ASNCLOUDFLARENET
Location United States
Report completed2022-08-30 04:18:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed
2022-08-30 2 c2e6bd3f02.com Sinkholed


Files

No files detected



Passive DNS (39)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2022-08-29 18:05:19 UTC 142.250.74.10
mnemonic passive DNS nereserv.com (2) 40015 2020-12-21 11:07:56 UTC 2022-08-30 03:15:59 UTC 168.119.25.22
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-08-29 04:32:13 UTC 142.251.1.154
mnemonic passive DNS js.cabnnr.com (1) 37463 2021-08-30 12:50:21 UTC 2022-08-29 23:03:01 UTC 45.133.44.24
mnemonic passive DNS lcdn.tsyndicate.com (1) 12634 2020-03-31 14:26:34 UTC 2022-08-29 20:39:11 UTC 8.254.252.211
mnemonic passive DNS i.cdnkimg.com (2) 8049 2020-08-20 06:43:50 UTC 2022-08-30 03:16:01 UTC 45.133.44.37
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-30 01:02:58 UTC 143.204.55.36
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-04-02 10:51:04 UTC 2022-08-29 04:31:06 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS js.wpadmngr.com (1) 25762 2021-06-02 14:43:46 UTC 2022-08-29 19:52:18 UTC 45.133.44.25
mnemonic passive DNS c02c34ce7c.a83dab28b3.com (4) 0 2022-08-28 13:46:26 UTC 2022-08-28 13:46:26 UTC 45.133.44.25 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2012-05-23 12:49:49 UTC 2022-08-29 06:01:09 UTC 104.17.24.14
mnemonic passive DNS www.google-analytics.com (1) 40 2012-05-21 07:15:40 UTC 2022-08-30 02:51:03 UTC 142.250.74.174
mnemonic passive DNS i.jads.co (2) 46788 2019-12-04 08:50:06 UTC 2022-08-29 18:21:02 UTC 69.16.175.42
mnemonic passive DNS fp.metricswpsh.com (2) 0 2022-04-22 11:20:32 UTC 2022-08-29 22:54:20 UTC 23.88.85.6 Unknown ranking
mnemonic passive DNS eu.doctorpost.net (1) 10457 2021-12-23 13:24:47 UTC 2022-08-29 18:01:42 UTC 38.100.129.67
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-30 01:05:18 UTC 93.184.220.29
mnemonic passive DNS poweredby.jads.co (4) 30525 2019-12-04 10:34:12 UTC 2022-08-29 18:21:00 UTC 185.94.236.244
mnemonic passive DNS 9da504bc9f.c2e6bd3f02.com (8) 0 2022-08-30 00:38:21 UTC 2022-08-30 00:38:21 UTC 168.119.25.22 Unknown ranking
mnemonic passive DNS pxl.tsyndicate.com (1) 14763 2017-07-05 13:51:06 UTC 2022-08-29 22:25:22 UTC 136.243.69.157
mnemonic passive DNS s.viifixi.com (1) 0 2022-08-23 15:28:27 UTC 2022-08-29 19:44:07 UTC 31.220.27.135 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-29 04:31:25 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-08-29 04:31:13 UTC 142.250.74.3
mnemonic passive DNS i.ibb.co (8) 13485 2018-11-25 10:13:48 UTC 2022-08-29 17:11:49 UTC 51.210.3.236
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-08-29 22:05:07 UTC 172.64.155.188
mnemonic passive DNS btds.zog.link (1) 38469 2019-10-07 21:35:03 UTC 2022-08-29 23:03:05 UTC 109.206.163.116
mnemonic passive DNS tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-08-30 01:56:45 UTC 148.251.19.25
mnemonic passive DNS r3.o.lencr.org (18) 344 2020-12-02 08:52:13 UTC 2022-08-29 04:32:12 UTC 23.36.77.32
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-29 04:55:44 UTC 52.43.58.150
mnemonic passive DNS ajax.googleapis.com (1) 12905 2012-05-22 10:38:03 UTC 2022-08-29 22:30:22 UTC 216.58.207.202
mnemonic passive DNS i.postimg.cc (18) 23840 2018-04-11 10:01:12 UTC 2022-08-29 23:48:13 UTC 141.94.200.42
mnemonic passive DNS rtbrennab.com (2) 0 2022-04-20 15:49:10 UTC 2022-08-29 23:03:24 UTC 162.55.139.130 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-29 04:39:36 UTC 143.204.55.35
mnemonic passive DNS 18moviesonline.com (22) 336712 2020-05-04 18:43:05 UTC 2022-08-28 12:00:28 UTC 104.21.69.191
mnemonic passive DNS notification.tubecup.net (1) 8210 2018-07-09 16:06:19 UTC 2022-08-30 02:14:58 UTC 88.198.200.36
mnemonic passive DNS 42dde33601.c2e6bd3f02.com (1) 0 2022-08-28 13:46:26 UTC 2022-08-30 03:15:59 UTC 45.133.44.24 Unknown ranking
mnemonic passive DNS js.juicyads.com (1) 57029 2015-07-01 03:05:00 UTC 2022-08-29 18:21:00 UTC 143.204.55.92
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-08-29 13:36:24 UTC 34.120.237.76
mnemonic passive DNS static.bookmsg.com (2) 47495 2020-11-24 14:56:32 UTC 2022-08-29 22:54:21 UTC 94.130.197.136
mnemonic passive DNS cdn.adx1.com (2) 10630 2018-03-05 17:25:10 UTC 2022-08-29 19:43:40 UTC 149.11.201.98


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.212.52

Date UQ / IDS / BL URL IP
2022-12-05 20:13:29 +0000
0 - 0 - 0 Stufferdb.com 172.67.212.52
2022-11-21 04:07:24 +0000
0 - 0 - 13 18moviesonline.com/ 172.67.212.52
2022-09-11 06:25:24 +0000
0 - 0 - 1 18moviesonline.com/ 172.67.212.52
2022-09-05 11:03:01 +0000
0 - 0 - 6 www.selcuksportshd26.xyz/ 172.67.212.52
2022-08-31 06:25:29 +0000
0 - 0 - 10 18moviesonline.com/ 172.67.212.52

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-05 20:57:14 +0000
0 - 0 - 2 3naizah.net/lets/otesempqour 104.21.50.254
2022-12-05 20:57:10 +0000
0 - 0 - 2 3naizah.net/lets/arsbledeo 104.21.50.254
2022-12-05 20:57:02 +0000
0 - 0 - 2 3naizah.net/lets/otesempqour 104.21.50.254
2022-12-05 20:56:05 +0000
0 - 0 - 2 globalvisitclub.com/cf/r/638b25ba0c97cc0012364c4a 104.18.17.6
2022-12-05 20:55:30 +0000
0 - 0 - 5 planoracmeatbenor.ga/ 188.114.96.1

Last 5 reports on domain: 18moviesonline.com

Date UQ / IDS / BL URL IP
2022-12-02 04:09:02 +0000
0 - 0 - 13 18moviesonline.com/ 188.114.97.1
2022-11-21 04:07:24 +0000
0 - 0 - 13 18moviesonline.com/ 172.67.212.52
2022-09-11 06:25:24 +0000
0 - 0 - 1 18moviesonline.com/ 172.67.212.52
2022-08-31 06:25:29 +0000
0 - 0 - 10 18moviesonline.com/ 172.67.212.52
2022-08-30 04:18:48 +0000
0 - 0 - 9 18moviesonline.com/ 172.67.212.52

No other reports with similar screenshot



JavaScript

Executed Scripts (38)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 167, repeated: 1) - SHA256: 78333487cf8e45f9ba5d7b4dde35e1350eb87d3a02815bde7956758b38841883

                                        < div style = "display: none;" > < img src = "https://18moviesonline.com/trade/in.php?p=default&ref=&rnd=71960041&rImg=1&refremote=none"
width = "1"
height = "1"
border = "0" > < /div>
                                    


HTTP Transactions (139)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 03:25:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FG3SDenN-uhArTK1z5BZWav8NE84ilT7cfJy1t1OquyJyvzBMkUUaA==
Age: 3169


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Tue, 30 Aug 2022 07:15:35 GMT
Date: Tue, 30 Aug 2022 04:18:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ssZjXmaa7gur8M1Bo1ahCjDv1YPKM5j1FNKDtEl4iDOBmzU1Lx8e3g==
age: 20559
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 30 Aug 2022 04:17:12 GMT
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 05:15:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bly9NmFJ82jShBhNNjv29hFYuIf7ocIJWnYn7cNxCbxp1ulsT0iWww==
Age: 86


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3838
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 04:18:38 GMT
Last-Modified: Tue, 30 Aug 2022 03:14:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +jQxJ8y0vzia3bLTXdyvoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.58.150
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TNghaKRPXdO8PrZcZuzGNpcdrHw=

                                        
                                            GET / HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34
X-DNS-Prefetch-Control: on
X-LiteSpeed-Tag: be7_HTTP.200
Link: <http://18moviesonline.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7etPqlSFd5ybviT5ByZ9IgIEzQd0TOv8wGwSWBWxOg77bGXkSgF%2Fgy6ZdA1kvpClD5afPkklnO2u71cBa1gwnLmW6xbHKamlq9TCVmPqYFij7YU25n8h47q%2F3w1kjes5flxUT%2Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9396f1b0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4796), with CRLF, LF line terminators
Size:   29241
Md5:    4938b92188f464f2a4ed9854666c6f7b
Sha1:   00d12132debc07076fac31e4f2e245eadac72c62
Sha256: 132810dfac82688bf23b9ab36e46c90591dffa928a172a2002794175ac442abd
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a4-d159"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh9AH5flhwRzURPxC7IeEA9IZUEZ%2Fxd4yXG9Oeuxjaob0ndwFAn54ZWW%2FkCD7m260TDxnfu9FXx6dzk4mzv6ajcpg8MhUggr4V3PYsIvOdkq3w%2Fjp1XyWDJSaWuSbOCLtXeHILA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9448c000b4d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (28088)
Size:   7565
Md5:    77f7806eebd61bc3b9894723d4042ab4
Sha1:   ad63f2ae1a697f8cbf18099b3aacd77ea0be8366
Sha256: cd9d24f509c654c796d7c1930fbd17f8ecd6a1ddb231c2954bb2a168ba8ea0ac
                                        
                                            GET /wp-content/themes/PsyPlay/assets/css/theme.main.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-eb96"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4682648
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSu1HJ2gD2NUuOjorTcoAK0OPLAedAZbMaBUikAHX5krdPJvM9PO1sBYotWGCFXJnvBMNDRWqvOsfdDjTLzAIJDbdtJCjChRrO3RdsDWWb6Za9PkFaX1YobOmciXPeTqnymOZFU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449c0c0b4d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (60310), with no line terminators
Size:   11987
Md5:    3583d0b34077d492b2cb60a4661202df
Sha1:   85de2ebb853f80f614f17edd60b78fc8e4ca4c2c
Sha256: 224b6381da7f1848f8448a299f24efab985c0d9f816d0b2168112a8bf58f9e4a
                                        
