18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
104.21.235.33301 Moved Permanently 0 B URL HTTP/1.1 18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
IP 104.21.235.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/young-aunt-3-co-gi-tre-chung-3- HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 13:11:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Dec 2022 14:11:55 GMT
Location: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Server-Timing: cf-q-config;dur=6.9999987317715e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJvFwLxUbRu76HxcAtPju89sCnW2X%2Bc6M7ylu8mq0gleOEH73H%2BZNLwgxmrMQxgenUnqaNkX84R6a9VeHUFx11dcZ5ISIUTVx4yvEsnLxT5dv24ki2K3%2BpXvXczing%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77344fac8d137326-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 13:11:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6595
Cache-Control: max-age=169755
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:55 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:21:10 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7681
Expires: Fri, 02 Dec 2022 15:19:56 GMT
Date: Fri, 02 Dec 2022 13:11:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 12:19:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3119
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ANULuujFhCsUMKfDokaJCN1q4UXZUNuc6aoiQePJDXRyRPaObOSIZNxnNBWTKUm45cPMFZ+rKvU=
x-amz-request-id: NPBJSKHZ5D11RGWX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 12:46:07 GMT
age: 1548
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a4b8ad385dedf0aba53035515dd5af25
c4cd8ef92f55b89b2b7868e3bcdb82f600bcd700
9a5871d001a026a4914c7feb0074346ba12916af2236a8017c9e7bb261c58fd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129648
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Etag: "6389510c-118"
Expires: Sun, 04 Dec 2022 01:12:44 GMT
Last-Modified: Fri, 02 Dec 2022 01:12:44 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a4b8ad385dedf0aba53035515dd5af25
c4cd8ef92f55b89b2b7868e3bcdb82f600bcd700
9a5871d001a026a4914c7feb0074346ba12916af2236a8017c9e7bb261c58fd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=129648
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Etag: "6389510c-118"
Expires: Sun, 04 Dec 2022 01:12:44 GMT
Last-Modified: Fri, 02 Dec 2022 01:12:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
104.21.235.34200 OK 8.9 kB URL HTTP/2 18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
IP 104.21.235.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2545), with CRLF, LF line terminators
Hash 56798fd0bc76e9ffd65ab861e801e695
d5e22fe60c2a89bda18f366fd003e2ad36b7cdbd
74cebc42447a5c06b4a7d54e8c9aa76674dfce21706248bac09b3858aadd224c
GET /watch/young-aunt-3-co-gi-tre-chung-3- HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBX05hKItzUwAzZTglElV0%2BCyGdpNMjsBdReqW0vaoq%2Fl2LDMDBc05AE0xxxnoQ1d996Fxne6%2BZ62PpQBwMpmOWB2HrcxQRbCjzWMqDD3YHuLFneQ5nYhUDGuPeRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb04aa371da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ed3a6d341a858f44e17dcf25b498c97b
f1a5d87d7dca15d9018771eecf4bf5b5fdd5abb0
7bb1c63b4ec991f9c76848aeeff9465c6ee8d07272801690eaff83dc77f94dfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BB1C63B4EC991F9C76848AEEFF9465C6EE8D07272801690EAFF83DC77F94DFD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17325
Expires: Fri, 02 Dec 2022 18:00:41 GMT
Date: Fri, 02 Dec 2022 13:11:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ninjastream.to/watch/Ng9QnBwE6QVKb
45.141.58.32200 OK 4.5 kB URL HTTP/1.1 ninjastream.to/watch/Ng9QnBwE6QVKb
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5241)
Hash 394c5e663862391922e57b8a93cff568
f393d88f75c0ea30b4832f447d0ee1bdff818d7c
6809917aa5fad7475b86a4d24542eb83ff0891aa35b48afb4dbef0d507b64030
GET /watch/Ng9QnBwE6QVKb HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.15
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; expires=Fri, 02-Dec-2022 15:11:56 GMT; Max-Age=7200; path=/; secure; samesite=none
ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D; expires=Fri, 02-Dec-2022 15:11:56 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Content-Encoding: gzip
fonts.googleapis.com/css?family=Arimo%3A400%2C700%7CDroid+Serif%3A400%2C700%7COpen+Sans%3A600%2C700&ver=5.5.3
142.250.74.106200 OK 9.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Arimo%3A400%2C700%7CDroid+Serif%3A400%2C700%7COpen+Sans%3A600%2C700&ver=5.5.3
IP 142.250.74.106:0
Hash 1f432fb2c7f52eb50d38e70489d56fca
ed7eb4394c8c08e2f766160791ff3ec32bc899f6
a4c3647777cf68c653241356311626e4af5a126e198b788acb35f13d8c081a1a
GET /css?family=Arimo%3A400%2C700%7CDroid+Serif%3A400%2C700%7COpen+Sans%3A600%2C700&ver=5.5.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 13:11:56 GMT
date: Fri, 02 Dec 2022 13:11:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 41
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ninjastream.to/videojs-plus/videojs-plus.css
45.141.58.32200 OK 11 kB URL HTTP/1.1 ninjastream.to/videojs-plus/videojs-plus.css
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (7368)
Hash 3b50d36de8d697843cdf0dd25bdcd56c
bd35a4741b76facba2562d05ce438c128d6ae366
a0958ecaca048b442e4900cc590f71a8ee04fadc4459af0ff76450d81846b4f6
GET /videojs-plus/videojs-plus.css HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 18:06:55 GMT
ETag: W/"6079d23f-99ce"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
1.bp.blogspot.com/-pBkIy9A1gEE/YOUjXNE3saI/AAAAAAAAAAQ/oVy0Gd7wx6YrmKkIM8KKunroDQYHOadBgCLcBGAsYHQ/s475/logo.jpg
142.250.74.161200 OK 6.9 kB URL HTTP/2 1.bp.blogspot.com/-pBkIy9A1gEE/YOUjXNE3saI/AAAAAAAAAAQ/oVy0Gd7wx6YrmKkIM8KKunroDQYHOadBgCLcBGAsYHQ/s475/logo.jpg
IP 142.250.74.161:0
File type PNG image data, 475 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1cfaf0f0d6cf0d3273e53c9b2507e772
381570415485effdda4091fb3239c622d47ff0e6
6623a912f4967c5635a12cf8e779ae87ebbfd484a300e0926f2c87a78bb7255a
GET /-pBkIy9A1gEE/YOUjXNE3saI/AAAAAAAAAAQ/oVy0Gd7wx6YrmKkIM8KKunroDQYHOadBgCLcBGAsYHQ/s475/logo.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="logo.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6889
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:11:56 GMT
expires: Fri, 25 Nov 2022 00:04:21 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ae01e9c9ce33c4ea869985f4fcfe506a
a84241a9245bd6e1aec944a0cae885b23f1e9a89
673565e0b32ac1e9480c51249b0a09ff58146a6f3aaed0ae2da35414010719e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ae01e9c9ce33c4ea869985f4fcfe506a
a84241a9245bd6e1aec944a0cae885b23f1e9a89
673565e0b32ac1e9480c51249b0a09ff58146a6f3aaed0ae2da35414010719e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=G-BNGW6L3J0E
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BNGW6L3J0E
IP 142.250.74.40:0
File type ASCII text, with very long lines (22462)
Hash 974ef523fd141b993a40c76263475010
1e89ebc419c714d5af584fd4e256ff78e46f3db9
920e5b633fb26b593a09a19116632eeffb259e831928e9efb861492edcab922c
GET /gtag/js?id=G-BNGW6L3J0E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:11:56 GMT
