embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
185.178.208.107200 OK 3.8 kB URL HTTP/1.1 embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
IP 185.178.208.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1180)
Hash 18467c72dd284e514317261c1b17b373
b273efb620d2777f896387debc5fffdca46f27c9
65c342e01034774ac5b9fa2760987865788dde655761a3dfabcd9c9d047d0a4e
GET /movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0= HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; Domain=.embedy.cc; HttpOnly; Path=/; Expires=Wed, 30-Aug-2023 19:56:27 GMT
PHPSESSID=5chae8jkk3fvh6695omovlh7q4; path=/
language=US; expires=Wed, 30-Aug-2023 19:56:27 GMT; path= /; samesite=None; secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: DENY
X-Powered-By: Embedy.cc
Content-Encoding: gzip
Transfer-Encoding: chunked
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 19:02:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mGNkvk8LkHpwjlaDW6tz5psak-2D9Lv91ljIL89rgg_yY01_X1ArBw==
Age: 3256
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7383
Expires: Tue, 30 Aug 2022 21:59:30 GMT
Date: Tue, 30 Aug 2022 19:56:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NfuO3Sq-4rQVW-8LYmu5SDtJiuTwNK9vtr1MYX7SENi92m_rkByH2g==
age: 76829
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 19:56:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30028
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 25 Aug 2022 13:02:37 GMT
Expires: Fri, 25 Aug 2023 13:02:37 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 456830
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
142.250.74.74200 OK 63 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (64562)
Hash 468446a7240461af44b59ebb2047c231
47b7c525dc91bece99df0c414960b9490b986ba8
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6
GET /ajax/libs/jqueryui/1.9.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 62563
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 25 Aug 2022 05:21:51 GMT
Expires: Fri, 25 Aug 2023 05:21:51 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 484476
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
185.178.208.107200 OK 1.5 kB URL HTTP/1.1 embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
IP 185.178.208.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8a5305d25ea8ce9168c0dc8f3f81df02
ff90824e3589a4399e590233efef332b34f477ed
98f4e3841ae2d26789d72fc3a88a250669ea3fad69515dd63bd73bd197d8ed1f
GET /embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0= HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: language=US; expires=Wed, 30-Aug-2023 19:56:27 GMT; path= /; samesite=None; secure
X-Powered-By: Embedy.cc
Content-Encoding: gzip
Transfer-Encoding: chunked
embedy.cc/application/web/style/font-awesome-animation.css?E9HuAR
185.178.208.107200 OK 1.8 kB URL HTTP/1.1 embedy.cc/application/web/style/font-awesome-animation.css?E9HuAR
IP 185.178.208.107:0
File type ASCII text, with very long lines (16100)
Hash 4215d8006c1dbd13ab1d21322d11384c
02a38bf8447e42611bfc1cf332abcc7a5f6b35a9
b37d952e01bd4b9fe0be2c6caba9ae2126f4e3aecc6fb4a03715b4b428009f2f
GET /application/web/style/font-awesome-animation.css?E9HuAR HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Apr 2018 12:27:57 GMT
Vary: Accept-Encoding
ETag: W/"5acf50cd-3f4e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/web/js/func.js?E9HuAR
185.178.208.107200 OK 20 kB URL HTTP/1.1 embedy.cc/application/web/js/func.js?E9HuAR
IP 185.178.208.107:0
File type Unicode text, UTF-8 text, with very long lines (42481), with no line terminators
Hash 1449994dd1ab459e00aaa75a70f7b9a0
73a5f1aab15142744cf23e99c94412ab7e112b4d
94b9518aa43b901ced7d843d116923edf7260e73c373c8011d0ca465bcb416db
GET /application/web/js/func.js?E9HuAR HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 07 Feb 2022 13:43:15 GMT
Vary: Accept-Encoding
ETag: W/"620121f3-b109"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/web/js/history.js?E9HuAR
185.178.208.107200 OK 5.7 kB URL HTTP/1.1 embedy.cc/application/web/js/history.js?E9HuAR
IP 185.178.208.107:0
File type ASCII text, with very long lines (16481), with no line terminators
Hash c6921028d8a4d7c70bcc0d7f268895d8
8a6ecc957cecfd1a6db6a939efbc14586e5b5ece