                                            GET /wp-content/themes/PsyPlay/assets/css/theme.style.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-2badb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjqXnEcikowZGOOYd%2FCuLQdT0YTHAzU1Yf3CEGFmUydKOZdWyU8YFQmQueI5H2nuyPCewFM8xGYw%2FAHfNOCpRmP0L3EmbjWsTlyD7W3NhA%2Fl1koZunL0tSJy1vpQdZ7EmYLPaJU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449e23b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   28137
Md5:    7c4081e6167c4b9995bfb9dde987fc73
Sha1:   5fdfde638d27053fc306b8c7791dbfaae927b129
Sha256: 4e44e7c8cd2c6315384df2a67ec5bb69fa4f3946de5504135a1d61095beef6c4
                                        
                                            GET /wp-content/plugins/wp-postratings/css/postratings-css.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-549"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4943805
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ND8UOdw6Ehx9YKVtPDPqARKKdV8Evd2lxucOT%2FwNuLdMWnz83mfjLaexLVbt06epNr7qkPEgGQSlfz5d4lgom%2BY3ODo7EHRkq7QmUbyFce7YO77h3OLuN9xJXD%2FkPGVDU49Cto%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449c84b529-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   405
Md5:    19c051b58f834f6da1003bdd92b7b7a9
Sha1:   5798259a84924eec28043fe338567dba38379b8c
Sha256: 38acac4bba0f15d09bb3c81a32182879d1a0d4d036d9a6d2bc6637e32595a5a7
                                        
                                            GET /wp-content/plugins/all-in-one-seo-pack-pro/css/admin-toolbar-menu.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-655"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4682648
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKwzyyF3LJ9SPcemD4EkokGpiTKcdn505PKe0AN0dA%2BIg3xNVllY7FWSvdhsp3DdZhYE%2BapC540uJB%2FJtnS4FFbn0CsHCrQjMUiQ6EUA310ZnloOUOMjlIzX17zEfRopEkmRb14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449f99b50b-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1354)
Size:   894
Md5:    d0388bed71398e7644d9151f4beda2bd
Sha1:   184f77065ef6ded61d10313618a553f418e792db
Sha256: 4dc45fbcf4ca42f7ff7bda4b124f807a01bd2b967ae094c547a858f66090efd7
                                        
                                            GET /wp-content/themes/PsyPlay-child/style.css HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
ETag: W/"62aa57a4-18d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 4679636
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBtj1p4u0Vc%2FPtvkvWy2qVkX30qNP%2F%2B7SwEMPYJI3kvZJNMR7sir6ibVSm5VCedqgTSDU0LmnPCKzP3erVmAq4MOED8JugCRCC6H5JMQrarmBXSjYSNt4yR3wMBbHoKHXUNdBjw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 742ab9449e2eb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   234
Md5:    a8c2177fea07344fa7a2d03bcd8aa5e3
Sha1:   1e42bfe60385ef0bc2156c6bc03f0981ae4a3091
Sha256: 0ff7cd88615a0f81dd7778a3cf2327799f673f1055dab262c1424ac984a09104
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a4-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4687179
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoLPF%2BRHaRTQsqm%2B0eoydVFkwA1RwDusgNyUexS1jfYPcBPjK4%2BzIIDUcFXye6c63QZoWtGL1itDlGCdDgUbtBRMdMQE%2BTLDW8TUJ9T1FgtWCt2USVGGnK5KCBt%2FbvUZrg8aS14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449c0f0b4d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4014
Md5:    6bec1f76b8e1794067a92462be219db2
Sha1:   9b3b02920957594dd64e09fd2cf057413cfd2347
Sha256: 17763f08cd4c81bf9dd2f9d301396df32cede70c9b267a82602af99e342d8680
                                        
                                            GET /wp-includes/js/jquery/jquery.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a4-17a69"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HAqDloqrQZYCxcA1AyVG%2Fb60gvLSDNhf6BqmAT8ch7y2678I%2FUiCEp4xj8YeTldgG0UTVF4Dq%2BKjtKVMRjLIuFMB7ocFnQw2753RWKhjV%2FTpL0lwVTAF46jSDceGSEylzE7EBU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab9449f791c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   33753
Md5:    bd62f6ccb070286e53b939e1a887eda3
Sha1:   f58899c44039fc98e15fbea7b8a59ce71d2eb5f8
Sha256: 0baca579f755c2dfc32730c397c364b5ef7bdd70bd71bcccf61198362e40efe3
                                        
                                            GET /wp-content/themes/PsyPlay/assets/js/jquery.lazyload.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-cd3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 5549577
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B2j2gjjhQVrfHA5OBzonITMosEgSqc1%2BkKIOrlg7p0I4fYxlB8UpaT6MFqDCfzIC1m4gzE5UGRwE6QixMH%2FDMmrXaW2zj5RGDDi84WPtE2JYNcJAp5FhtktczGCQP0AwagTojk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944ae2fb4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (658), with CRLF line terminators
Size:   1228
Md5:    9b0c8d96dae707ee1bc18481dc8bca46
Sha1:   8e496a65553c7d55883f38f2c065db3534d69ea8
Sha256: 58a0ea2c6261052bddddeca22627abfb1f922cfc19a69e5074e7ccd77ccbea73
                                        
                                            GET /wp-content/themes/PsyPlay/assets/js/jquery.cookie.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-7aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiOJ5qS0iWQPE5ouo0DCg7RCQwJwGglPdQbJPHJHHelXAOm7KGTCllpUZ2sznv7YqaYa4RKZl3G79INph%2BnGjAPp%2Bhb8kQcX%2FW2nV8kBFMU3%2FD%2BVpgY2ICjnRZFmhGt5xGu9BBs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944ac90b529-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   918
Md5:    cb666353fef7c05b9390900bc3a4ac15
Sha1:   23d615b142b2adbe21a631b813ab0a5be8e68731
Sha256: 663a93ca43df201da5a2cacc501efed3e5b1000dc7ef57b4c0e6da565f3cc96c
                                        
                                            GET /wp-content/themes/PsyPlay/assets/js/theme.script.min.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-f11"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4687179
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zL%2B3PoVi00FpV37GYc0FDx%2FfA1Zbv4vwf6NExYn%2FFdihia0OTcHmplPCcoenfVCNNdirESroqfKc2Vf2laVpn8wEQe9CggV%2F4JKrXUDIU8mc9WNbEZNEL11y%2FrePenHhsDxjNrQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944afa5b50b-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (598), with CRLF line terminators
Size:   1148
Md5:    15be45c7ec289f783ad29b31342ac724
Sha1:   12a77b326a7f5fffea41a05aec726fc7b846b5aa
Sha256: ce746cd80b160515df1cc38623b58a5ec7e8945c1cd50e981212bda0d73704ec
                                        
                                            GET /wp-includes/js/wp-embed.min.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18moviesonline.com/
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a4-592"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4687179
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZeBtvrFmE3shZm8WsgTiW3FvjlEDj9xZM7EmYpFWEE%2BzIdkdmCMYaFvdO4bSnksCKDwd8aUvAP%2FVX7RpmkvF%2BK2FH2tBMti8rE8uTztuE6RMQSMiXMkgl7BwWmVd3GX7%2Bq%2F5Wg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944bfb5b50b-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   765
Md5:    816ffffc506fe40a03e1fe7c2c0685b1
Sha1:   70ca097ce7bc9e42a88a94c3b301c575d1554b0a
Sha256: 6582d993a0daa051a4893a5581457719e380d7f8bbfd2f6750a562c761502032
                                        
                                            GET /wp-content/plugins/wp-postratings/js/postratings-js.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18moviesonline.com/
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-d01"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBCcQokFkFAQvDYCcu7jiIUPqUshHuqqUxV5pxixA1luIpy%2B1ObojN44yK1jkzKgvEuHgBlII555JpnF%2F7yQGRU08spHl4q%2Bk4jx5xjYUJzSCN%2BnENCC1UO6ve3MFASDIFElDc8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944bf8c1c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (516)
Size:   748
Md5:    acae986a2732d121ce97b2225f64245d
Sha1:   8664757204ae27eadcbd5360ccb151c6981496ce
Sha256: a8c514477fa59ea1cfef352ccb9cb126907dd18cfb21f3917f32a7776d1f65cd
                                        
                                            GET /wp-content/themes/PsyPlay/assets/js/bootstrap.min.js HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18moviesonline.com/
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
Vary: Accept-Encoding
ETag: W/"62aa57a3-8c75"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4344280
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16TFZttZ1J1cMuXlvNGrtyUaBpI6RbThy73Ai7z8Hrfx7XR4BU0KMa3CpkipmYwxTaHQbNhjgWA57tmeWu%2F1T2tipn5WBOs%2F43A98XtOREt57rSv5q9Xp8Zzhm1eMyD4E1teVJk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944be42b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32025), with CRLF line terminators
Size:   9519
Md5:    a63f6550e0f149fba3711d9f69bce20e
Sha1:   c06c1e25d6e05375e149116886cc866519208480
Sha256: 9a56a066c92c8584dd67fcbac9c5ee2d993cb1b05c484d94523a03690c49bbc9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jvmilksakpe.php HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18moviesonline.com/
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34
Cache-Control: max-age=120
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQC4l%2FgLjKMOYXzIgiHbUM3m7Ei7bVGsbPST7ke7%2FjHAypFAkgsDDPvG6rVEklDq%2Bex4wqDUE7G2HZ1gyZ6uW5Vkncnkva7AMXsKD3Utc7v6x6VNB48OsWYbtnfTYtrLyql2XGE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab944ae32b50f-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (10335)
Size:   10952
Md5:    89450f18da8043039d08e642d0bd99ff
Sha1:   3f97c72a26bd82c698301de3def4704d3a943bd4
Sha256: ed6fd611ce76d51bfeb9a7f34d0a583f85d94f7649d0bd4fa500f19dddd1415c
                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 16:04:39 GMT
expires: Tue, 29 Aug 2023 16:04:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 44040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29707
Md5:    f16500423cc2867eff8b773df637c48f
Sha1:   1cd32d75b59a89c3a70274e383151a61ce0594f4
Sha256: 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
                                        
                                            GET /jp.php?c=7484v2y2r256s2t2u284x2c4&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1 
Host: js.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.92
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: max-age=900
date: Tue, 30 Aug 2022 04:07:54 GMT
expires: Tue, 30 Aug 2022 04:22:54 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZUrluNsl9G0Eek_3xdQ6sK-xcKseX3v4dqh58JC62gmUtBmUU1HQtA==
age: 645
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65533)
Size:   93594
Md5:    23aa7bbab108454cd30ee9e3e5a718fc
Sha1:   6dc3b7bb2edda767a3029a13730ad56a30928e8a
Sha256: 173acc1c840570b70de266eb91e7045f8dea0fe8c67cbce4e5f2f9cc3d701907
                                        