expires: Fri, 02 Dec 2022 13:11:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77826
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LffbWcbAAAAAFt-RKdFNiYD_F24wum1z2kwreeR
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LffbWcbAAAAAFt-RKdFNiYD_F24wum1z2kwreeR
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash f7213dfda61f807c83a3a442b1a1495d
da47d414828dfb09e64e8f1083375fc2fb9cd331
36d1ffa568233f869753144eb421b07cc83c2e3f0e09ef5ccca7d3a4648618d2
GET /recaptcha/api.js?render=6LffbWcbAAAAAFt-RKdFNiYD_F24wum1z2kwreeR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 02 Dec 2022 13:11:56 GMT
date: Fri, 02 Dec 2022 13:11:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-175515999-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-175515999-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash a16295aaa97e3d9ee1b265da8d1cfa04
240f77f2e73cfbbd3b490ae280af9a14822d9c6e
243b0ddaaa5787c67d8742f0ad2b6138dded91ad7a286ca66cf9f15ea130ab76
GET /gtag/js?id=UA-175515999-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:11:56 GMT
expires: Fri, 02 Dec 2022 13:11:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ninjastream.to/videojs-plus/plugins/subtitles/style.css
45.141.58.32200 OK 244 B URL HTTP/1.1 ninjastream.to/videojs-plus/plugins/subtitles/style.css
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
Hash 5dbed91fb4747c21b2e1d1e8e0fc652e
cead04658da24a40e3e6c157e82915a31e0daa39
e739bb81805dfffd8f592069910e1e93370bfbf66997f78b4f6a6ea1975ac3ad
GET /videojs-plus/plugins/subtitles/style.css HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 01:11:10 GMT
ETag: W/"6078e42e-274"
Content-Encoding: gzip
ninjastream.to/videojs-plus/plugins/chromecast/style.css
45.141.58.32200 OK 564 B URL HTTP/1.1 ninjastream.to/videojs-plus/plugins/chromecast/style.css
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (1932)
Hash 9554f0cf0e2500ce23ce22a39b92f6ff
25f157157f52777a7d2aa13fc2cb60e8a21884f2
b1f1965b2d45b0ea643853ca44b3c3859ac1b8a0124018e579a5499ddaf61526
GET /videojs-plus/plugins/chromecast/style.css HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 May 2021 21:52:45 GMT
ETag: W/"609859ad-78d"
Content-Encoding: gzip
ninjastream.to/js/manifest.js?id=40c2d5f3fcd584aa2799
45.141.58.32200 OK 1.1 kB URL HTTP/1.1 ninjastream.to/js/manifest.js?id=40c2d5f3fcd584aa2799
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (2256), with no line terminators
Hash 1806a8ceb4a991135f73c362e69eedc7
7b8f99f622a9a03ea8f2bc1cafbc029ed4b21f3f
a939d7f7c0a0696861e4aa87cec081768c0c8af33f2d565acfa8fa900907fb5b
GET /js/manifest.js?id=40c2d5f3fcd584aa2799 HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Apr 2021 03:03:47 GMT
ETag: W/"607cf313-8d0"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ae01e9c9ce33c4ea869985f4fcfe506a
a84241a9245bd6e1aec944a0cae885b23f1e9a89
673565e0b32ac1e9480c51249b0a09ff58146a6f3aaed0ae2da35414010719e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6535
Cache-Control: max-age=108461
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:56 GMT
Etag: "6388e4c2-118"
Expires: Sat, 03 Dec 2022 19:19:37 GMT
Last-Modified: Thu, 01 Dec 2022 17:30:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
18korea.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.21.235.34200 OK 48 kB URL HTTP/2 18korea.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.21.235.34:0
Hash 49e3ce9f038507ce81324d43e28129e4
011e50b41c0d23fcdcfec912967c8d8f5741d982
ad01653f60a016a6e7bc7d8d0b160d3aaa83ccbbd2f5f240af498d7dcf2026f0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzY%2Bvz0OckkScoEra4gbbwIHXyr%2BLLeXj7KE%2FG%2F8gpiCf45YA0NmLbJ63Qc3jU0xHjqMuB8LXv2jmz5BEQRFbf%2Ffg3K2ztOsqxMk09uyLbzj4tHAtZihI3jUWzyz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fb19ca071da-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 04 Dec 2022 13:11:56 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.js
151.101.194.114200 OK 37 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.js
IP 151.101.194.114:0
File type ASCII text, with very long lines (65143)
Hash f345ce8f190da2477d308758296a5bf0
f0cc5931d315331902f46e24214a072d4d7e3fdf
1aa3c41e2873ad70d8fe31f1eea745cdc25ab6493ec7422309102889287cf8f8
GET /player/v/8.18.4/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 15 Jan 2021 21:39:07 GMT
etag: "6505a92df4a2368b1b7d5e34d60a1240"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 13:11:56 GMT
via: 1.1 varnish
age: 134222
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669986717.941269,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 37354
X-Firefox-Spdy: h2
ninjastream.to/css/app.css?id=05d6f9ead44ec2fda7e8
45.141.58.32200 OK 35 kB URL HTTP/1.1 ninjastream.to/css/app.css?id=05d6f9ead44ec2fda7e8
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (65262)
Hash 1a21374b4ef15907ac307dd6c091d551
f564d4f2580419538380f9e21dc0659490a08b28
1e3ce1cbfeb4b0d4cdf61f588c40df2dbaa6b3da580714060d4400ef73fdd14b
GET /css/app.css?id=05d6f9ead44ec2fda7e8 HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 30 Jun 2021 12:34:12 GMT
ETag: W/"60dc64c4-3930f"
Content-Encoding: gzip
ninjastream.to/js/lib.js?id=08a4644732538fbccb68
45.141.58.32200 OK 10 kB URL HTTP/1.1 ninjastream.to/js/lib.js?id=08a4644732538fbccb68
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type HTML document, ASCII text, with very long lines (35900), with no line terminators
Hash 3cc3fd13f7977da4856e5a1fedb26467
1fec972746a74420712217269ef9b234c0da58c6
6a7bcb845bff536fc29fcc342cd9c4fc6381af8f25e49dde2761d0afefa92b7a
GET /js/lib.js?id=08a4644732538fbccb68 HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Sep 2021 00:30:04 GMT
ETag: W/"614e6d8c-8c3c"
Content-Encoding: gzip
cdn.jsdelivr.net/npm/videojs-seek-buttons@1.6.0/dist/videojs-seek-buttons.css
104.16.86.20200 OK 659 B URL HTTP/2 cdn.jsdelivr.net/npm/videojs-seek-buttons@1.6.0/dist/videojs-seek-buttons.css
IP 104.16.86.20:0
File type ASCII text, with very long lines (2978)
Hash b90b64692ee002528e15235af4e08b34
ca03a2663b6bb082b65a0df716c8eb7c21e8b74c
16c847af367d456f447eaa16e5f49060d55ece9a4ccafb1b6fb535771b8aceb1
GET /npm/videojs-seek-buttons@1.6.0/dist/videojs-seek-buttons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.6.0
x-jsd-version-type: version
etag: W/"be7-n+MIWMDkRCcpCpdRpp4vdpUVX18"
x-served-by: cache-fra19175-FRA, cache-itm18834-ITM
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9955634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muUHNYUlliOqc%2B3iOD%2BqRsY5heV1JSPPZQfxRW2dyDtyQDzMKBfTaLIUCXkvxbAM65CakW%2BL8S9zedy91GqmQDiMl9lLuM4M9pm8UBTbXQqLAxA21EZGTxLH6%2FI32JVaXRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb4dac5b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js
104.16.86.20200 OK 8.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js
IP 104.16.86.20:0
File type ASCII text, with very long lines (26814)
Hash 7c7e2e1402814cc41070b12f1ac400f7
51dabf6bdb46f2ff3127ccca97e56f886cd373d4
646bc6d5c7db3564f0afdc1b35df9e6eaf7499995997764e3dcc9b23b48c185f
GET /npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