b45171632eb6da2dacd5fab43764ff5ba68aef2b3e702f98c96e5d65a69b2f07
GET /application/web/js/history.js?E9HuAR HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 01 Feb 2021 19:58:31 GMT
Vary: Accept-Encoding
ETag: W/"60185d67-4061"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/web/style/styles.css?E9HuAR
185.178.208.107200 OK 7.9 kB URL HTTP/1.1 embedy.cc/application/web/style/styles.css?E9HuAR
IP 185.178.208.107:0
Hash b1829cbb7055210cbf93e2d5bce3f6ad
2f5e21edba03b6f064a92ccdfc0d1d7c708839c0
f4717cf98ae1cb2e24144f26ef581d12feb34f4107292efa5f93b6e97f9b02a6
GET /application/web/style/styles.css?E9HuAR HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/css
Last-Modified: Fri, 05 Mar 2021 17:39:33 GMT
Vary: Accept-Encoding
ETag: W/"60426cd5-f506"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/embed/css/style.css?kH2w98U
185.178.208.107200 OK 1.4 kB URL HTTP/1.1 embedy.cc/application/embed/css/style.css?kH2w98U
IP 185.178.208.107:0
File type ASCII text, with very long lines (4458), with no line terminators
Hash 341a458aa5c434769f00e0b5608cc547
1fc1b335f5236da97c296beecd224250e6d51c70
a574d26eccd11c576dc978efa23006ccce6f599f06c1b9934b92c7c57f7845e1
GET /application/embed/css/style.css?kH2w98U HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/css
Last-Modified: Sat, 06 Feb 2021 14:11:50 GMT
Vary: Accept-Encoding
ETag: W/"601ea3a6-116a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/embed/videojs/video-js.min.css?kH2w98U
185.178.208.107200 OK 4.4 kB URL HTTP/1.1 embedy.cc/application/embed/videojs/video-js.min.css?kH2w98U
IP 185.178.208.107:0
File type ASCII text, with very long lines (20180)
Hash b5fa36eb919043ea757a24193c5915d2
2dcc1a120def400dcd4c4a1af7c24cec69a4a429
0fc09943df2533c5e8b1b73ff2da3cb3ce421c8e95982dd2121257e508df9535
GET /application/embed/videojs/video-js.min.css?kH2w98U HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: text/css
Last-Modified: Thu, 01 Apr 2021 18:06:08 GMT
Vary: Accept-Encoding
ETag: W/"60660b90-4f4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/web/images/flags.png
185.178.208.107200 OK 23 kB URL HTTP/1.1 embedy.cc/application/web/images/flags.png
IP 185.178.208.107:0
File type PNG image data, 256 x 176, 8-bit colormap, non-interlaced\012- data
Hash 31643d9057721a884ad18cad97758b7d
8da2afeb724db36bf86e1c295a3a7b3458282f55
f279f07907722e06caa33de9ee45c24a6cb96b86859bef01c2753d78035ac418
GET /application/web/images/flags.png HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/application/web/style/styles.css?E9HuAR
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 29 Mar 2022 13:02:20 GMT
Content-Type: image/png
Content-Length: 23023
Last-Modified: Sat, 14 May 2016 18:47:17 GMT
ETag: "573772b5-59ef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 13330448
DDG-Cache-Status: HIT
embedy.cc/application/embed/js/jquery-3.4.1.min.js?kH2w98U
185.178.208.107200 OK 31 kB URL HTTP/1.1 embedy.cc/application/embed/js/jquery-3.4.1.min.js?kH2w98U
IP 185.178.208.107:0
File type ASCII text, with very long lines (65451)
Hash f8a10c76294be4282d55a848bb39b30f
1d7abbd795999774bc36977cd11d56488587d4c4
0266e9b70e37bd2a3d4a5d0a9460eb7b766e9c2efa1299555217b591ac623dff
GET /application/embed/js/jquery-3.4.1.min.js?kH2w98U HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 23 Aug 2019 12:19:52 GMT
Vary: Accept-Encoding
ETag: W/"5d5fd9e8-15850"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
embedy.cc/application/web/fonts/fontawesome-webfont.woff2?v=4.4.0
185.178.208.107200 OK 77 kB URL HTTP/1.1 embedy.cc/application/web/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 185.178.208.107:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /application/web/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://embedy.cc/application/web/style/styles.css?E9HuAR
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 26 Aug 2022 07:18:29 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Mon, 19 Dec 2016 11:32:14 GMT
ETag: "5857c53e-12d68"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 391078
DDG-Cache-Status: HIT
embedy.cc/application/embed/js/getembed.js?kH2w98U
185.178.208.107200 OK 63 kB URL HTTP/1.1 embedy.cc/application/embed/js/getembed.js?kH2w98U
IP 185.178.208.107:0
File type ASCII text, with very long lines (32264)