                                            GET /R9CPZkB/film-roll-with-ink-stains-1017-6354-1.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 8648
last-modified: Sun, 02 Feb 2020 11:39:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 80, 8-bit colormap, non-interlaced\012- data
Size:   8648
Md5:    cb87b0fd23b44a2d4aa47af6602969f0
Sha1:   3bfc47a1eb1d9ea1e3d04a2879076a45e35e8291
Sha256: 26eb909c72129eadd39a74bd3c5db87131fe434344a36d29a282e02d67582eb5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/wp-postratings/images/stars_flat_png/rating_over.png HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18moviesonline.com/
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Content-Length: 358
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
ETag: "62aa57a3-166"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 1755430
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaLf20%2BEbyMWuurOjoZKwiuLoG%2BKKgmgWs17QD2Durq1jBaSAUYF%2B2ZX3LYKuHKBDgxWspZ1EOrAzX2n29Ptfbphr%2B7xDTWoN%2FmyWGTIeDnCYO4RNDP2yrwsXqkYQHPgEJ8vpro%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 742ab945b8101c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 17 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   358
Md5:    e86b549b40825a59f2259b154a7d262a
Sha1:   037669dee44cb98ff5e84c0126dbeacbcb2a5b65
Sha256: 218411d18ca268909d1d31f415b0af8edcb3181d20e295e525958622eb5043ee
                                        
                                            GET /wp-content/themes/PsyPlay/assets/css/img/mask-title.png HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/wp-content/themes/PsyPlay/assets/css/theme.main.css

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Content-Length: 972
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
ETag: "62aa57a3-3cc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 1755430
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTKVirCwNHJ9fm9XilSy0hPJlPhUKawfwl7xO%2F8QPWbbH2dJyDxjtb5VToGtbCNQCRSCTPSY68W4v1i8HCVxKWzdrGKWBdYNqA0Qom%2B7DMYO3YZOdUv9L6Vz9%2FYI0iKAf%2FiuLUc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 742ab94608371c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 1 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size:   972
Md5:    b96969041dd54e00a956cb540b536d22
Sha1:   e8a7c7914cfa11237a8b9b3ec2a33199841e7134
Sha256: 8760363f47c1b5e34f6ad0df1eb905162d0076e4a8d9f834aa951070cd963efc
                                        
                                            GET /wp-content/themes/PsyPlay/assets/css/img/buttons/btn-overlay-red.png HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Content-Length: 5770
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:23 GMT
ETag: "62aa57a3-168a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 2096614
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gzoCmkfP3jn1DyGez%2Brt29vxMSj1yPyYAIRIbDjxgnnyi5%2B2feT3oMk2JSKbehqwt3JeWzPxK%2BKhpFONez%2BHt8qXJCILaWXKFNQyNfIhs33EkIB2XmbFugTVp6S4jtbVRGMsbQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 742ab9461eeab4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced\012- data
Size:   5770
Md5:    dd7152724b79d7ab84e295f87587a1c1
Sha1:   e216040e2c48121cc383455f947bbc3f094e1f46
Sha256: 69494c81d59ce2f389d332a7708a47d13cf00697ce237e4ad09814138010a419
                                        
                                            GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/octet-stream; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 546441
expires: Sun, 20 Aug 2023 04:18:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqbBQuJ2%2B2i%2F0Ta2vf4T86zBgRtQq1HFKacPtp5lwQVoFTfL1tgbj04CR5HHJgFyijdsAiAIJ9Mmjx9WRIOWt427lzPYDigTUGfc6XSiROnx%2F2yYkP3JrzTkGWBVQgY%2FMY0TLTzk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 742ab9464d8d0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 20:27:05 GMT
Expires: Fri, 02 Sep 2022 20:27:04 GMT
Etag: "bf8bed047007a349d62ac56c334892e1d0cd816b"
Cache-Control: max-age=316704,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742ab9453c84b512-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 06:06:20 GMT
expires: Fri, 25 Aug 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 425539
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 21:09:40 GMT
expires: Tue, 29 Aug 2023 21:09:40 GMT
cache-control: public, max-age=31536000
age: 25739
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size:   9840
Md5:    afda6e429fd299054de28e1f157c683d
Sha1:   c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
Sha256: 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
                                        
                                            GET /js/jads.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.244
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 30 Aug 2022 04:18:39 GMT
Content-Length: 178
Connection: keep-alive
Location: jads2.js


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /fLTwxRwB/18moviesonline.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 8865
last-modified: Fri, 13 Mar 2020 16:33:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 374 x 98, 8-bit colormap, non-interlaced\012- data
Size:   8865
Md5:    c84ddbd2a457b8a38fa8404020fc6aca
Sha1:   ac1b9f91607a68f45c669b76dbfed640a3a496c4
Sha256: bae4f7924d3699d32605493d0ff6d99fadd6040fddb413b6c95a2353f9a6462a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /d1SY6QdW/ezgif-7-e071637cad9d.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 17611
last-modified: Fri, 04 Sep 2020 18:52:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 23x23, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   17611
Md5:    5772b78ea55eed98d8d7d2e91844e9aa
Sha1:   6a4cfadc52062544aa6ef82be21173b1d12e48cb
Sha256: 0b734e6807a8c50f546f3bababec86f0881471c86bf3f44f6da00140ae303004
                                        
                                            GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661832000 HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 30 Aug 2022 04:18:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
cache-control: max-age=14400, public
content-encoding: gzip
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgosSif82wM0nJ70uiOKHsQlQr8Bn8Z49ObAL5fXgqUJWQvsW3Q0gaIGGwncsy0QFK2VQZLX0pr4HJFJk4hqPUDOl6jaj6D8qqyKIxIL4w%2BxPW6d72GFbRWbhO8XkC3qdrLYXOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 742ab94708bb1c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (41657), with no line terminators
Size:   17156
Md5:    d48984ff961dc76ba2d048f922a121e0
Sha1:   86997a0d3992bf466232651bbbed2ca11bd37b22
Sha256: f2093d06f5a1b3b13c30d1651fbd28610fa18ac0fbaafcd8f4e726895ab4a2e4
                                        
                                            GET /ZnGtpBmm/ezgif-7-ca24204b01d2.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 19335
last-modified: Fri, 04 Sep 2020 18:43:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   19335
Md5:    3c70ef81651e6d81fa50a8d2bff7a2f3
Sha1:   f3ab717fc4583a1969225bb300e3fcc49f2dc928
Sha256: 7de43ea4d09ea9d0a3f1603d301ab072cf52dc2a6051380ae6344b80efbfa710
                                        
                                            GET /DwMgB33/ezgif-2-583442101f3c.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /N9zXhSm/ezgif-2-012401fb5265.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /PWJKBj1/ezgif-2-05a9cff9c2ec.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /pjp8TMq/ezgif-4-237a9c940ba9.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /pQFd2gf/ezgif-4-2f628c7e2396.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /64QLTKq/ezgif-4-1f0a8adc8dbf.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /GFvH85L/ezgif-4-094dc8e70483.jpg HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.3.236
HTTP/2 404 Not Found
content-type: image/png
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 1031
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size:   1031
Md5:    7325e2012a6cf941a6ea14f0061ff764
Sha1:   0d2ba63e280b979a98bc431bec8a7af985578769
Sha256: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
                                        
                                            GET /6QrCGx98/ezgif-5-1b83a1080c2f.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 21964
last-modified: Fri, 04 Sep 2020 18:32:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   21964
Md5:    a015ffc8fda8fcb050b324c15e183bc7
Sha1:   97bd4c5ab1b1cad9759ee56770a3104816eaef91
Sha256: 5a08bf4a09a9ecf304d5d003f4b7bb3835676bf773c4ecfa84cb5d9d8895ca1e
                                        
                                            GET /zXXD9Sdy/ezgif-7-2c46f7f9c230.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 20651
last-modified: Thu, 27 Aug 2020 22:01:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   20651
Md5:    f8017483f296b9ad91606ab13145a980
Sha1:   adb778d297a23d846c647d57dfe45f96906ac10f
Sha256: f6aa5effed7c4ebe3805efbc8686abf1598e00dfbc3fec87e06fb443177de6d0
                                        
                                            GET /NGzkH5qz/ezgif-7-51b11c8a861b.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 21725
last-modified: Thu, 27 Aug 2020 21:55:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   21725
Md5:    befad1755a3066c1d570915dda485fe5
Sha1:   f49aa3a47dbba9fcd607bf3e2c6ca2da9cfe1287
Sha256: 65e702c97fdfe7f3880df763d415f323507a80fad8f28a431b87ab8622ba8b1f
                                        
                                            GET /4xxYX1n7/ezgif-7-aa1b7565b892.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 15492
last-modified: Thu, 27 Aug 2020 21:47:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 103x103, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   15492
Md5:    44b257291e713284d75db6fdeb7390c5
Sha1:   5897072b3d42fe8c1345ea8a5d884e28ac6ca364
Sha256: 37d677e57c528965d3722bf632391bcf9876006a804b600ff68576ae10d1c51c
                                        
                                            GET /Z5J1NtHD/ezgif-7-f80fe5c5b3b8.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 13752
last-modified: Thu, 27 Aug 2020 21:19:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   13752
Md5:    150f0ba18a58e5d3b490974c0b9d1037
Sha1:   faaddd6e395e81e498d06eed82dfc21f632b823b
Sha256: d31287f5d305063560f3e4649141c2acdf7dde84e7a55935ba38f87fa71a08f7
                                        
                                            GET /LX1bkYRV/ezgif-6-bb3fa34b29da.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 20319
last-modified: Thu, 27 Aug 2020 20:37:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   20319
Md5:    1f2649ce2b54d7947e97bdb656114d2d
Sha1:   1172fd222b425fe40f3bd363ac33f5884f09ccf2
Sha256: 7baacfe922b35df12dc2af8f372e8524ddc64b5e72b426e5554c7d1e0cea5a24
                                        
                                            GET /C1bh6GzC/ezgif-7-6cee82d09a84.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 18411
last-modified: Fri, 21 Aug 2020 19:12:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   18411
Md5:    df24b90fbbccd8d603249a57d87e02dd
Sha1:   1ecc085debfc6c6b4b59ccdb48b6bd8e0550e63f
Sha256: bc4f204ab12b4afdaf86b6d3464a75b3a266553d995c05620548b59553dad635
                                        
                                            GET /RFp64Qvk/ezgif-7-41dff63a0e74.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 18912
last-modified: Fri, 21 Aug 2020 19:07:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   18912
Md5:    6008ff518eb76eb035348e02167a91b1
Sha1:   9afb440e702ad4293b3a152d885b255166870785
Sha256: 52d7a1276ce7bd42dcbb832402fe78070a79df564f97f0c28cca8be8cf5a953c
                                        