x-served-by: cache-fra19148-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 39968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79iUXQtVh5ZYMsIZAXaNMQ%2BNtDJu%2Bx%2FpPrd79HMQSxGitN0BsSy1%2BWH0xkx6F187NiHmRBVcWQ2r8v9lNQqm1esd%2FCIXbSnHBYp5WXwrLrOQG3sOdbJE%2F20diFjXueXMZ2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb4dac4b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js
104.16.86.20200 OK 41 kB URL HTTP/2 cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js
IP 104.16.86.20:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d4ce05453d1ddd2d8ae4deb32f51ec82
f6e8a6724f35dd3d4c787fb36cef4d196c8409e0
ccff50e85d3a4b7989e3f86b3b62208ecd756c3b8b67edd9f68f035e16a10ea0
GET /npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk"
x-served-by: cache-fra19137-FRA, cache-yyz4538-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOUo0dju3iVCJ4fsmos2X9n%2FqcMkMMP%2BduHdnrGcK0bIVuKBtaLrAqb%2FEMn8drFX5t4tNwExGLLJwjYKIPa8OPohhTG1PkgAzuqKjG4rcCFjIEQ37OzMFEgxoYmMxlSi5HI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb52b31b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ninjastream.to/js/provider.hlsjs.js
45.141.58.32200 OK 87 kB URL HTTP/1.1 ninjastream.to/js/provider.hlsjs.js
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 864f9c1048a0ae85ff84b50a922b50c4
15c276186c0c07c8a76b99b17b669749443adb95
0eb31aa9193c735be07828a58c7619cf280045800e8d0390e9aef9effe0b238b
GET /js/provider.hlsjs.js HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Feb 2021 12:56:39 GMT
ETag: W/"60379e87-46d8e"
Content-Encoding: gzip
ninjastream.to/js/vendor.js?id=0377102bb3b10e0efbde
45.141.58.32200 OK 307 kB URL HTTP/1.1 ninjastream.to/js/vendor.js?id=0377102bb3b10e0efbde
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type Unicode text, UTF-8 text, with very long lines (65470)
Size 307 kB (307180 bytes)
Hash 6b7800af7ddd6b1014f12f6013755d2d
12b7c9598a3cab51afb0c36d43f68c29248e0305
0c411dde912e44f031685029652fe0dcc72a71060a1c1b0ddbb1dd81b0720c57
GET /js/vendor.js?id=0377102bb3b10e0efbde HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Apr 2021 07:23:30 GMT
ETag: W/"607d2ff2-126ad1"
Content-Encoding: gzip
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nr8PC4S/gfYNiqnt9Qnllw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ET1TEOCayujHDvPNhxIVPivLEXY=
ninjastream.to/js/app.js?id=c6a3a872706c3e2d3cba
45.141.58.32200 OK 284 kB URL HTTP/1.1 ninjastream.to/js/app.js?id=c6a3a872706c3e2d3cba
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 284 kB (284298 bytes)
Hash 2c9af4b575e45e716457744fc6a7d656
0bdea1ce1b76a61da263ebaf980fa60f3b0369c2
197f0c9d89b617aa42134958070974c2309539735eeb1fb1084ef1c9d7821dfc
GET /js/app.js?id=c6a3a872706c3e2d3cba HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Sep 2021 00:30:04 GMT
ETag: W/"614e6d8c-ee276"
Content-Encoding: gzip
ninjastream.to/api/video/get
45.141.58.32200 OK 312 B URL HTTP/1.1 ninjastream.to/api/video/get
IP 45.141.58.32:0
ASN #213373 IP Connect Inc
File type JSON data\012- , ASCII text, with very long lines (347), with no line terminators
Hash 42af22486488bdd33da5e845e00de2b7
f012427dc87c1d915708e6246c35d6e98e8194f6
2d9029345a93990981b24927626416dced9e0c692a5afffc61fe789694a6005d
POST /api/video/get HTTP/1.1
Host: ninjastream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninjastream.to/watch/Ng9QnBwE6QVKb
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: UXPS2LpheACl64aA4akYLSYpW6nHZ8c3jvqaQNi6
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0=
Content-Length: 22
Origin: https://ninjastream.to
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ikh5aDFiY3A0d3lBRkw3dDQ1ak1aZmc9PSIsInZhbHVlIjoiaytzWEpxeVNwY3pHWjFGR211QXYydFNhb2NqUXd1Q3UxenF3UjJ1TytZdWFySnViQkUyL0hHMkFWOXpLY0ZoQ1ZGdDVIWWlibm9mRWEwY2RBYVpnRTNJUUo2OEpYLzZ1eWxQNXQxU29BdlJ2SE93bmNHc3RnMjJSYnVBck9EZDAiLCJtYWMiOiI0Y2VmMGY3ZWY1NGE5NTM4NGY0ODU0NWFjMGRhYjg4ZjY4YTUzMjMxMGMyMWIzNjkyZTBmZWYxMDM0NWIwYWU5In0%3D; ninjastream_session=eyJpdiI6IkZEQ2l0TUZpWUs5MDVYNnJXMFhaS1E9PSIsInZhbHVlIjoiK1Axei9HRTZIYTJibFhwTDlSZlQ1MFhOY3RMRDRxSzdFN2dwRUFLNnZYWE1SR2JQOVQzMzNQV28vRFEvU2c2bERXWTNPQTdlUW9ScTZRdVdncUYzeUd6Sk1XZ0lMQVRhckVLNlY2WE04RjdnVzNHdFlQR29qQ0d0R0p1Y1AvVXoiLCJtYWMiOiJkODNhYjI4YzIzYWNkZWZmOTVkMDBkYTEwZTM3MTQyMTM2YjE5Nzc5NzNmZWM4MTZiOWE3MWY4MTAyZDI4MTk5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 13:11:57 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.15
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Access-Control-Allow-Origin: *
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlNmSjA0NnczNktSbHVYei9WVFc2cVE9PSIsInZhbHVlIjoieGtOR3VlSkNUekJZTEVGMVFFcmd6VFdCM3pFNGpsb052NENRK2crTVNmalJLNWFvcFdDcFJHN0V1ZDZiOXk2Lzk4RUR6VVYzL2cwYXlqcWxvNk9oQWtwakRKWVoreEV6Um5hUU91R2dRUmRIVC9YZ0Y3LzNlZjc2TFkwcTgvUjkiLCJtYWMiOiJiODUyMWMxYTQ3NDkxYzBkOWE2NWRiYjk4MDVmYWMwY2EzYWFiZThjMTJhNWM3NTBlOTUyMzRmZDkwNDY3OTU0In0%3D; expires=Fri, 02-Dec-2022 15:11:57 GMT; Max-Age=7200; path=/; secure; samesite=none
ninjastream_session=eyJpdiI6IkVRWWpSdW1QY3FtZzdzSjBEbm84QWc9PSIsInZhbHVlIjoicW5hQXhhZWwza3FMVGlaWUNZYy90Q2FsdlQ1N3JqZnQvUUVEa2hBRWErTDg1MGVDbWVzNFdMOGp0TjFJT3VxeDdndW9JckdBMXpjTGhDNFBFR2pEUkM1eW4xVEFLbkc5Ky9IeGV5Mm9DdktLcy9xcjhGSXB1c3gxd0E0L1hmdU8iLCJtYWMiOiIzZDEwNWI4MjVlZGQzYTczMzYyMGU5YWM5OTZlYzdjZTQyMDhiNDEzZTY3MjhhOGVkMzEzMzUzNWE3M2IzYzg0In0%3D; expires=Fri, 02-Dec-2022 15:11:57 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 994 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash a884832f9aff926c71ef88e1ad87d85a
9a740be4f0bc065f109799e405f80179a2b0f8b0
c25e615c8d80a81b73cdfcb0f030be7262d19125ad968aa8694e9b70b1382602
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2051B04E443CC064016EFE3A543D2E395BDEFDCF9A59A95ABAEE6390A3566D97"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4947
Expires: Fri, 02 Dec 2022 14:34:24 GMT
Date: Fri, 02 Dec 2022 13:11:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 324120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 12:41:08 GMT
expires: Fri, 02 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 1849
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tzegilo.com/stattag.js
104.21.84.149200 OK 5.5 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash b8d1c6f584455a67ff9199ea755f7dbe
82a25206c899e59b1505c7cac2211ab22a945e82
6eca01023b17159ae76243bbc3c38f4492bdf77092e8d60b70c5fb49c903e6bc
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZU4h0HyULszB6ptW0FZCSQMXQ%2FixnCOBBermrVlk8kubtCMGlQBcxOFOa7UGefUdVMzLWgnJXIeFZQno%2F9bS6LYTyHyrmAtoBWty99qsda93YwNKWTdkNbt%2B98eQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fbbae86b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 36d1df0970656a27d7b9570c988b0b6a
247dc1848a2bc9168ae7531bf527ddbe577f0957
0848ee12091fffd2d93d051e1c7e13c1abe662bffbd278a9927cf385695a8c37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7CE8C2D5A18473D7F9424A3C00FB09796790B9C59B088489B595EA83A5845F3"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4875
Expires: Fri, 02 Dec 2022 14:33:13 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 86a12dbe6ec4108e05854b5760fb131b
6d1abccdbeb8536890093cb7eb60b65be31b1ec0