Hash f6548f524de0396e683748945e742aa8
d7d0363a9f3e7bcd7336db95db964e6be592344e
feefe8ae6978403346900d646e19eafcaf8db8888630500573b8ac4d0e823d88
GET /application/embed/js/getembed.js?kH2w98U HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:27 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 17 Sep 2021 10:36:48 GMT
Vary: Accept-Encoding
ETag: W/"61446fc0-3279c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-15423068-7
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-15423068-7
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 580742597b616b1be194a62c5f9e3363
7cd771b7787979ad33b2fe642c7f0553a8c76cb7
c903290473066897707dab6d53da64f4e385102ba9fcc3cc030a68e926fedf7a
GET /gtag/js?id=UA-15423068-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Aug 2022 19:56:27 GMT
expires: Tue, 30 Aug 2022 19:56:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 Aug 2022 18:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embedy.disqus.com/embed.js
151.101.84.134301 Moved Permanently 219 B URL HTTP/1.1 embedy.disqus.com/embed.js
IP 151.101.84.134:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6b22a8f71ae72ac4b781cff49386dfa9
a8e7202517458752851aeb18c9fb770e931fec34
186d5321baf20106cb6361d9ec524b818d876d773a5bd9dd5530ae5889d74be3
GET /embed.js HTTP/1.1
Host: embedy.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 301 Moved Permanently
Server: Varnish
Location: https://embedy.disqus.com/embed.js
Content-Type: text/html
Cache-Control: public, max-age=31536000
Content-Length: 219
Date: Tue, 30 Aug 2022 19:56:27 GMT
Connection: close
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
embedy.cc/favicon.ico
185.178.208.107200 OK 202 B IP 185.178.208.107:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 4782fee4e049aad0676efdb22682f009
ff568fa4917003b883c1100dbdce380f6f7f7ab6
5eecc7e5a9d73b8ac2dfc2a90f1e76c19f68791832886fe21f6add6bae20d8a9
GET /favicon.ico HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 29 Mar 2022 17:43:52 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 12 May 2016 10:08:56 GMT
ETag: W/"57345638-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 13313555
DDG-Cache-Status: HIT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 30 Aug 2022 18:41:12 GMT
expires: Tue, 30 Aug 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4515
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834
88.212.202.52302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 302 Moved Temporarily
Date: Tue, 30 Aug 2022 19:56:27 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834
Content-Length: 32
Expires: Sun, 29 Aug 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
embedy.disqus.com/embed.js
151.101.84.134200 OK 25 kB URL HTTP/1.1 embedy.disqus.com/embed.js
IP 151.101.84.134:0
File type ASCII text, with very long lines (32091)
Hash 1daa672aade2bf735050b03fb0d8cfd3
58f818c5578bfebb3aff1af169a2a15dd42e1546
956b0e76c678809b775e4ee169a623706f5529347eec71f64a5b988c5c115beb
GET /embed.js HTTP/1.1
Host: embedy.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://embedy.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25376
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 19:56:27 GMT
Age: 79
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 00a773ed65f5723e52f2ae727771f9e1
255bb0f9e532874c83327b47d23f2b550fdf1226
d624a829c7dbbc843a4e78d229e1832027a8b0cdcd8cc0d7c2039a4bfc2a714a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 03 Sep 2022 18:19:06 GMT
ETag: "255bb0f9e532874c83327b47d23f2b550fdf1226"
Last-Modified: Tue, 30 Aug 2022 18:19:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2723
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7430170328b5b4fd-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 30 Aug 2022 19:17:12 GMT
Expires: Tue, 30 Aug 2022 19:24:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a4QwX7UvZ1oaYfksW-pg6hSH544XoBMnMjT9VVR8K6ikV5hSMbgcHQ==
Age: 2356
counter.yadro.ru/hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834
88.212.202.52200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash c13b0ec205fabd070b69a7df6971641b
d03360d12bf1f034e65c1cb299743eff3a226f3f
eb03d5c88046cd6bf4bf958b581f783cc1f6b1f21f91af45c3e0ce5cf137bd0c