                                            GET /Xv2t8pjj/ezgif-7-b58489620873.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 10503
last-modified: Fri, 21 Aug 2020 19:00:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   10503
Md5:    3aea85140601af6ddee7c3a144c88818
Sha1:   8ba8263e30dff70174fe50fcdba3787b809c3bbc
Sha256: de3b111296980d2b561e109b8f8736f4172475b118b23da456ffcf0c6e0c3429
                                        
                                            GET /pTGzGM4M/ezgif-7-05c1b83584f9.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 19060
last-modified: Fri, 21 Aug 2020 18:53:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   19060
Md5:    edc5ffe8c7032870ac1370643daa1c81
Sha1:   726b4eaa5b7b44551e1c9f5f7001d448e8979ae2
Sha256: 1feaf331a27308717dc0c3ab033bdd0b551ac84bd383622b6a1d05dcc7428123
                                        
                                            GET /d0ZBT1xZ/ezgif-4-cc6275e10f20.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 11706
last-modified: Fri, 21 Aug 2020 18:42:56 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   11706
Md5:    3d353d6202b3f0673add64e58f82015c
Sha1:   a5ebd2d94f4a97005fec87098f719d4a7acec2bf
Sha256: d95a5450023dfd7c5b0455706e26381f8748e622416569f543a60bbe522d5a2f
                                        
                                            GET /V6PJGHZk/ezgif-4-5bcdfa13b3ee.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 15533
last-modified: Fri, 21 Aug 2020 18:31:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 20x20, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   15533
Md5:    ed74860ec761e34348c0004bd9818f5b
Sha1:   690aa00a8918dfb2196c16770a1f9c3d49972563
Sha256: bd85e94e75c2156b7a6bf4f2008d28a059e0afa138299e7e055ea481e699b852
                                        
                                            GET /y6J9gQYb/ezgif-2-9d763927f656.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 19745
last-modified: Fri, 21 Aug 2020 16:53:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 42x43, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   19745
Md5:    342e01d8a6b2351cb349805cad5b0977
Sha1:   32002f6a88c65d026fd08c3b39d8f20eb8ee4c83
Sha256: 16a055130e4a2512a04c4f8a483a8feaf747f7d7b5704463972fa7f67663a2ab
                                        
                                            GET /s2CFC0HG/ezgif-2-2626e35e7699.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 20521
last-modified: Fri, 21 Aug 2020 16:30:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 51x51, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   20521
Md5:    b39af3ce2b676286fa2a9a921d198f33
Sha1:   10786e158258f681042389787657e328c10ae6e5
Sha256: 6d4d163b3b740893ea8622c224087617652ed0a9f30e0a4dd6d3dfd8da696d44
                                        
                                            GET /3JPKcW31/ezgif-2-441ec513862a.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:39 GMT
content-length: 19166
last-modified: Fri, 21 Aug 2020 16:00:51 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 23x23, segment length 16, baseline, precision 8, 180x280, components 3\012- data
Size:   19166
Md5:    cb89139d97f3eef96de3693175f17628
Sha1:   ed5934d7ad5eeaeb2076d938bf2d6b40288a3bc8
Sha256: 489b5607c85a010205e0b49882c91401abb0dd239e6f7102b972c1461432c0dc
                                        
                                            GET /trade/in.php?p=default&ref=&rnd=71960041&rImg=1&refremote=none HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18moviesonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.191
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 30 Aug 2022 04:18:39 GMT
x-powered-by: PHP/7.2.34
set-cookie: 0bdfd=bm9yZWZ8fGRlZmF1bHR8MXwwfDB8bm9uZXwwOg%3D%3D; expires=Wed, 31-Aug-2022 04:18:39 GMT; Max-Age=86400; path=/ 0bdfdb=1661833119; expires=Wed, 30-Aug-2023 04:18:39 GMT; Max-Age=31536000; path=/
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
expires: Wed, 17 Sep 1975 21:32:10 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVn9V9XvSQM0aXBki%2Fn4XEPCGKSp%2FJ3niFYbTiutGJgZdEf54LcpcjwJd2p2VF3alVd4uMWkDXweTpuTaLH8sfaMhIrzWUEaNFEW9%2B%2FpmNCOFs5KEVc0953Pfnvk3Q%2F3mMGD0yU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 742ab9461aab0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   539
Md5:    63a168e40f0adf43970bd045c2181acb
Sha1:   96e12ad5c6f15d36dcaf78feadb2078e4bcc5c38
Sha256: 79071d90d513e9a9b1936431f5a237aa696f6cb133848b4b8153b5d9e85a21f9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Tue, 30 Aug 2022 04:59:28 GMT
Date: Tue, 30 Aug 2022 04:18:39 GMT
Connection: keep-alive

                                        
                                            GET /js/jads2.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18moviesonline.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 30 Aug 2022 04:18:39 GMT
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3758), with no line terminators
Size:   1719
Md5:    558e1b61fc513016183a3812938e79fb
Sha1:   5f72ea61a2aad8f7a0956321d3fd8524db70eddf
Sha256: a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Tue, 30 Aug 2022 04:59:28 GMT
Date: Tue, 30 Aug 2022 04:18:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Tue, 30 Aug 2022 04:59:28 GMT
Date: Tue, 30 Aug 2022 04:18:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff37b469c-f421-49b0-a778-5d9f306fc0f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7857
x-amzn-requestid: 96575bdd-f7ee-41d6-9910-11b23ecdffae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS9XGnuIAMFY4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31ee-4ddf4ae12949e9a54ca4451a;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 02pYhbHSjxX4oDE2yKgp4jAcyCSIb18jqCjgmM7zAuBIQEJ3wCAHrw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:45:02 GMT
age: 23617
etag: "0dc2fe5c678604d652736fad2c35d25ef230f0bb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7857
Md5:    897ed8aa9508f6de39577ca199313234
Sha1:   0dc2fe5c678604d652736fad2c35d25ef230f0bb
Sha256: bdc7aa3219f9dbc801c3ab0d37db8d0eac7f341ab0e29799552ef8e56657be4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e4295fe-5e6e-40a4-9f7e-9340c03b3065.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4372
x-amzn-requestid: 884d80b1-8b3a-434d-a952-812f336c5483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xjdk8FbKoAMFkhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630adc85-6718189246dd0e2622725ce2;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 03:09:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0JPhORolzHTgb-iCK5CR-F4BmXFh3fH-ukZfv6WeY8oIpr43v08aZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 03:30:49 GMT
age: 2870
etag: "b1e9f80c96c970088fe91cc91b15adb942738b22"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4372
Md5:    d9e7fdb4be1dea111cc40589f893d9e3
Sha1:   b1e9f80c96c970088fe91cc91b15adb942738b22
Sha256: f77659cbb228c9a8839c0fbac717217b35fe10670b1df3f6f5a348770f6a2445
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F675cb20c-3520-450e-8675-bbd6c0e3e748.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5733
x-amzn-requestid: 72dcc1aa-e42c-44dc-8b09-5e00906c8394
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWtFa6IAMFRjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c4-485f64c83f3dc73228055543;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PaJd5EOdrzMsVcOVAGAsfHt-aNFs86x5CeTGVARt69hlSckNFg4BUg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 07:28:30 GMT
age: 75010
etag: "ab749337ba81b541ae6bd3915ec6a24405ca2cce"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5733
Md5:    eab2b5d1b63b755d005e174c7794dbb4
Sha1:   ab749337ba81b541ae6bd3915ec6a24405ca2cce
Sha256: 0fe904e954da500515ce00cbfe0419765be09f35c97da925e56fa8ac2796db8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc42e8a81-604e-4bdb-a8b6-941f5e8a1994.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5481
x-amzn-requestid: 48f5ffb6-ec8b-4ed1-9770-817a6268c201
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpScdFYWoAMF7Rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d311c-0079d9fc40b1867a0a99fa40;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:35:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RU_cp1ALbzx0IsKeWOto2RMXajgqe01TSIboGKDg3D77iZPl07tRwg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:45:07 GMT
age: 23613
etag: "f74eef445ba6359556c2c8f3b50d8b30419804f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5481
Md5:    121d188023c918ae6c78845dfc516788
Sha1:   f74eef445ba6359556c2c8f3b50d8b30419804f0
Sha256: 27e27ec46c60fbb6458e3e5d9dad2f11329ee91c541459926ec3bd77bb61a5d7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5925
x-amzn-requestid: fa7479ef-c5db-45ce-a973-a8831df14931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS-ZFH1IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31f5-1a9b0a43065d731b4cc61ed3;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:39:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DBxGjmVUCTjHUrOzLWp37FwLUUo_5CykjgxAeCAaw1TlodWSmbnCrA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:45:06 GMT
age: 23614
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5925
Md5:    91310bc1fb5ae0efa502a9bafe046399
Sha1:   ec2a4baf0a21c1738a541d89756cccd6f3bef5fd
Sha256: 5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7BEBB454503B9AE73C793FC704BCED8D00B8D54DD7022CAFE4D34E197AC5180E"
Last-Modified: Sun, 28 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3776
Expires: Tue, 30 Aug 2022 05:21:36 GMT
Date: Tue, 30 Aug 2022 04:18:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73ad1303-593f-4686-a008-e98e7683aea3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12112
x-amzn-requestid: 49d81186-839e-472d-b313-fcc79d7ee489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxjVHKMoAMFZnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2fae-421052fe08ff07625dd1b20c;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:17:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8aixkSfKD1ERCYyYRaUQK5ze7kqOhXPeN5QwAsc6L6RWJrMdmC7GFQ==
via: 1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 04:49:19 GMT
age: 84561
etag: "bd7353bd695cd36484b87a61ffb986b1ab77f871"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12112
Md5:    78327fbd1b146eb7f43bcfd6af2bbf37
Sha1:   bd7353bd695cd36484b87a61ffb986b1ab77f871
Sha256: 30fbc5180f09e9b61f80759dd15da7465bf1e94a865aee8c21148470b5406fb0
                                        
                                            GET /wp-content/uploads/2020/03/favicon.ico HTTP/1.1 
Host: 18moviesonline.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/

                                         
                                         104.21.69.191
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 30 Aug 2022 04:18:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 22:05:24 GMT
ETag: W/"62aa57a4-3c2e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 6496915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c5cRaWGhgFxLoktPkieVud55Ga8UvKQOymhTvGUfK2JqKIgK25f%2BT3dKMzTDfKNpTVju0Qvc%2F9PMjTDv0QLfZv8%2FfQbFvzsLgwgp%2BD0oHFdu%2F4HEwhwaMu1KmthFbTo1Q7p9kU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 742ab94879711c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   5765
Md5:    c83761be2c54f5c47fb3b9257892e2b3
Sha1:   174506167d4650a49be9d84979bcf761ff39fe13
Sha256: b8b646d6f206f1c8f4758587c1b61789617387c3b72273d7051f334b916e9e73
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 30 Aug 2022 02:41:12 GMT
expires: Tue, 30 Aug 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 5848
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4A907690BC844DAF34DE2E2769D57C447ED905E4CC915A97BE8027BEE1D7B29D"
Last-Modified: Sun, 28 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7527
Expires: Tue, 30 Aug 2022 06:24:07 GMT
Date: Tue, 30 Aug 2022 04:18:40 GMT
Connection: keep-alive