4f59b344c88d910835173a70f7d07c40488573c03fa0274d9b4d6cc66567c423
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F59B344C88D910835173A70F7D07C40488573C03FA0274D9B4D6CC66567C423"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Fri, 02 Dec 2022 14:53:14 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
151.101.194.114200 OK 78 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
IP 151.101.194.114:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65135)
Hash 647ed298ce7712d18903a5def28c5c74
e121ccae87bcd1f188ae9b0f4c53e87c6ed2e192
fc5c0f2c0072655f59536fdcece33ac83c5f77cbd694849e2bb352caf0e189a2
GET /player/v/8.18.4/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 15 Jan 2021 21:39:06 GMT
etag: "bce8a935003a2164805362d8ad7026a6"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 13:11:58 GMT
via: 1.1 varnish
age: 15164299
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1773
x-timer: S1669986718.163300,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 78129
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 13:11:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=516622,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77344fbcdc53b4ed-OSL
betotodilea.com/400/5096878
139.45.197.237200 OK 33 kB URL HTTP/2 betotodilea.com/400/5096878
IP 139.45.197.237:0
Hash df3887255e2fd52345eac5fb6d0801e3
72290cc6338a56f24f3649112214b732d9c53ceb
ee48c3924fbd5cca09ef988e209f7d7b022521be2013db779af42b40f9f8ab6a
GET /400/5096878 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: OAID=2a9fd7ad489b4f9e90cd6d15bb692de8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/javascript
x-trace-id: 57378f23b307d2329b597cb7a9c263d5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=2a9fd7ad489b4f9e90cd6d15bb692de8; expires=Sat, 02 Dec 2023 13:11:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
18korea.net/wp-content/cache/autoptimize/css/autoptimize_eafbce0e7b442a73a8d37a456bf9e0bc.css
104.21.235.34200 OK 21 kB URL HTTP/2 18korea.net/wp-content/cache/autoptimize/css/autoptimize_eafbce0e7b442a73a8d37a456bf9e0bc.css
IP 104.21.235.34:0
File type ASCII text, with very long lines (65175)
Hash d32f87877d61760fe37cc3e3cb71c413
67172bdda759056b328b5b2cd27424120cc9d0e8
77f4ef0507e490c7961b85a68f70431ce20e222d4f64de7bc41b56563e0bf7c8
GET /wp-content/cache/autoptimize/css/autoptimize_eafbce0e7b442a73a8d37a456bf9e0bc.css HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=141469
etag: W/"5fea9ddc-2289d"
expires: Fri, 02 Dec 2022 14:23:22 GMT
last-modified: Tue, 29 Dec 2020 03:09:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpzer%2Bd8vwLrE8RZc5ynot1JI4xLfSo50IalzIBFhlIkRjjbPK9vfh2JzkBSxJYSDZhHk7cmjCwQCr%2FOFQ8WO2ddmyfDFnrfjEVZq%2F4idEptouu7%2F%2FTK7pi7S6Rmcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb18c9071da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4270
Expires: Fri, 02 Dec 2022 14:23:08 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 02bb7e76626dc115e126b8d7e0dc1183
a080f073bb97254ee9df27685d34ada77e0a57aa
ccb1df6f071eeb4707538b0f4052bb3af92af23723ad208d1132775bb0204686
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:58 GMT
Last-Modified: Fri, 02 Dec 2022 12:24:48 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 280
belickitungchan.com/400/5096889
139.45.197.239403 Forbidden 22 B URL HTTP/2 belickitungchan.com/400/5096889
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash b5e50d07b6b24e1e105e6e4fceb97bf6
95d7e8119b8befc7153b44b4c7be59f26bd6ad33
61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5096889 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: text/plain; charset=utf-8
content-length: 22
x-trace-id: 9df4b9aa58bd7b4904b87f9b0e6d51c9
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16522
Expires: Fri, 02 Dec 2022 17:47:20 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f096767caf45bd69af30f68d8c507657
d34449c54e15bd807141acda4b2ff56cf7448c8d
ac7763b62b265227a3004fc9ccaac8affe202e4556de67d649869f061fb75558
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC7763B62B265227A3004FC9CCAAC8AFFE202E4556DE67D649869F061FB75558"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1184
Expires: Fri, 02 Dec 2022 13:31:42 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16522
Expires: Fri, 02 Dec 2022 17:47:20 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16522
Expires: Fri, 02 Dec 2022 17:47:20 GMT
Date: Fri, 02 Dec 2022 13:11:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 28303
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 132 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max speed, from Unix\012- data
Size 132 kB (132300 bytes)
Hash 41e47274ff2e32528e0f8b5216048020
53d84a085930bf139bd11c6bed777963231b6bc4
680106cd741b62c00ae17bc570e8d008e29f4ba6ffc9063082b173cc9abb9648
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 85802
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash abefdd8bec857aeb9a7bdb1064524aa8
bfb37ed930bf4e27853b40ada539478d347253fd
2d9534d11db2568fda64cf34366ba5697cf0b13f60746912a5a273c9cb0c1ffc
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 55225
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 55088
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 55307
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=4455878
139.45.197.236200 OK 30 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=4455878
IP 139.45.197.236:0
Hash 715c0846d34c0bd22a3dc761e07920dc
1104fa5d98e65b49cf02cffa06da542069cb3cdd
8ccbdbc7415a7eac431cb7fcf7e5da1d102eb3e3a301db45e144291e821c61dd
GET /apu.php?zoneid=4455878 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/javascript
x-trace-id: 94e98291b64a14f89e6bd111c45184e7
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=84a6af5f0d3348edbdb82b063ca1eef4; expires=Sat, 02 Dec 2023 13:11:58 GMT; path=/; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:58 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ipp.littlecdn.com/web/static/play.png
104.22.24.116200 OK 8.4 kB URL HTTP/2 ipp.littlecdn.com/web/static/play.png
IP 104.22.24.116:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 58cb864700d640ef12664041a72a8ad3
dfe28fd490bbed3db2922f18e7caa072d9bb076f
b837d3ac9c69da6acd0221c4956d6202fea25c364f7f19729b2cda84ecea71db
GET /web/static/play.png HTTP/1.1
Host: ipp.littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: image/png
content-length: 8389
last-modified: Thu, 29 Apr 2021 08:51:30 GMT
etag: "58cb864700d640ef12664041a72a8ad3"
expires: Sat, 03 Dec 2022 12:24:23 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 2855
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fbfeb2b0b02-OSL
X-Firefox-Spdy: h2
betotodilea.com/500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ninjastream.to/
Origin: https://ninjastream.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ninjastream.to/
Origin: https://ninjastream.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ninjastream.to/
Origin: https://ninjastream.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ipp.littlecdn.com/web/static/play.js