GET /hit?t50.6;r;s1280*1024*24;uhttp%3A//embedy.cc/movies/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D;0.1348759989968834 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://embedy.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Sun, 29 Aug 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
sun9-45.userapi.com/c857224/v857224423/1f6ea4/783l7vAPV2Y.jpg
87.240.185.148200 OK 39 kB URL HTTP/2 sun9-45.userapi.com/c857224/v857224423/1f6ea4/783l7vAPV2Y.jpg
IP 87.240.185.148:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash e9339730e6c40de20ad1612e9a271b5a
ea1d319f34813628a93e838b76977d7ca5a84f36
46054d0f7e43f6c39fe2e4d077bdecec40b70d215978323d8e3acd636c8441cc
GET /c857224/v857224423/1f6ea4/783l7vAPV2Y.jpg HTTP/1.1
Host: sun9-45.userapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Tue, 30 Aug 2022 19:56:28 GMT
content-type: image/jpeg
content-length: 38695
last-modified: Thu, 10 Sep 2020 21:01:40 GMT
expires: Thu, 29 Sep 2022 19:56:28 GMT
cache-control: max-age=2592000
x-frontend: front225000
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/disqus-social-icon-light.5a4245eaed6988115d6bd53f20074f71.svg
143.204.55.127200 OK 1.0 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/disqus-social-icon-light.5a4245eaed6988115d6bd53f20074f71.svg
IP 143.204.55.127:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5a4245eaed6988115d6bd53f20074f71
571736b1f0cabda0d635c7f5f9025f006f9ac246
62d25a3e68dbdcb532c9e7811f6f2d4d250545aba83dde06010c0b6b16e5200d
GET /next/embed/assets/img/disqus-social-icon-light.5a4245eaed6988115d6bd53f20074f71.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 1042
date: Tue, 16 Aug 2022 03:35:15 GMT
server: nginx
last-modified: Mon, 15 Aug 2022 15:49:09 GMT
etag: "62fa6af5-412"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 16 Aug 2023 03:35:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qnQJwSaXDATXPaq3H0G_9Ol5NwXSxo37qlP5TTbvfcKDOQKvogRb4Q==
age: 1268473
X-Firefox-Spdy: h2
brunettemattersrefused.com/e8/5b/5c/e85b5c7bdb1a24cd4a76afc29fcc2f61.js
192.243.59.13200 OK 17 kB URL HTTP/1.1 brunettemattersrefused.com/e8/5b/5c/e85b5c7bdb1a24cd4a76afc29fcc2f61.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (53877), with no line terminators
Hash c57b7b841d939f9a17cb01e946a91093
8aefc18ab22967991c8502fea866d4175f23a9d6
f798369bc5572a2ff7cd399ad572d91f86c1af9b944b4f69e74f46e0c4c03fa7
Analyzer Verdict Alert quad9 Sinkholed
GET /e8/5b/5c/e85b5c7bdb1a24cd4a76afc29fcc2f61.js HTTP/1.1
Host: brunettemattersrefused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8660e7b78c6e394b429482e3e98f519
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view
151.101.84.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view
IP 151.101.84.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=lounge.loading.view HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Aug 2022 19:56:28 GMT
Cross-Origin-Resource-Policy: cross-origin
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f67e41cdd7e5f2aa8f93d031979c9109
5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6
608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:28 GMT
Last-Modified: Tue, 30 Aug 2022 18:45:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
151.101.128.134200 OK 2.8 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
IP 151.101.128.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2608)
Hash 6165ead03819ebd3eed9b43feed8b396
e28d1fe73dccbc2fb05d1182c8e7b664025ec664
30886e73fb909e3a00f7cb1636fddb09462a4ee6210219d8ec3bcbc38135983e
GET /embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2801
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 24 May 2022 17:33:03 GMT
ETag: W/"lounge:view:8252509882.9a86dea8ebfc1d7a6c5c5a0e833b8823.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Tue, 30 Aug 2022 19:56:28 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js
143.204.55.127200 OK 494 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js
IP 143.204.55.127:0
File type ASCII text, with very long lines (958), with no line terminators
Hash d525c599081cc243ee1606c485acac49
70d711b8925a504b1ec5050750c3fc3f6ea54b72
7cc1470688587ef371098cef3ca14d6d0a4a7edebf5f548b8a7534d843724a2e
GET /next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 494
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:38 GMT