                                        
                                            GET /npc/sdk/wp-banners.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:40 GMT
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 30 Aug 2022 04:23:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:40 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 20:27:05 GMT
Expires: Fri, 02 Sep 2022 20:27:04 GMT
Etag: "bf8bed047007a349d62ac56c334892e1d0cd816b"
Cache-Control: max-age=316703,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742ab9460c171c0a-OSL

                                        
                                            GET /adshow.php?adzone=876380 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.94.236.244
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 30 Aug 2022 04:18:40 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=bc20631c3f998d23685e97955c7ac67c; expires=Wed, 30-Aug-2023 04:18:40 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 02-Sep-2022 04:18:40 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 02-Sep-2022 04:18:40 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1591), with CRLF, LF line terminators
Size:   1800
Md5:    da8cd21124b1b34fbcec2e1f88c8528c
Sha1:   acce05b932920169fc3d78f743d163c85c091670
Sha256: e8c0f32d2246cf2ea68ed5aa182b2271eb4be917ccef4b85a861d1117c3b982f
                                        
                                            GET /3b3fb9cd009e9a10b720658f2a94b6b3/17830?version_name=b HTTP/1.1 
Host: c02c34ce7c.a83dab28b3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 30 Aug 2022 04:18:40 GMT
server: nginx/1.18.0
cache-control: max-age=300
expires: Tue, 30 Aug 2022 04:23:40 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   2300
Md5:    19e9ac09ddbe0334c12a603fe7889e55
Sha1:   853e772b5a629d9de2271be43506c795df247630
Sha256: b5cc60265cc5bfc9d696d7838c3dc66effb33d3255bc4bbcf12695b7641b988d
                                        
                                            GET /ads/user22416/ad1767577-1645025079.jpg HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://poweredby.jads.co/

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 30 Aug 2022 04:18:40 GMT
Connection: Keep-Alive
ETag: "1645025079"
Cache-Control: max-age=14728037
Content-Length: 55399
Last-Modified: Wed, 16 Feb 2022 15:24:39 GMT
Accept-Ranges: bytes
X-HW: 1661833120.dop213.sk1.t,1661833120.cds225.sk1.c


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=250, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x250, components 3\012- data
Size:   55399
Md5:    c3348fbaa05f8e7e87c6852295108c29
Sha1:   6c34181d01614498abee447e37c765e7e0b614fa
Sha256: 801475bc7efdfb518e6e583539f7f2e75707e3ba043d9d0d27e1e682cb96c860
                                        
                                            GET /adshow.php?adzone=992973 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18moviesonline.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.94.236.244
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 30 Aug 2022 04:18:41 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=bc20631c3f998d23685e97955c7ac67c; expires=Wed, 30-Aug-2023 04:18:40 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co imps20210=1; expires=Wed, 31-Aug-2022 04:18:40 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YToxOntpOjc4NTU3ODtpOjE2NjIwOTIzMjA7fQ%3D%3D; expires=Fri, 02-Sep-2022 04:18:40 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 02-Sep-2022 04:18:40 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1591), with CRLF, LF line terminators
Size:   1841
Md5:    ae16c805f410806b5ae5511f4e7839a5
Sha1:   0155740200a647c4c1aaff971b029c5e319dfa48
Sha256: 4c6c626e348f6e87ff8e20b5c25cb7cf813478ce8e094945481dc0ba2857375a
                                        
                                            GET /network/user93954/20210-1564688499-0368498001564688499.jpg HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://poweredby.jads.co/

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: Keep-Alive
ETag: "1564688499"
Cache-Control: max-age=24623453
Content-Length: 192769
Last-Modified: Thu, 01 Aug 2019 19:41:39 GMT
Accept-Ranges: bytes
X-HW: 1661833121.dop213.sk1.t,1661833121.cds211.sk1.c


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Copyright 2018 Girlvanic Studios. All rights reserved. (www.girlvanic.com)], baseline, precision 8, 900x250, components 3\012- data
Size:   192769
Md5:    5cf50a3307c32a19c8cb3aee62de2e7a
Sha1:   fee62361cba13e8d15f176eb14f7ef733811b28c
Sha256: f81e1bfab9f2b14623b55022aa59dcb9cc2b359b8c68236c3d137a94d7b13941
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39AAB2883611F152524CA126FE4FCDCEB170124ECBD282BE04AD91700C2E84BB"
Last-Modified: Mon, 29 Aug 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10652
Expires: Tue, 30 Aug 2022 07:16:13 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            GET /tags?tag_id=17830&timezone_olson=UTC&version_name=b HTTP/1.1 
Host: notification.tubecup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.200.36
HTTP/2 204 No Content
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:41 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /fp?tag_id=17830 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://18moviesonline.com/
Origin: http://18moviesonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.85.6
HTTP/1.1 204 No Content
                                        
Server: nginx/1.20.1
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://18moviesonline.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "06BAF9297D638058476D91E79AA860C5073EEFDCB6B0B9ED0403B8769B897D65"
Last-Modified: Sun, 28 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10834
Expires: Tue, 30 Aug 2022 07:19:15 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            POST /fp?tag_id=17830 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22268
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.85.6
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Tue, 30 Aug 2022 04:18:41 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://18moviesonline.com
Set-Cookie: id=4942220314287095852; Expires=Wed, 30 Aug 2023 04:18:41 GMT; Secure; SameSite=None
Vary: Origin

                                        
                                            GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTA2NDk1NzQ1NzIwOTc4NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjQuMCIsInRhZ19pZCI6MTc4MzAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4yOSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ1hYWCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDZm9yJTJDRnJlZSUyQzE4JTJDbW92aWVzJTJDb25saW5lJTJDeHh4JTJDZW5nbGlzaCUyQ21vdmllJTJDa29yZWFuJTJDYWR1bHQlMkNmdWxsJTJDbW92aWVzJTJDMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDSEQlMkNGcmVlJTJDb24lMkNhbnl0aW1lJTJDWFhYJTJDRW5nbGlzaCUyQ01vdmllJTJDZm9yJTJDWW91JTJDQWxzbyUyQ2hhdmUlMkNjb2xsZWN0aW9uJTJDb2YlMkNhc2lhbiUyQ2tvcmVhbiUyQ2FkdWx0JTJDZnJlZSUyQ3NleCUyQ21vdmllcyUyQzcyMHAuJTIwIn0= HTTP/1.1 
Host: 42dde33601.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
                                        
date: Tue, 30 Aug 2022 04:18:41 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "86BD9B1F88589E58C97E55B7B33F474AD64B66B058C1EC306E0796184B43F71B"
Last-Modified: Mon, 29 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5903
Expires: Tue, 30 Aug 2022 05:57:04 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7A71D89019D687789F56176F301F7CD8A6674431371CE9FDA6CA6A8065B3066F"
Last-Modified: Mon, 29 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11301
Expires: Tue, 30 Aug 2022 07:27:02 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7A71D89019D687789F56176F301F7CD8A6674431371CE9FDA6CA6A8065B3066F"
Last-Modified: Mon, 29 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11301
Expires: Tue, 30 Aug 2022 07:27:02 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            GET /in/dip?site=native-push&wl=1&event_id=6f2d992e-5d1f-40e1-9a01-5cd9651fc3c8&subid=2024909678&sid=4142734311&spot_id=13935&created_at=2022-08-30&timezone=0&ver=7.1.0&is_native=1 HTTP/1.1 
Host: nereserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            GET /in/dip?site=native-push&wl=1&event_id=611b5eb5-55e2-4724-9602-d9275065c5bc&subid=364701775&sid=1190706370&spot_id=13933&created_at=2022-08-30&timezone=0&ver=7.1.0&is_native=1 HTTP/1.1 
Host: nereserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /in/multy HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://18moviesonline.com/
Origin: http://18moviesonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 204 No Content
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:41 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /in/multy HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://18moviesonline.com/
Origin: http://18moviesonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 204 No Content
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:41 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B435AE1BA1C8B6658BF72648F32E74621699A72EF817D38181636BAB00F48AB6"
Last-Modified: Mon, 29 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7080
Expires: Tue, 30 Aug 2022 06:16:41 GMT
Date: Tue, 30 Aug 2022 04:18:41 GMT
Connection: keep-alive

                                        
                                            GET /banner/in/show/?mid=1153032860&pid=0&site=31423&sc=NO&usage_type=DCH&subid=1678560121&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=18moviesonline.com&hostname=auc-banner-hz-0&site_id=0&spot_id=31423&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=82&ml=&ttl=&space_id=1497&banner_width=728&banner_height=90&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D31423%26source%3D1678560121%26idzone%3D0%26w%3D728%26h%3D90%26mo%3D%26ve%3D%26site_id%3D31423%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D18%252CMovies%252COnline%252CWatch%252CXXX%252CFull%252CPorn%252CMovies%252COnline%252Cfor%252CFree%252C18%252Cmovies%252Conline%252Cxxx%252Cenglish%252Cmovie%252Ckorean%252Cadult%252Cfull%252Cmovies%252C18%252CMovies%252COnline%252CWatch%252CFull%252CPorn%252CMovies%252COnline%252CHD%252CFree%252Con%252Canytime%252CXXX%252CEnglish%252CMovie%252Cfor%252CYou%252CAlso%252Chave%252Ccollection%252Cof%252Casian%252Ckorean%252Cadult%252Cfree%252Csex%252Cmovies%252C720p.%2520%26spot_id%3D31423%26p%3Dhttp%253A%252F%252F18moviesonline.com%252F%26katds_labels%3D%26btype%3D0%26score%3D82&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=18%2CMovies%2COnline%2CWatch%2CXXX%2CFull%2CPorn%2CMovies%2COnline%2Cfor%2CFree%2C18%2Cmovies%2Conline%2Cxxx%2Cenglish%2Cmovie%2Ckorean%2Cadult%2Cfull%2Cmovies%2C18%2CMovies%2COnline%2CWatch%2CFull%2CPorn%2CMovies%2COnline%2CHD%2CFree%2Con%2Canytime%2CXXX%2CEnglish%2CMovie%2Cfor%2CYou%2CAlso%2Chave%2Ccollection%2Cof%2Casian%2Ckorean%2Cadult%2Cfree%2Csex%2Cmovies%2C720p.%20&stratagem= HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7ImlkIjoxNDk3LCJzcGFjZWlkIjoxNDk3LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ1hYWCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDZm9yJTJDRnJlZSUyQzE4JTJDbW92aWVzJTJDb25saW5lJTJDeHh4JTJDZW5nbGlzaCUyQ21vdmllJTJDa29yZWFuJTJDYWR1bHQlMkNmdWxsJTJDbW92aWVzJTJDMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDSEQlMkNGcmVlJTJDb24lMkNhbnl0aW1lJTJDWFhYJTJDRW5nbGlzaCUyQ01vdmllJTJDZm9yJTJDWW91JTJDQWxzbyUyQ2hhdmUlMkNjb2xsZWN0aW9uJTJDb2YlMkNhc2lhbiUyQ2tvcmVhbiUyQ2FkdWx0JTJDZnJlZSUyQ3NleCUyQ21vdmllcyUyQzcyMHAuJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTY3ODU2MDEyMSIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjMxNDIzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjoyNzEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3Ijo3MjgsImgiOjkwfX1dLCJzaXRlIjp7ImlkIjoiMzE0MjMiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHA6Ly8xOG1vdmllc29ubGluZS5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4In0sImV4dCI6eyJkdCI6MTY2MTgzMzEyMTU2Mn19
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         162.55.139.130
HTTP/2 302 Found
                                        