104.22.24.116200 OK 4.2 kB URL HTTP/2 ipp.littlecdn.com/web/static/play.js
IP 104.22.24.116:0
File type ASCII text, with very long lines (11154), with no line terminators
Hash c4fb3a3284682df94dc2b343e221c8cd
e4b5ce6f219630fb55fe2db0d0acc8856474fdda
62c54ea2b1c2f7efcd54aafbeca123968f41e873e68797520d92327d8e231def
GET /web/static/play.js HTTP/1.1
Host: ipp.littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 12:40:14 GMT
etag: W/"5d961b087a3e1ae750063b955af0c50a"
expires: Sat, 03 Dec 2022 12:24:23 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 2855
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fbf3a900b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ot=151
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ot=151
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ot=151 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: scm=1; OAID=fb9ae91e70c44b5c80b967e6fe9949ad; oaidts=1669986718
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 68d8aca46e0c2e34076c2232391385f3
access-control-expose-headers: X-Sc
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
139.45.197.242200 OK 3.2 kB URL HTTP/2 nanouwho.com/9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
IP 139.45.197.242:0
Hash 53c3cb108650f1080d62ea6de753e81f
969b65a62f8a5d32202f684005dc3ee41c7e2ba3
930ee7c2ebe5697eefd4af7731c79f575a52b326d637cafd02382e9ec2e4a6f6
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=4455918&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 43
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: scm=1; OAID=7907174b8ba24497ad174971967ffcaa; oaidts=1669986718
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ad1eac188423c3930e43bca80fd3cc69
access-control-expose-headers: X-Sc
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfc7f92e60ce50c48fb0ccde8afe0594
5fc75e30e9c6982fb95259afa7bef71a596d7acb
12f95435514be3d5bdecc32c7610ba2e6c1be840d816edd987f3bb054f9fc7ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12F95435514BE3D5BDECC32C7610BA2E6C1BE840D816EDD987F3BB054F9FC7FF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9192
Expires: Fri, 02 Dec 2022 15:45:11 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfc7f92e60ce50c48fb0ccde8afe0594
5fc75e30e9c6982fb95259afa7bef71a596d7acb
12f95435514be3d5bdecc32c7610ba2e6c1be840d816edd987f3bb054f9fc7ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12F95435514BE3D5BDECC32C7610BA2E6C1BE840D816EDD987F3BB054F9FC7FF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9192
Expires: Fri, 02 Dec 2022 15:45:11 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfc7f92e60ce50c48fb0ccde8afe0594
5fc75e30e9c6982fb95259afa7bef71a596d7acb
12f95435514be3d5bdecc32c7610ba2e6c1be840d816edd987f3bb054f9fc7ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12F95435514BE3D5BDECC32C7610BA2E6C1BE840D816EDD987F3BB054F9FC7FF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9192
Expires: Fri, 02 Dec 2022 15:45:11 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
betotodilea.com/500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
139.45.197.237200 OK 1.2 kB URL HTTP/2 betotodilea.com/500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1462), with no line terminators
Hash b8f9d7a8fdda32472889dc56d80595bb
50fc140c11739367e86cac91010f21533a3452b0
3c4717f7bf52dbd49dcb8bbebbd88bb2bc8c61fea46d23b4dd129975bce15f7d
GET /500/4455000?excludes=&oaid=fb9ae91e70c44b5c80b967e6fe9949ad&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: OAID=2a9fd7ad489b4f9e90cd6d15bb692de8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: application/javascript
x-trace-id: 613e4559123780025e5ed988df126a2c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ninjastream.to
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2493dbbe263359830a920dc8d1cba77f
cd02937f68bf929c4b66d8be5e18e89dac426e15
228a59817ef96a923684372317b6bfb838124c43708ff21c588edd67ce44dae5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:11:59 GMT
Etag: "63894fb0-118"
Last-Modified: Fri, 02 Dec 2022 11:24:28 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 280
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
104.22.33.172200 OK 43 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: image/png
content-length: 43157
last-modified: Sun, 27 Sep 2020 15:59:04 GMT
etag: "5f70b6c8-a895"
expires: Sat, 03 Dec 2022 09:20:18 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 13901
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fc44c789938-ARN
X-Firefox-Spdy: h2
nanouwho.com/1?z=4455918
139.45.197.242200 OK 32 kB IP 139.45.197.242:0
Hash 7e65d956d12d1ededc4bec12231455a3
57b4787564a259749500c7ca90490df924b68544
579a9047f413f200232bf431bc7b8aa0035d752bc6ff5c2ac4ea8dc966763950
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4455918 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 46a0af5724e49f5a9646f9fbdcc178d8
access-control-expose-headers: X-Sc
x-sc: ZPtxbI8PJNk51ySkxN66a0I3KH7We-1UZ3bBSKhbrFMrdWBpEzGRg7AeuLodNSQELQ75iNHOx8DnYperzP9y5li8TfA=
set-cookie: scm=1; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
OAID=7907174b8ba24497ad174971967ffcaa; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
t80.pixhost.to/thumbs/92/321339335_streaming-things-i-love-to-do-2022-erotic-movie-18-online-free.jpg
94.229.45.2200 OK 29 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339335_streaming-things-i-love-to-do-2022-erotic-movie-18-online-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
Hash 233f3b2464d9d829ba2174fc5b692606
a4edb339f6ff3bdc6c979f0eeb7dfddcef7121f8
da1df5dacd5236f89d24948e0aa1e9acb7c6e56c37f3ea50adb5b40ba41ac617
GET /thumbs/92/321339335_streaming-things-i-love-to-do-2022-erotic-movie-18-online-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 24376
Last-Modified: Wed, 30 Nov 2022 14:39:54 GMT
Connection: keep-alive
ETag: "63876b3a-5f38"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
cdn.itskiddien.club/?rb=RZoClUCdXhBOZnzGcKERB3pPm92I1qMx3m8WQWZgEXxolafblV4ul34HXpZGh_XCDjEal60gHFQKJcYyyUEAquIPquFysGIh1fayeb70d6-7oxXei3baJacqmenTdt_YVjFwsa0pMFFDk7WfoIIb4eLtnTRuInlvEupsTbCmx8lQR3Vpj4RBkwU2JICLHRs60BqyEvG4K4qiGMsJINyXbFLut7Dnv66XT2q70oPyCsCiZMfZ&request_ab2=96003&zoneid=4455878&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wih=546&wiw=970&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=76d9c10d-cbd0-4d4f-9885-d89a4963cce1&userId=fb9ae91e70c44b5c80b967e6fe9949ad&m=link
139.45.197.236200 OK 24 kB URL HTTP/2 cdn.itskiddien.club/?rb=RZoClUCdXhBOZnzGcKERB3pPm92I1qMx3m8WQWZgEXxolafblV4ul34HXpZGh_XCDjEal60gHFQKJcYyyUEAquIPquFysGIh1fayeb70d6-7oxXei3baJacqmenTdt_YVjFwsa0pMFFDk7WfoIIb4eLtnTRuInlvEupsTbCmx8lQR3Vpj4RBkwU2JICLHRs60BqyEvG4K4qiGMsJINyXbFLut7Dnv66XT2q70oPyCsCiZMfZ&request_ab2=96003&zoneid=4455878&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wih=546&wiw=970&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=76d9c10d-cbd0-4d4f-9885-d89a4963cce1&userId=fb9ae91e70c44b5c80b967e6fe9949ad&m=link
IP 139.45.197.236:0
Hash 5b59d750abf080467fae55d23f5533fe
3eb08f6e77872ce2d58df18e3d2ec16463424f06
36fe1acf998ecbd5e90783c5ac6693d990a03e885abe6d56fbf0d798f979e0e9