etag: "630e4dee-1ee"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _p8ab77DytJ0AmH2P8Aq5wPOxFrpi-7il4A7k3FerRgAEMvFr7PjLw==
age: 5266
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
143.204.55.127200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP 143.204.55.127:0
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HmEx4zlMpZG44sumYqJDNbg0WehSmbBC-lykRGP2gvBS9sRTmxQfOw==
age: 3162899
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 23 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 487ad2b48cd98e36abf708a3b60f4a36
ccf7b110523d50bb619becd48c3f013cc5fdce87
768eff747f795e1232d182eb859170e32d4f06ed29da872c09af5363c459668f
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 16ea5e4127863bb0840011710de62c10
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 30 Aug 2022 19:56:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8WXBmuonPNttNcan93DoTgZPaml383sTPqrR%2FjCfEZKS6uB4E1pTExEu4I7BbICdcolpyzF4HocI4fL2DiFWThpy1ILx0B2SvdVtSx68i03UHTWU7gHJE5%2F19uRJxS9SvWvzE8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743017054f28b7c4-AMS
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
143.204.55.127200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
IP 143.204.55.127:0
File type ASCII text, with very long lines (65469)
Hash 562dca2947880c34049caa25b608163e
2d3400232c34275d53746a9ac01d9d37c20c020b
723cbb9fb0d3a0a5eb8305be7f896893e3bf6ab03a0578adda3e77535452bfee
GET /next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26448
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
etag: "630e4def-6750"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6pxpiC83Tj4YPdXHQwTIijZOYZb0kQ1WQ8kTmARCbz-GfC3Pf9Eorw==
age: 5266
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js
143.204.55.127200 OK 125 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js
IP 143.204.55.127:0
File type ASCII text, with very long lines (32035)
Size 125 kB (124861 bytes)
Hash b7529fb4e99080bdade176536dcd2f34
3003c5866b66518508c0e92ef84e6b6765108c48
f370600c6bb9219ce054ea20b074baf379d2a0c97378e0462848f61215d300e1
GET /next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 124861
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
etag: "630e4def-1e7bd"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F59RGFzlYQZSOMArMKMOvN98fXbi8WdWwcMOABMT3Z5p8O_yobvlRw==
age: 5266
X-Firefox-Spdy: h2
disqus.com/next/config.js
151.101.128.134200 OK 16 kB URL HTTP/1.1 disqus.com/next/config.js
IP 151.101.128.134:0
File type ASCII text, with very long lines (15959), with no line terminators
Hash ab5532edb96d74b1d2a7fd056a5fa269
c0674589c5725e9a7fc3076f80939dd17b394db7
02ce328e0bb8d5fbf1a0591dc168595b09dbb5569454c53b84abc46aec78be94
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15959
Server: nginx
Content-Type: application/javascript; charset=UTF-8
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Aug 2022 19:56:28 GMT
Age: 35
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kEKJMuSgq6i/Wj6WgbOCGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aFIHrevpPdYIl0ldbZMpmBVDakA=
c.disquscdn.com/next/current/embed/lang/ru.js
143.204.55.127200 OK 11 kB URL HTTP/2 c.disquscdn.com/next/current/embed/lang/ru.js
IP 143.204.55.127:0
File type Unicode text, UTF-8 text, with very long lines (25288), with no line terminators
Hash 4d02fac64ebd2e66608aa472f8540cf4
5b577275da91229a0aa21f296d322ab03c539b4f
500061cb050c0b50a22a80c89e376cd87414e03c2437aef74206be1d461ff662
GET /next/current/embed/lang/ru.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 10805
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 30 Aug 2022 19:51:58 GMT
expires: Tue, 30 Aug 2022 19:56:54 GMT
cache-control: max-age=300, public
etag: "630e4def-2a35"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -w2bENaWMru5yDaXVfGsQgyJbWzlg5dQZb2w6zJL6eKih9b76atihQ==
age: 274
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=embedy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.128.134200 OK 2.9 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=embedy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.128.134:0
File type JSON data\012- , ASCII text, with very long lines (2869), with no line terminators
Hash e0962317888b75122a74bfbd41ce7e6a