server: nginx/1.16.0
date: Tue, 30 Aug 2022 04:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=31423&source=1678560121&idzone=0&w=728&h=90&mo=&ve=&site_id=31423&utm1=&utm2=&utm3=&utm4=&ad_tags=18%2CMovies%2COnline%2CWatch%2CXXX%2CFull%2CPorn%2CMovies%2COnline%2Cfor%2CFree%2C18%2Cmovies%2Conline%2Cxxx%2Cenglish%2Cmovie%2Ckorean%2Cadult%2Cfull%2Cmovies%2C18%2CMovies%2COnline%2CWatch%2CFull%2CPorn%2CMovies%2COnline%2CHD%2CFree%2Con%2Canytime%2CXXX%2CEnglish%2CMovie%2Cfor%2CYou%2CAlso%2Chave%2Ccollection%2Cof%2Casian%2Ckorean%2Cadult%2Cfree%2Csex%2Cmovies%2C720p.%20&spot_id=31423&p=http%3A%2F%2F18moviesonline.com%2F&katds_labels=&btype=0&score=82
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-157961127-1&cid=1962814962.1661833120&jid=1013835949&gjid=734992325&_gid=1541300339.1661833120&_u=IEBAAAAAAAAAAC~&z=1192903968 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://18moviesonline.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Aug 2022 04:18:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CF5FA03197576CCE46D2C245CEA69C4A75FE875B53E5139B1080B710D4D4DFED"
Last-Modified: Mon, 29 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10979
Expires: Tue, 30 Aug 2022 07:21:41 GMT
Date: Tue, 30 Aug 2022 04:18:42 GMT
Connection: keep-alive

                                        
                                            GET /banner-admanager/build.m.js HTTP/1.1 
Host: js.cabnnr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:41 GMT
server: nginx/1.18.0
last-modified: Fri, 12 Aug 2022 13:00:56 GMT
etag: W/"62f64f08-b06e"
content-encoding: gzip
expires: Tue, 30 Aug 2022 04:23:41 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15791
Md5:    4e186ce70df40ce67d15056e5bccd84b
Sha1:   29facfcbbb50c53856e8d7e49585304929565782
Sha256: 53afc5abbcce516d261d026e8054ce485e974fa7bbad6e674f5778a48b5143cb
                                        
                                            GET /in/912/?sid=31423&source=1678560121&idzone=0&w=728&h=90&mo=&ve=&site_id=31423&utm1=&utm2=&utm3=&utm4=&ad_tags=18%2CMovies%2COnline%2CWatch%2CXXX%2CFull%2CPorn%2CMovies%2COnline%2Cfor%2CFree%2C18%2Cmovies%2Conline%2Cxxx%2Cenglish%2Cmovie%2Ckorean%2Cadult%2Cfull%2Cmovies%2C18%2CMovies%2COnline%2CWatch%2CFull%2CPorn%2CMovies%2COnline%2CHD%2CFree%2Con%2Canytime%2CXXX%2CEnglish%2CMovie%2Cfor%2CYou%2CAlso%2Chave%2Ccollection%2Cof%2Casian%2Ckorean%2Cadult%2Cfree%2Csex%2Cmovies%2C720p.%20&spot_id=31423&p=http%3A%2F%2F18moviesonline.com%2F&katds_labels=&btype=0&score=82 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.163.116
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Tue, 30 Aug 2022 04:18:41 GMT
content-length: 0
location: https://tsyndicate.com/iframes2/f14122f97f4140778246cec4715af3ba.html?subid=1678560121&categories=18,Movies,Online,Watch,XXX,Full,Porn,Movies,Online,for,Free,18,movies,online,xxx,english,movie,korean,adult,full,movies,18,Movies,Online,Watch,Full,Porn,Movies,Online,HD,Free,on,anytime,XXX,English,Movie,for,You,Also,have,collection,of,asian,korean,adult,free,sex,movies,720p.
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Wed, 31 Aug 2022 04:18:42 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 27 Aug 2022 15:56:18 GMT
Expires: Sat, 03 Sep 2022 15:56:17 GMT
Etag: "12c773b544ba42a3243065fd1ff30ed18a77ff55"
Cache-Control: max-age=386854,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742ab956cc901c0a-OSL

                                        
                                            GET /images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=7c440a2a-d9a7-4602-bf7a-9a100bc443b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         8.254.252.211
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 12212
last-modified: Thu, 01 Oct 2020 09:38:06 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"5f75a37e-3006"
age: 6922240
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Size:   12212
Md5:    bb76a290485b121f5331b09740d97cfb
Sha1:   08fc1fe3657dbe31c3cc0f429122b9257e67e866
Sha256: 7de96778a5221eb3d170f5f227aae0c81150a12388cc375145bea3b0b9c87ea5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 04:18:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 27 Aug 2022 15:56:18 GMT
Expires: Sat, 03 Sep 2022 15:56:17 GMT
Etag: "12c773b544ba42a3243065fd1ff30ed18a77ff55"
Cache-Control: max-age=386854,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742ab956bfe8b512-OSL

                                        
                                            GET /iframes2/f14122f97f4140778246cec4715af3ba.html?subid=1678560121&categories=18,Movies,Online,Watch,XXX,Full,Porn,Movies,Online,for,Free,18,movies,online,xxx,english,movie,korean,adult,full,movies,18,Movies,Online,Watch,Full,Porn,Movies,Online,HD,Free,on,anytime,XXX,English,Movie,for,You,Also,have,collection,of,asian,korean,adult,free,sex,movies,720p. HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbrennab.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         148.251.19.25
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:42 GMT
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/3/2/8da6b6b6f811e69664002590c57f96/main.jpg>; rel=preload; as=image
x-request-id: b70342379ad02c51
set-cookie: ts_uid=7c440a2a-d9a7-4602-bf7a-9a100bc443b1; expires=Thu, 02 Mar 2023 04:18:42 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3689)
Size:   5948
Md5:    6b9aca9e2d54a7135c5e92e382821086
Sha1:   30162c1e92f91523e783e0ea5938ddb8627c2e6d
Sha256: bd1bd21faaf9c1901727955f0457ce51858938eb97d422f6a1bf210459c421a5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B976A011D802CAC929F4CEFE221374B674711FEBE4C7FE6DE3D9290137A95DD4"
Last-Modified: Sun, 28 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11201
Expires: Tue, 30 Aug 2022 07:25:23 GMT
Date: Tue, 30 Aug 2022 04:18:42 GMT
Connection: keep-alive

                                        
                                            GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUgUEGxwwYMnK0ECPDhpgWNGDQIDMSBg4YLcLUiEEGhpkyZWisNCPi4Rwxacgo1LFFRAwbN3DUsAEjhowYIro8DFNnTEYzN26MwRlD5JgbMGqgzFpmZA6kLWSEscHUBg0zNcjUENMTIhk7C288hFOHLsOQeiHCgUOxa44ZPuFM1JEypFIaD8e0IaxDxssZFe3yrIxYhBg3biiyxWGjcxs3GBnOkCEDxt7TqWPQiBEDx8M6cthQlFHjxlKHIurIyIiGDh04c3S8eHFHogs2adyseTEG-pg1P8b0KJNHCZokat7MYDJEiR3wb_A00ZNlThI3QdI8UeMkB5c6MEDaqJ7metAedcCBBxptkHEFFUngMIQcVhwxRBZv2HHDGnHAIcYcSyCxBhJ3nAHFEHnIsYQbeKiBxhpBlLEGEWvMQMUYVCyBBRszmiHDF1oEsYQcd7ShxhlhPcEGDGPQMMUaUyyBAxLjrSFEEzmMEcUZX8DhhBNimJHEFHnoIQccNnxxRhVJECFFFWnURcYbbWQkBx1iyFEGaGGI4cIYbNY1RhiLbQGDVJ5tBoML-QEnhx2UPXVbHWnqIIJWOsEQhlotkJFDGDegxJQMI2EVRguXxpCfGEXSMIMYUD2UBmUi5BCDCzkMSoMMLjREQ11yfLFqRq7CKiutttZVRxgZNfGGHmmwwUYYL9RAKAgoYEHbDiAwEV0deICAB2lfuEXtoTqcRWgKIBxRxnVvvNCaqE01BYIRachpRnoviAuDnlY56sQTdb2R6xj5irBvXWwEXIQTapZhxxdy6sZQb0nNYMNLrokgxxmhVVYDDoEdtHCcC-Fgmwgef9HGG2QsZJkNmZEhxxsLdfbGUDLs9TIeeSwEmcVlbDaQccgp98Kbcc7pRp13svlCXXMc6uYbdPDpbwt1uJEGHS0c5QIZwz1ERsAHfcF1XXS0yRBbtc2AGWsWtTHc2Sx7tDZrok5FBsNlzAHHF3yKFrfaTtWs0cJhsIEQHUNtMQMNgNa5GMk9U8XGRHsVvFDFY6QGQx8KBAQ%3D&s=98f6853bb64b24e5a57172c80ef19f6e696898c5660f86580662853371b4808b1661833122&w=t&r=1&d=7&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=7c440a2a-d9a7-4602-bf7a-9a100bc443b1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         136.243.69.157
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            POST /in/multy HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1007
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 10281
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (10278), with no line terminators
Size:   10281
Md5:    576964b52c793f94bf4493f06d0937e1
Sha1:   84ccfdcf8f70cf5b130b918bc6389cb0d601aec4
Sha256: 623ea8d764db7aea20185ee038db8eb502153718ccc636c840853a9ae64365ac