GET /?rb=RZoClUCdXhBOZnzGcKERB3pPm92I1qMx3m8WQWZgEXxolafblV4ul34HXpZGh_XCDjEal60gHFQKJcYyyUEAquIPquFysGIh1fayeb70d6-7oxXei3baJacqmenTdt_YVjFwsa0pMFFDk7WfoIIb4eLtnTRuInlvEupsTbCmx8lQR3Vpj4RBkwU2JICLHRs60BqyEvG4K4qiGMsJINyXbFLut7Dnv66XT2q70oPyCsCiZMfZ&request_ab2=96003&zoneid=4455878&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=970&wih=546&wiw=970&wfc=1&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&drf=https%3A%2F%2F18korea.net%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=76d9c10d-cbd0-4d4f-9885-d89a4963cce1&userId=fb9ae91e70c44b5c80b967e6fe9949ad&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: OAID=84a6af5f0d3348edbdb82b063ca1eef4; oaidts=1669986718
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: application/json
x-trace-id: 42618c66d5d99f81bb08c9214ad10690
access-control-allow-origin: https://ninjastream.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; path=/; secure; SameSite=None
oaidts=1669986719; expires=Sat, 02 Dec 2023 13:11:59 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 13:11:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
t80.pixhost.to/thumbs/92/321339331_32-year-old-female-lawyer-sexual-assault-case-erotic-movie-18-free.jpg
94.229.45.2200 OK 18 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339331_32-year-old-female-lawyer-sexual-assault-case-erotic-movie-18-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 500x281, components 3\012- data
Hash a0923086766b68a9c562e6a90c171700
6be72e58a7d1c48596a4930f222aff8f519a7ee8
873e793e259d393abb3b4efcbcb41bc92b0b04a081aad7f3f5906fcb9a228a74
GET /thumbs/92/321339331_32-year-old-female-lawyer-sexual-assault-case-erotic-movie-18-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 17749
Last-Modified: Wed, 30 Nov 2022 14:39:53 GMT
Connection: keep-alive
ETag: "63876b39-4555"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b411ab32a7dfa1bf6aca3fcf51cf70fc
29e86fbbc654609a3f7344e580895b49a67d26cc
78fe5f94cb20f53d0e16f581ce11602e59356be6770d626ec237b343058fba15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78FE5F94CB20F53D0E16F581CE11602E59356BE6770D626EC237B343058FBA15"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7329
Expires: Fri, 02 Dec 2022 15:14:08 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b411ab32a7dfa1bf6aca3fcf51cf70fc
29e86fbbc654609a3f7344e580895b49a67d26cc
78fe5f94cb20f53d0e16f581ce11602e59356be6770d626ec237b343058fba15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78FE5F94CB20F53D0E16F581CE11602E59356BE6770D626EC237B343058FBA15"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2532
Expires: Fri, 02 Dec 2022 13:54:11 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
t80.pixhost.to/thumbs/92/321339313_streaming-drenched-friend-girlfriend-2021-erotic-movie-18-online-free.jpg
94.229.45.2200 OK 19 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339313_streaming-drenched-friend-girlfriend-2021-erotic-movie-18-online-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 500x281, components 3\012- data
Hash 56e29a61801d36980060579fd8ccb00a
f6ad02350a64cc99279620160b8af10bafa34628
c1b2de94f2d394bf10358fac9603f181de0d1d8a6c1e10698ac709f337c3f209
GET /thumbs/92/321339313_streaming-drenched-friend-girlfriend-2021-erotic-movie-18-online-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 18921
Last-Modified: Wed, 30 Nov 2022 14:39:47 GMT
Connection: keep-alive
ETag: "63876b33-49e9"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
t80.pixhost.to/thumbs/92/321339317_an-affair-old-lady-in-her-40s-who-can-do-it-inside-erotic-movie-18-free.jpg
94.229.45.2200 OK 24 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339317_an-affair-old-lady-in-her-40s-who-can-do-it-inside-erotic-movie-18-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 500x281, components 3\012- data
Hash b332ccfbc4be76a05094786cabc35bb0
3127347390433c7d9a80f0b76a594de002f3ae72
38e129fd67d152b060ac6e10c0aebc0efa4c7a69b0d20911dccd43663c921536
GET /thumbs/92/321339317_an-affair-old-lady-in-her-40s-who-can-do-it-inside-erotic-movie-18-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 23554
Last-Modified: Wed, 30 Nov 2022 14:39:48 GMT
Connection: keep-alive
ETag: "63876b34-5c02"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
t80.pixhost.to/thumbs/92/321339320_streaming-nerisa-2021-erotic-movie-18-online-free.jpg
94.229.45.2200 OK 36 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339320_streaming-nerisa-2021-erotic-movie-18-online-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 500x281, components 3\012- data
Hash 2c23c81adb00151568227f404dcf1b27
b2681053b51a191fcc0e6f5149f8584a5cbcb23b
c0dde6458b289ef5fafb05c9682d9a2c00fcacc52302dacea43f7d4e547a272b
GET /thumbs/92/321339320_streaming-nerisa-2021-erotic-movie-18-online-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 36400
Last-Modified: Wed, 30 Nov 2022 14:39:50 GMT
Connection: keep-alive
ETag: "63876b36-8e30"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
interstitial-07.com/?l=xmPosaU4na8EynY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2153250558%26z%3D4455918%26b%3D15950248%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DN0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc851dcc6-47c0-44ab-b4fb-c83f7c999324%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D3%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.155200 OK 16 kB URL HTTP/2 interstitial-07.com/?l=xmPosaU4na8EynY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2153250558%26z%3D4455918%26b%3D15950248%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DN0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc851dcc6-47c0-44ab-b4fb-c83f7c999324%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D3%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1481)
Hash bb30bee0569b8ea8ba4b0aa811e3782c
5163c62ed2c91d9f3258b20f480a769b8d1851b2
fabbfdabe3d0633dda12b15a924c8951225e175aac9057a7dc370256f36f5dd1
GET /?l=xmPosaU4na8EynY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2153250558%26z%3D4455918%26b%3D15950248%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DN0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc851dcc6-47c0-44ab-b4fb-c83f7c999324%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D3%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=P5uSGlpL7N6J2Bq5lerEprtn5BxMT02dtSyg6cQ-Osw; expires=Fri, 02-Dec-2022 14:11:59 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
t80.pixhost.to/thumbs/92/321339324_streaming-sexy-tutor-2021-erotic-movie-18-online-free.jpg
94.229.45.2200 OK 23 kB URL HTTP/1.1 t80.pixhost.to/thumbs/92/321339324_streaming-sexy-tutor-2021-erotic-movie-18-online-free.jpg
IP 94.229.45.2:0
ASN #48326 DataNetworks s.r.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 500x281, components 3\012- data
Hash 7b4738e6f7c1577bd37689a38068a53d
a63836cdc1c9876d68469fd1a25764ab3f9d3264
76adcb5e30a613e28504c90533fb576c4e712f68c626cb6ad94b7f688699b337
GET /thumbs/92/321339324_streaming-sexy-tutor-2021-erotic-movie-18-online-free.jpg HTTP/1.1
Host: t80.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 02 Dec 2022 13:11:59 GMT