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /in/multy HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1006
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 7102
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (7096), with no line terminators
Size:   7102
Md5:    ebd2d162f5bf110cd8489a33f94c23ec
Sha1:   4064458a759ef179f009e05f14622cb0ed498563
Sha256: 856aa46e6c1af806904bec3a03a0ddbc8035ef698c2bdf1b354831304a31a3e1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7ImlkIjoxNDk3LCJzcGFjZWlkIjoxNDk3LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ1hYWCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDZm9yJTJDRnJlZSUyQzE4JTJDbW92aWVzJTJDb25saW5lJTJDeHh4JTJDZW5nbGlzaCUyQ21vdmllJTJDa29yZWFuJTJDYWR1bHQlMkNmdWxsJTJDbW92aWVzJTJDMTglMkNNb3ZpZXMlMkNPbmxpbmUlMkNXYXRjaCUyQ0Z1bGwlMkNQb3JuJTJDTW92aWVzJTJDT25saW5lJTJDSEQlMkNGcmVlJTJDb24lMkNhbnl0aW1lJTJDWFhYJTJDRW5nbGlzaCUyQ01vdmllJTJDZm9yJTJDWW91JTJDQWxzbyUyQ2hhdmUlMkNjb2xsZWN0aW9uJTJDb2YlMkNhc2lhbiUyQ2tvcmVhbiUyQ2FkdWx0JTJDZnJlZSUyQ3NleCUyQ21vdmllcyUyQzcyMHAuJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTY3ODU2MDEyMSIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjMxNDIzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjoyNzEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3Ijo3MjgsImgiOjkwfX1dLCJzaXRlIjp7ImlkIjoiMzE0MjMiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHA6Ly8xOG1vdmllc29ubGluZS5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4In0sImV4dCI6eyJkdCI6MTY2MTgzMzEyMTU2Mn19 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         162.55.139.130
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.16.0
date: Tue, 30 Aug 2022 04:18:41 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2124)
Size:   1216
Md5:    e39c088a23f9ab8b804c19efc99ad98a
Sha1:   a07603909463c9cc2ee3e1de37effd16105b2204
Sha256: 07c7e9ecb8b03adaa457c494d990f9a32058ff066bbdee6a980ca3b3ef6891c0
                                        
                                            GET /in/show/?mid=436005800&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2024909678&sid=4142734311&cid=10263&price=0&is_cpm=1&cpm=0.99&ecpm=0.693&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=7.1.0&ver_c=&refdom=18moviesonline.com&hostname=auc-inpage-hz-0-c&site_id=3113935&spot_id=13935&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-08-30&is_native=3&auction_queue=0&burl=DD5LqkXb2qi-phQyRewNfYFMtqei32HTdvYnxCrUOMFiHn3qCrybHg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3113935&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop-ext&uniq=&exp=&resp_type=&iabcat=IAB3&min_cpm=0.010532198371204638&placement_type_id=7&skin_test=0&verify_hash=a87b2cade0d3cdc943d783256dbba429&score=82.53181349321994&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2024909678%26spot_id%3D13935%26is_adult%3D1%26p%3Dhttp%253A%252F%252F18moviesonline.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&pop_type=1&space_id=1886&verify_hash=a87b2cade0d3cdc943d783256dbba429&real_bid=0.693&skin_id=2&vertical_id=0&stratagem=&accel=&gyr=&iabcat=IAB3&v2_track=0&url=DLdOmZo51jUlUY8pdaC3K8IXBvdeC6JdbOFUxcxU2PKDjLLir7CX2aBkBccNwGc40Y1IBUGgsmxZ10IcIrL3tnWaSk5Du7kg689qwQkghGslDrSlj0YdYNIRRCq4hCwMZ93XwRMk5BfKBH7dUUP7-0n8eRmxggCu1zrAtaLFMq8iUa2m0A&pop_price=0.0006929999999999999&pop_real_bid=0.0006929999999999999&pop_ecpm=0.01154771784232365&auc_type=1&pr=&user_keywords=&device_theme=light&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=42be2a5d-5828-4f8b-a62e-085528a57e6d HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /in/show/?mid=436005800&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=2024909678&sid=4142734311&cid=2315&price=0.016080000139772895&is_cpm=0&cpm=0&ecpm=0.031030432803076057&crid=&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=7.1.0&ver_c=&refdom=18moviesonline.com&hostname=auc-inpage-hz-0-c&site_id=3113935&spot_id=13935&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1661919522&created_at=2022-08-30&is_native=1&auction_queue=0&burl=aj0daekKAaUIHh-Ke5y_Sq9KQdSp2EpImFzTlLQoccQwbEy_XoqMmA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7313935&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB3&min_cpm=0.001742448079187993&placement_type_id=&skin_test=0&verify_hash=b6555b967297e8689190b4f848ab7e85&score=82.53181349321994&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2024909678%26spot_id%3D13935%26is_adult%3D1%26p%3Dhttp%253A%252F%252F18moviesonline.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&v2_track=0&url=GcVxOE5yYBQsfSaOIdVFTrS-SpG7AMyRX5Fz01A9DnqhYXHbOQovzNocRDKDqddliB46OGetuAaJoSoG0vLnDPrBJVzolxiJnIgloAVvLsZReGx6XgPy_XLgH16w3FmPxJB2F4KxC9Z8tXML5wd6w-ug2LTOk9twjWOick-ujG7vJCuiltfCFQkmLjhQwCl3a3jiLCxunM5K189re7iyaq1oCsZIHdaM2X8Mp4gfLba1KMyLCuocPVGR4WFRHhQQe_kCDYohFfJb3lzUx_rJPENdZa3qIGSHPU2eLupf6srck02oKNYewxKDFjBaBokLCTWky1Rf6NOk3pC6o0P79HtFgcM9PxuwUn8GnIDEkyPoqGGMlmCOmAYrwUyGohc3KeagT6VVDxHECwZe6cqAMf_W-pW-0ThJ9rxWHZAZURLUoqOpFa5RTW0FMbZv3O3mcsPUxsCPX0fSow3Di3MD0bn8qlX4qGDyjSYN_sqLO1PuHsVXmQq5VUCDUSEnOaRyHERaWosOlvf5pnqs3yiPnBl12eFqZ070Lcjy5Zj5-CeX5aJIIZqRr-ANwSmOB4uWd-vkNgas7O5bPMf1LoDLjhghQhuvybq0L_rnxPXbEv4b02nRj-8ILZIgjfLhGWV4Y2rzs47Un6d-QryMqPbcvnd_-AuTNWzYSQG52AjZTrIakvq-KA1mw1vF6SLxiQBv1YZXwtUv331KHooYTkbMrwyhadHsvSST3DGmsL-WmMjAKSIWmztayj7Ur8VQik_sD3kBMlM5x-L3djOCHT-wFHJcc29E-pQOizOazPfIHc6HPi2HmRpzbN4Ear6lCGetfIYbO3_ClmjplRtp4gG18NBjwyJMhA1TSc9oJ36USBzWANeksnR01b7cd-locY1KcBlUeudq6AyOywMZpS45XB7y7PHbHL5oNB49Snb0D4J_lMA9k-bG_GIowwQLZCBSpf_V3SwKRvDj01_0FLYLd__wSNGo6-AYYP78502HJVSXo8UP7SbmNn4tOqOp7Uo1FCIqv5u7VpW_qxrBLFVLodOAulFP35BcePtmSzYV2O7sOgr_tGn7W69Efsn7tzvlgKeCZ-cDQY5E_YHKxUVjD3TXUJC7HCU&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.011256000097841026&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&format=default-slide-b_r-body&cpa=ee1dbde5-9460-4b51-b772-3019f09c6506 HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s.viifixi.com/n/738/pbiesytebfyvualhpv5fsy2imzvqa7k6azsh272umnac7fqgwnrtumrmoibgqhrxmmve4xafm56h2vldmdujqk3jtsgllf5wt2xypk2tbbefciqgvvhdsoayr6z5ne6i4tgjfalahdm4xzfaj4m3favhsfscrycy3a4rqyozrojus6kojfkfeoejdwq444adrblqcvcshbewsmvgodfwaupqkvmkqshirfpp6su42jooyu7gikuthpmss5rz26kd4xuxdpbta4dfmwvvphzmt7dvqezurmsko3t2s3h2hf3nsm2v65fadcdz42hzfylk2jl73fwl7b53yuzzxnudcay4b7ufecljldx6ugoxnhpusyh2pjlqo2yn3eyifxvfz2uipk5ny5ekwmd6izfwcufyeda2a5tytqi25qjhe7ugwyrmof6xh6iivlvrmd6envuus2jskzhuxelpwbldl2slnhvfitnlmpkphg6th7bwuotapn7fonqzmjs2qstksjk2mtgjkn46iujz6fvp5oxqjkqvhmvy5u43s2xp3duo2y6sprkvdkcn4qym4s2kyfknts7eubh4cnsx75hzj3u3rspz74dlrjjjxwup76akxlohwzuoqusfp5igistdmeghuwad6zfeu===?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /in/show/?mid=216517454&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=364701775&sid=1190706370&cid=2129&price=0.001476&is_cpm=0&cpm=0&ecpm=0.019136260134693158&crid=&crtid=c90b6754a35f1fb475b39801d710ceff&tcid=0&out_id=1&ver=7.1.0&ver_c=&refdom=18moviesonline.com&hostname=auc-inpage-hz-2&site_id=3113933&spot_id=13933&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-08-30&is_native=2&auction_queue=0&burl=SN0oevN1UrGWzpc7WT9veqqw9bDWCtgJp2RRf3-pqH2NLCNdkYFDFg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3113933&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB3&min_cpm=0.01107375957055146&placement_type_id=&skin_test=0&verify_hash=1642619a6740e759da152c2ce10dc8f5&score=70.00986544587552&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D364701775%26spot_id%3D13933%26is_adult%3D1%26p%3Dhttp%253A%252F%252F18moviesonline.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.001476&v2_track=0&url=fPqYn1l4qrR_LiM-PBXmP_WweXMDaMMzeQMaqmCmA9YL3NZ8IGdAoYVIIYsHBn9HpRBSf15tcPlAJiEqugWHAdE74VBpsXInynO4xqc9qGsyLs83LWmDKwTbau8KAXzWS_rzAfoJAX_9FbcTKn7k0SVNaL83JqLGba84cICsU0oy0q6bDA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FMX%2FMX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp&skin_id=4&vertical_id=0&real_bid=0.00109224&pr=&user_keywords=&auc_type=1&aid=357&ext_cid=0&device_theme=light&mlc=1&format=social-scale-b_r-body&mlf=1&cpa=c3c6dfd8-b2f7-42a1-baa8-211383858574 HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "483D5E26C8E20ED6A94F046198783C5DD05A537043D5EE2D2AAC2C01DE82881A"
Last-Modified: Mon, 29 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=909
Expires: Tue, 30 Aug 2022 04:33:51 GMT
Date: Tue, 30 Aug 2022 04:18:42 GMT
Connection: keep-alive