Content-Type: image/jpeg
Content-Length: 23415
Last-Modified: Wed, 30 Nov 2022 14:39:51 GMT
Connection: keep-alive
ETag: "63876b37-5b77"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
interstitial-07.com/?l=ZLNffCnc9jNppQ6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D1943011066%26z%3D5096881%26b%3D15950250%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D2q1uXKeBfRrjAGY4djTZrXkxAIffCgiCaUNcg_Hk3o2ZRjr41w4FJ9VrPokqlxaNU2Px1ao34ATV1t7PObjkpgYl9IPFg641bQBUOuu2PLbteldwa08bOgYDdKah-8VGLgtFVd7US2Y0XCaIw0fe9vR90YCDe7celXYLNAnTqxn0EpdKJQ_SAk5sOQXwch8RTy_LRQqv4eGg2-CWL0XH3nxE97U9mQ43ulhepM9iOgY10MwV6_XdDM3fn0DbO5193CO9TQPloLKIGu29BN7QaDuV-viFZoyNYuoPXWbM94K1kcx1ONAMh-3qUnTLla4AVlL0F7t89rsL24GH0RBSmIRnyGlZo-aM8ntBnBR12wkJCk3tEbVHMUqjqVH_G6a8tDa-UlHvHdD-YIZp852mjuaYDicHF1nd3zMHBXeZNyIeRkZnU8EdzWSQlZYS4Qxifz1qgQJ_8668YOVqzmw3uXNrl4ENMI476SjHIlZ0T2pCc0CiauX9ZjULD40VIleUTlsSzptVUBVjPUjsiHYtlCsd6xHCSrt0a-QZLgv3DDsh-mnmPYXsTE9_s7KxWfpKRVXsN088_0RY35_Gxy7kGkyFN8SsfSsNNiqXR_LpLVM0RVlmsc1ogTEo796HzGsDR-ecIzpBoosASVvm5xzyCA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D2ed21b21-3c9d-434d-8536-d750be93db91%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D2%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.155200 OK 57 kB URL HTTP/2 interstitial-07.com/?l=ZLNffCnc9jNppQ6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D1943011066%26z%3D5096881%26b%3D15950250%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D2q1uXKeBfRrjAGY4djTZrXkxAIffCgiCaUNcg_Hk3o2ZRjr41w4FJ9VrPokqlxaNU2Px1ao34ATV1t7PObjkpgYl9IPFg641bQBUOuu2PLbteldwa08bOgYDdKah-8VGLgtFVd7US2Y0XCaIw0fe9vR90YCDe7celXYLNAnTqxn0EpdKJQ_SAk5sOQXwch8RTy_LRQqv4eGg2-CWL0XH3nxE97U9mQ43ulhepM9iOgY10MwV6_XdDM3fn0DbO5193CO9TQPloLKIGu29BN7QaDuV-viFZoyNYuoPXWbM94K1kcx1ONAMh-3qUnTLla4AVlL0F7t89rsL24GH0RBSmIRnyGlZo-aM8ntBnBR12wkJCk3tEbVHMUqjqVH_G6a8tDa-UlHvHdD-YIZp852mjuaYDicHF1nd3zMHBXeZNyIeRkZnU8EdzWSQlZYS4Qxifz1qgQJ_8668YOVqzmw3uXNrl4ENMI476SjHIlZ0T2pCc0CiauX9ZjULD40VIleUTlsSzptVUBVjPUjsiHYtlCsd6xHCSrt0a-QZLgv3DDsh-mnmPYXsTE9_s7KxWfpKRVXsN088_0RY35_Gxy7kGkyFN8SsfSsNNiqXR_LpLVM0RVlmsc1ogTEo796HzGsDR-ecIzpBoosASVvm5xzyCA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D2ed21b21-3c9d-434d-8536-d750be93db91%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D2%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1494)
Hash 5e58b4c0a267ee3e774d2669ce0ccb91
fbb00123d15e534a86d9d92072e199ce8fcbc96d
cdbb254cdac04328087043f62b8176891c0d68d4e00256565b409350ab5c6214
GET /?l=ZLNffCnc9jNppQ6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D1943011066%26z%3D5096881%26b%3D15950250%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D2q1uXKeBfRrjAGY4djTZrXkxAIffCgiCaUNcg_Hk3o2ZRjr41w4FJ9VrPokqlxaNU2Px1ao34ATV1t7PObjkpgYl9IPFg641bQBUOuu2PLbteldwa08bOgYDdKah-8VGLgtFVd7US2Y0XCaIw0fe9vR90YCDe7celXYLNAnTqxn0EpdKJQ_SAk5sOQXwch8RTy_LRQqv4eGg2-CWL0XH3nxE97U9mQ43ulhepM9iOgY10MwV6_XdDM3fn0DbO5193CO9TQPloLKIGu29BN7QaDuV-viFZoyNYuoPXWbM94K1kcx1ONAMh-3qUnTLla4AVlL0F7t89rsL24GH0RBSmIRnyGlZo-aM8ntBnBR12wkJCk3tEbVHMUqjqVH_G6a8tDa-UlHvHdD-YIZp852mjuaYDicHF1nd3zMHBXeZNyIeRkZnU8EdzWSQlZYS4Qxifz1qgQJ_8668YOVqzmw3uXNrl4ENMI476SjHIlZ0T2pCc0CiauX9ZjULD40VIleUTlsSzptVUBVjPUjsiHYtlCsd6xHCSrt0a-QZLgv3DDsh-mnmPYXsTE9_s7KxWfpKRVXsN088_0RY35_Gxy7kGkyFN8SsfSsNNiqXR_LpLVM0RVlmsc1ogTEo796HzGsDR-ecIzpBoosASVvm5xzyCA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D2ed21b21-3c9d-434d-8536-d750be93db91%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D2%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=uKfXlPZvHGObYcKWyoZA4vQfpqZzNqoYVqTELGOUjuI; expires=Fri, 02-Dec-2022 14:11:59 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/f2/ea/94/2045b6191cf4e8883f945577d6/01419289930266.jpeg
139.45.197.155200 OK 9.4 kB URL HTTP/2 interstitial-07.com/contents/s/f2/ea/94/2045b6191cf4e8883f945577d6/01419289930266.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash f2ea942045b6191cf4e8883f945577d6
f217ff303ef16d92e04767b99b50fab13fc5f0fa
270098f429a4d4715596182e3ad7a1da6862c10c12fc3a104be6ffcd8a649c0d
GET /contents/s/f2/ea/94/2045b6191cf4e8883f945577d6/01419289930266.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=xmPosaU4na8EynY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2153250558%26z%3D4455918%26b%3D15950248%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DN0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc851dcc6-47c0-44ab-b4fb-c83f7c999324%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D3%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: image/jpeg
content-length: 9383
last-modified: Thu, 20 Oct 2022 03:21:16 GMT
vary: Accept-Encoding
etag: "6350beac-24a7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/48/9d/aa/767e850f7adee87656c9c618d6/0805769566320.jpeg
139.45.197.155200 OK 33 kB URL HTTP/2 interstitial-07.com/contents/s/48/9d/aa/767e850f7adee87656c9c618d6/0805769566320.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 489daa767e850f7adee87656c9c618d6
f33d685ca860065daa3d42786e875c4f72c47376
420d07a28fd9eb7996feb6e3bc78a230b321be622551a6427d9eb7d4e43d7585
GET /contents/s/48/9d/aa/767e850f7adee87656c9c618d6/0805769566320.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=xmPosaU4na8EynY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2153250558%26z%3D4455918%26b%3D15950248%26c%3D6382289%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DN0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc851dcc6-47c0-44ab-b4fb-c83f7c999324%26ng%3D1%26ix%3D1%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fninjastream.to%252Fwatch%252FNg9QnBwE6QVKb%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D970%26wiw%3D970%26wih%3D546%26wfc%3D3%26sah%3D1002%26drf%3Dhttps%253A%252F%252F18korea.net%252F%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: image/jpeg
content-length: 33145
last-modified: Thu, 20 Oct 2022 03:21:11 GMT
vary: Accept-Encoding
etag: "6350bea7-8179"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce4664ff78f43f330fe8110c920f96c8
8d95283944a9217b18b8aeb68c17992b79ab5638
a855f987a1c193780de746a84c4693da05cbc5b3dd9d97d769918441be33ea9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A855F987A1C193780DE746A84C4693DA05CBC5B3DD9D97D769918441BE33EA9B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=62
Expires: Fri, 02 Dec 2022 13:13:01 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce4664ff78f43f330fe8110c920f96c8
8d95283944a9217b18b8aeb68c17992b79ab5638
a855f987a1c193780de746a84c4693da05cbc5b3dd9d97d769918441be33ea9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A855F987A1C193780DE746A84C4693DA05CBC5B3DD9D97D769918441BE33EA9B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=62
Expires: Fri, 02 Dec 2022 13:13:01 GMT
Date: Fri, 02 Dec 2022 13:11:59 GMT
Connection: keep-alive
unphionetor.com/fv.js?t=72747&cb=2089599589
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=2089599589
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=2089599589 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 45338026f3bb17b0a55105a05d9c075c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=395070695