                                        
                                            GET /in/show/?mid=216517454&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=364701775&sid=1190706370&cid=13261&price=0.012276&is_cpm=0&cpm=0&ecpm=0.051752665411662305&crid=&crtid=d2f7a0199f498657f70e72b1320cab88&tcid=0&out_id=0&ver=7.1.0&ver_c=&refdom=18moviesonline.com&hostname=auc-inpage-hz-2&site_id=3113933&spot_id=13933&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1661905122&created_at=2022-08-30&is_native=1&auction_queue=0&burl=RCBnVgUGK8Nt-tI3wpRW7TltfI4z_zOJKYpeTTVLsy6Fz-PtK1VeZQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7313933&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB3&min_cpm=0.0038617384190241955&placement_type_id=&skin_test=0&verify_hash=a7344a392e50697ed70f4e696a260f4b&score=70.00986544587552&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D364701775%26spot_id%3D13933%26is_adult%3D1%26p%3Dhttp%253A%252F%252F18moviesonline.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=b&original_bid=0.012276&v2_track=0&url=x-qaD1BvbPGm6K6Ws71YV5-Dm2UC4jfwYiKPvChnxgdSwuED5MC0XPvRV8kPMy-xzhoNP_a-0bokmFqukYeYZ18YtWi4i3ogNYoZQMjXXFXjy807OeqAZ6-mrWSGVjwSPO5P7gsKfxNMCnaRlzoQ29l5cqodIM1gIN3gKwszZBNJLLGBm7pYd71x6vo03q6pqzdMOxQuMZkBJ9jVYHIcD6s49bTgwdpELc0JeHvsAxurqL0yeejfNLv0I4uIBKAfpFibyT8Vzoo3YDOTQyiMDuAmAQezTPc0sOM6M7nF9r6mUwTFFZ7KmdIN7yPXhIZE3dH8GyIr3Q&image_url=https%3A%2F%2Fcdn.adx1.com%2Fa693033273249985389c33b0cc8f4083.png&skin_id=4&vertical_id=5&real_bid=0.00847044&pr=&user_keywords=&auc_type=1&aid=3251&ext_cid=0&device_theme=light&format=social-scale-b_r-body&cpa=cd215e11-8f08-452c-b05e-fe245fb6ef5b HTTP/1.1 
Host: 9da504bc9f.c2e6bd3f02.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         168.119.25.22
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1661833121903-7-3674-1168096-df3c5362-3fb6-91d4-8b86-d84e501ff001&img=https%3A%2F%2Fcdn.adx1.com%2F00b3859f169c1f25fe3762d4dcf43edb.jpeg
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp HTTP/1.1 
Host: i.cdnkimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.37
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 30 Aug 2022 04:18:42 GMT
content-length: 10348
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Tue, 13 Sep 2022 04:18:42 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10348
Md5:    68329d624a42af6145117bed5c9a2f03
Sha1:   4439b8d8b7e2dc706b5e9a417852bf16e6eb17dd
Sha256: ede7a9f931abc7e53d07dbf4a82e992cfc38ebb280158f7fa4d12d00cab03bc6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E1E74BD246542C6D3ED9282C40508D46A00FC827A7169956A6F235C931FD9A7C"
Last-Modified: Sat, 27 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7738
Expires: Tue, 30 Aug 2022 06:27:41 GMT
Date: Tue, 30 Aug 2022 04:18:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F10F74B130EECBEFFB15035E47CAE22AFF9F34293BF0673CF8A33774ADA494A5"
Last-Modified: Tue, 30 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10888
Expires: Tue, 30 Aug 2022 07:20:11 GMT
Date: Tue, 30 Aug 2022 04:18:43 GMT
Connection: keep-alive

                                        
                                            GET /n/738/pbiesytebfyvualhpv5fsy2imzvqa7k6azsh272umnac7fqgwnrtumrmoibgqhrxmmve4xafm56h2vldmdujqk3jtsgllf5wt2xypk2tbbefciqgvvhdsoayr6z5ne6i4tgjfalahdm4xzfaj4m3favhsfscrycy3a4rqyozrojus6kojfkfeoejdwq444adrblqcvcshbewsmvgodfwaupqkvmkqshirfpp6su42jooyu7gikuthpmss5rz26kd4xuxdpbta4dfmwvvphzmt7dvqezurmsko3t2s3h2hf3nsm2v65fadcdz42hzfylk2jl73fwl7b53yuzzxnudcay4b7ufecljldx6ugoxnhpusyh2pjlqo2yn3eyifxvfz2uipk5ny5ekwmd6izfwcufyeda2a5tytqi25qjhe7ugwyrmof6xh6iivlvrmd6envuus2jskzhuxelpwbldl2slnhvfitnlmpkphg6th7bwuotapn7fonqzmjs2qstksjk2mtgjkn46iujz6fvp5oxqjkqvhmvy5u43s2xp3duo2y6sprkvdkcn4qym4s2kyfknts7eubh4cnsx75hzj3u3rspz74dlrjjjxwup76akxlohwzuoqusfp5igistdmeghuwad6zfeu===?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp HTTP/1.1 
Host: s.viifixi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.135
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 0
location: https://i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2

                                        
                                            GET /creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6.webp HTTP/1.1 
Host: static.bookmsg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.197.136
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 3134
last-modified: Tue, 24 Nov 2020 14:21:29 GMT
etag: "5fbd16e9-c3e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 301x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3134
Md5:    5e6fb1c8a975e3baa674a9697b007da8
Sha1:   2c4003068a1135f2eb4e6b9949e87d56f155967f
Sha256: 8cc4d376a19da509b7fdbb3a430ed1abbfca0b4faef8fd3ed0eec237705037f2
                                        
                                            GET /auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp HTTP/1.1 
Host: i.cdnkimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.37
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 7712
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Tue, 13 Sep 2022 04:18:43 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7712
Md5:    311dea4d14f115d233335c6e836384b4
Sha1:   8b92a31d5f07440ea67469f1b2827fe1bde271e4
Sha256: 8136f9d883af8abb2895a1c5946063fc41ed4b3a7f7226ffe2f49e49a3d0c961
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DE88742DB599DE85D10368F0A1208FB45789FD944592283FC78FCD0AC30A60D0"
Last-Modified: Sat, 27 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1043
Expires: Tue, 30 Aug 2022 04:36:06 GMT
Date: Tue, 30 Aug 2022 04:18:43 GMT
Connection: keep-alive

                                        
                                            GET /creatives/MX/MX_e33ed81fe11cd40462a8712c0fcf41e2d96a71d6_icon.webp HTTP/1.1 
Host: static.bookmsg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18moviesonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.197.136
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx/1.18.0
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 916
last-modified: Tue, 24 Nov 2020 14:21:29 GMT
etag: "5fbd16e9-394"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   916
Md5:    b39c6c47b61ba2b139286e67b72ed383
Sha1:   76ebb8bf79b05d9b8e7ac97c60584a5bf9a1b889
Sha256: 5161fac4a00a3e6f521940f1cd1a0fe91af77a3f5118c367c09a13e3c4af2a86
                                        
                                            GET /a693033273249985389c33b0cc8f4083.png HTTP/1.1 
Host: cdn.adx1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         149.11.201.98
HTTP/2 200 OK
content-type: image/png
                                        
server: openresty/1.15.8.3
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 67895
last-modified: Sat, 06 Aug 2022 12:04:01 GMT
etag: "62ee58b1-10937"
expires: Thu, 08 Sep 2022 07:28:59 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 492 x 328, 8-bit colormap, non-interlaced\012- data
Size:   67895
Md5:    78ec85945c7f450009e0e7bc5bf07c6d
Sha1:   0d3f85573e406a6ab2dc26755268db92bd8b2898
Sha256: deabbbe9b58a504f025953fddf31c1aae8c0690e106c93da92afbae0630b0bd0
                                        
                                            GET /metrics/save.img?event=impressions&bid-id=v2-1661833121903-7-3674-1168096-df3c5362-3fb6-91d4-8b86-d84e501ff001&img=https%3A%2F%2Fcdn.adx1.com%2F00b3859f169c1f25fe3762d4dcf43edb.jpeg HTTP/1.1 
Host: eu.doctorpost.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         38.100.129.67
HTTP/2 302 Found
                                        
server: openresty/1.15.8.3
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 0
location: https://cdn.adx1.com/00b3859f169c1f25fe3762d4dcf43edb.jpeg
X-Firefox-Spdy: h2

                                        
                                            GET /00b3859f169c1f25fe3762d4dcf43edb.jpeg HTTP/1.1 
Host: cdn.adx1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         149.11.201.98
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty/1.15.8.3
date: Tue, 30 Aug 2022 04:18:43 GMT
content-length: 43450
last-modified: Sat, 06 Aug 2022 12:04:01 GMT
etag: "62ee58b1-a9ba"
expires: Thu, 08 Sep 2022 07:28:59 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   43450
Md5:    607ea56b37f3c18a964627f2b18116b5
Sha1:   22aacdcea57d1d4bf8d263273e43940ac78c0c88
Sha256: c73ff2b7018cb7bec66667d83cc346f1f3a1851d384a191f267553c75dbb2862
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8909
x-amzn-requestid: 2c4357d3-5c22-465a-a65a-e281d87c5305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZGYEIAMFeZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-36b5010a793ab9c87182a895;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8Y_vhVVN4ltujX0JD9syknRodfnH2Pwdzh2CulT7iDXvH9xCgkG5wA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 07:33:49 GMT
age: 74697
etag: "143f7bb98f57f8e6189e73e75a9fc93d29548962"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8909
Md5:    feb433a0823cccb81dc4c5fa13ba4ed2
Sha1:   143f7bb98f57f8e6189e73e75a9fc93d29548962
Sha256: 09a5ddc32918b441b6d3ce3eed211d674d3844db6770e06bb3fecb86cc85771a
                                        
                                            GET /13dbbbebb53c451f85159681c360f6fe.js HTTP/1.1 
Host: c02c34ce7c.a83dab28b3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://18moviesonline.com
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:40 GMT
server: nginx/1.18.0
last-modified: Mon, 29 Aug 2022 10:25:53 GMT
etag: W/"630c9431-15357"
content-encoding: gzip
expires: Tue, 30 Aug 2022 04:23:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Oswald|Montserrat:400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 04:18:39 GMT
date: Tue, 30 Aug 2022 04:18:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a2da3c032f6d98067501425cd75953a9.js HTTP/1.1 
Host: c02c34ce7c.a83dab28b3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:41 GMT
server: nginx/1.18.0
last-modified: Wed, 24 Aug 2022 13:54:19 GMT
etag: W/"63062d8b-40f4a"
content-encoding: gzip
expires: Tue, 30 Aug 2022 04:23:41 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /34c5cd96ba9b40f0b5dc85c917a74a46.js HTTP/1.1 
Host: c02c34ce7c.a83dab28b3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18moviesonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 30 Aug 2022 04:18:41 GMT
server: nginx/1.18.0
last-modified: Mon, 29 Aug 2022 10:45:16 GMT
etag: W/"630c98bc-d180"
content-encoding: gzip
expires: Tue, 30 Aug 2022 04:23:41 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---