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=395070695
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=395070695 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 67feec79b4b5a79213dd9fd78a0fcc40
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=966218931&z=4455918&b=15950248&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=N0x8OPYGH64FUmc_TWICyNyP_YBq-CTcvJy1iOpmf2R6XT4Oj8lIGZ6kIitpdQMnScppdWs1e4RzYM_KV8Ykb92n5_YjVb7ai2nRSYGTwYULzlVKEFAr95T5ztV_rGMOvNUotHJKJnYs6niTlHmdH4xWn7IcDalC6wZ3-e_wtEei3x31sU-F17ANdIZbSRfK9b5WjWnTbMECWBgBznLySAbm37HcLwD5b9F5FnHLROVfSQdv_AcKhqBie-DnMGUyoaOgLMPUfk90xuh_Jcnh5Xb9BB3Q8LW-gdzYEKe5GHdSdrwuj8liQmKAVnsuN5OPJo3y0aBPPMV9f-GEk5lDC9TqwZ18rGAcQ0agu5yQw_UF_Z5YaswChF87hjyURH2v_PvIpvndHKASc5qc0hBeZkxBaVZHRqZPw8D6pMmO35zXY7q8_S2O9XLd_NqCYot4h86WuzHaf-0TxGl4Ux9EVUmToTQl_1kjsN1hMcCyCh-ojvtLgOwkcBxHmqpE6cO27Tvu4mkpd0yhVaEScsUe09UOLW1sNvKedWjvqJ-Iya8P-n4Hidq4JqwzJTZB0ul8qgYqprErQT0Z7y577mgebXYPpA8JZdi9hmBzMzb-T7DAp0-W_yRuF74XeuDpqejGZHlJwKXOIoTRD7aVv7aUtQ==&ruid=c851dcc6-47c0-44ab-b4fb-c83f7c999324&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=3&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: scm=1; OAID=fb9ae91e70c44b5c80b967e6fe9949ad; oaidts=1669986718
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7183c9974333b650d23ce81210702556
access-control-expose-headers: X-Sc
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
CNT=1_v1_qGHzAAEAAACAS2lk; expires=Fri, 02 Dec 2022 14:11:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0946f18be0afefe1362014b96451b7ad
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 24e3552ba71eeb758f34298fa7a0a2f2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-BNGW6L3J0E>m=2oebu0&_p=850443743&cid=1778038652.1669986718&ul=en-us&sr=1280x1024&_s=1&sid=1669986717&sct=1&seg=0&dl=https%3A%2F%2F18korea.net%2Fwatch%2Fyoung-aunt-3-co-gi-tre-chung-3-&dt=Young%20Aunt%203%20(%20C%C3%B4%20G%C3%AC%20tr%E1%BA%BB%20chung%203%20)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-BNGW6L3J0E>m=2oebu0&_p=850443743&cid=1778038652.1669986718&ul=en-us&sr=1280x1024&_s=1&sid=1669986717&sct=1&seg=0&dl=https%3A%2F%2F18korea.net%2Fwatch%2Fyoung-aunt-3-co-gi-tre-chung-3-&dt=Young%20Aunt%203%20(%20C%C3%B4%20G%C3%AC%20tr%E1%BA%BB%20chung%203%20)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BNGW6L3J0E>m=2oebu0&_p=850443743&cid=1778038652.1669986718&ul=en-us&sr=1280x1024&_s=1&sid=1669986717&sct=1&seg=0&dl=https%3A%2F%2F18korea.net%2Fwatch%2Fyoung-aunt-3-co-gi-tre-chung-3-&dt=Young%20Aunt%203%20(%20C%C3%B4%20G%C3%AC%20tr%E1%BA%BB%20chung%203%20)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://18korea.net
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://18korea.net
date: Fri, 02 Dec 2022 13:12:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
18korea.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.235.34200 OK 0 B URL HTTP/2 18korea.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.235.34:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcq4m97tsetj4lWIn5cndKzv57yingSilH6l3Jfe%2BesdbLAmQ3EFE8CrnUJpbFM7I0yby8vCvasEvD7krOKHUUcrrzLJLoT%2BVt9u2EAaJJHiAbORAppwAOt0OlzS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fb19c9d71da-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 04 Dec 2022 13:11:56 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: scm=1; OAID=7907174b8ba24497ad174971967ffcaa; oaidts=1669986718
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/1?z=5096881
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/1?z=5096881
IP 139.45.197.239:0
GET /1?z=5096881 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c001b2f229ad6a1ffd07985ddb3127f5
access-control-expose-headers: X-Sc
x-sc: w_WRE6SVBHrieZ2Ezj8Nvp_s4N9cQGgcgiczUJDH8LmaR6MsJjtfheZwikurHeMt4IfcBt8TdInpZI3jUKLhIQXaE7E=
set-cookie: scm=1; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
OAID=849342e80ba84413b1673a7308c49edb; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
18korea.net/js/code.min.js
104.21.235.34200 OK 0 B URL HTTP/2 18korea.net/js/code.min.js
IP 104.21.235.34:0
GET /js/code.min.js HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: application/javascript
last-modified: Tue, 29 Dec 2020 02:57:50 GMT
vary: Accept-Encoding
etag: W/"5fea9b2e-739c"
expires: Fri, 02 Dec 2022 18:49:36 GMT
cache-control: max-age=43200
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FbEkyBA8KVnA0VA5YiD8thcaD46Au1uyxRBcRhzT9XzbJFLjVDy%2FEOmsi5OCYRpAcoJS6U4jTI4LtGIrpITXVxXt2b%2BIvy4M1NY3%2FSflbn9yaYORKW8s8BMid%2FRGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb19c9a71da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
betotodilea.com/400/4455000
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4455000
IP 139.45.197.237:0
GET /400/4455000 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ninjastream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:57 GMT
content-type: application/javascript
x-trace-id: 1241479bde4f94b350798c1bf40c47f3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=2a9fd7ad489b4f9e90cd6d15bb692de8; expires=Sat, 02 Dec 2023 13:11:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
18korea.net/sever/player?v=young-aunt-3-co-gi-tre-chung-3-
104.21.235.34200 OK 0 B URL HTTP/2 18korea.net/sever/player?v=young-aunt-3-co-gi-tre-chung-3-
IP 104.21.235.34:0
GET /sever/player?v=young-aunt-3-co-gi-tre-chung-3- HTTP/1.1
Host: 18korea.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18korea.net/watch/young-aunt-3-co-gi-tre-chung-3-
Cookie: X_CACHE_KEY=a474c2dac1d6041d1c95faaca1aac622; PHPSESSID=7d9bhi5k0qlr19inrsvjorlaru
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv7rKRL3ZVQVHGrxZ6NGTtXXUzzt2uNy276rv5wZvNYd7PkVzgqCgPj4bYxmswEeP42CAd%2FseP54ShCHkhl%2BWyoeLOXoeNwytCoy78SaCxgeR%2FnQT6yTfxUrPseX9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77344fb18c7971da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://18korea.net
Connection: keep-alive
Referer: https://18korea.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:11:56 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77344fb1dd9fb529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad
IP 139.45.197.239:0
POST /9?z=5096881&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fninjastream.to%2Fwatch%2FNg9QnBwE6QVKb&wy=0&wx=0&ww=1280&wh=1024&cw=970&wiw=970&wih=546&wfc=2&sah=1002&drf=https%3A%2F%2F18korea.net%2F&hil=1&ist=0&oaid=fb9ae91e70c44b5c80b967e6fe9949ad HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 43
Origin: https://ninjastream.to
Connection: keep-alive
Referer: https://ninjastream.to/
Cookie: scm=1; OAID=849342e80ba84413b1673a7308c49edb; oaidts=1669986718
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:11:59 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ninjastream.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d4e0fa49a45e5ec2f9874a64ffcc2761
access-control-expose-headers: X-Sc
set-cookie: OAID=fb9ae91e70c44b5c80b967e6fe9949ad; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
oaidts=1669986718; expires=Sat, 02 Dec 2023 13:11:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2