5ceb29d3415398b55c5a64af07a1a768d4e60eb2
08f564d02f65ec49e9a641184509f80256c42906210066d74e1a06293992b293
GET /api/3.0/forums/details?forum=embedy&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2869
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Aug 2022 19:56:28 GMT
Age: 95
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
143.204.55.127200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP 143.204.55.127:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 10ssVtdyOp-a6Js-_bTSHx79TUEsf7ZBNuJCrMc6emv4GSccvAScGQ==
age: 3162898
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
143.204.55.127200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP 143.204.55.127:0
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RLaDDJ_9b370A21KFs3GDPabN7A0v6Dwb7qrqPicaMQV_RQVhW_bBw==
age: 3162898
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
143.204.55.127200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP 143.204.55.127:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-1edc"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dFuoho9YphC_tJLKx35qsAgqJKGuohwSrmlFV9BoyzNL_CiC4Nzn7A==
age: 3162898
X-Firefox-Spdy: h2
a.disquscdn.com/1660573036/images/noavatar92.png
151.101.86.49200 OK 1.6 kB URL HTTP/2 a.disquscdn.com/1660573036/images/noavatar92.png
IP 151.101.86.49:0
File type PNG image data, 92 x 92, 8-bit/color RGB, non-interlaced\012- data
Hash 675fb4b91ca717db030507f2d84bcfdf
c8728df74487f907230358a1b08ae1a1b25f9ed4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
GET /1660573036/images/noavatar92.png HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
etag: "60395f01-66c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 14 Sep 2022 20:00:35 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: HaTRxAJkog3XAeeKuj4PvA9gd6AXdsmDT7VUmAnH8MIcd6_hyBWkag==
date: Tue, 30 Aug 2022 19:56:28 GMT
age: 1295754
strict-transport-security: max-age=300; includeSubdomains
content-length: 1644
X-Firefox-Spdy: h2
sillinessinterfere.com/8b/59/63/8b5963c5770896045ef1536ef5a90d08.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 sillinessinterfere.com/8b/59/63/8b5963c5770896045ef1536ef5a90d08.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37149), with no line terminators
Hash d5f4e005e368d375d747f808237876b4
ce9742bf68a1e980b54798f83fc0eea23ae1c0bd
9e9472f32ab49736e45ea27ec51c277f485c734fb09d970f2f59582646f7d0db
Analyzer Verdict Alert quad9 Sinkholed
GET /8b/59/63/8b5963c5770896045ef1536ef5a90d08.js HTTP/1.1
Host: sillinessinterfere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a152a5de6331e72ed29c552b8b28127
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
143.204.55.127200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP 143.204.55.127:0
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-67d2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NGQf40FjYcRZZuaW2bXIMhHoEAZC1W9H0La8BCHDAk9cNJDgSXLMvg==
age: 3162898
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=0.14833213319179783
104.16.163.13200 OK 43 B URL HTTP/1.1 cdn.viglink.com/images/pixel.gif?ch=2&rn=0.14833213319179783
IP 104.16.163.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=0.14833213319179783 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Cache-Control: max-age=15, must-revalidate
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743017090ffefac4-OSL
cdn.viglink.com/images/pixel.gif?ch=1&rn=0.14833213319179783
104.16.163.13200 OK 43 B URL HTTP/1.1 cdn.viglink.com/images/pixel.gif?ch=1&rn=0.14833213319179783
IP 104.16.163.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=0.14833213319179783 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Cache-Control: max-age=15, must-revalidate
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743017090ac8fab8-OSL
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=281&event=init_embed&thread=8252509882&forum=embedy&forum_id=4238911&imp=1nb92eqq1askb&thread_slug=giantess_yum_the_boss&user_type=anon&referrer=http%3A%2F%2Fembedy.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
151.101.84.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=281&event=init_embed&thread=8252509882&forum=embedy&forum_id=4238911&imp=1nb92eqq1askb&thread_slug=giantess_yum_the_boss&user_type=anon&referrer=http%3A%2F%2Fembedy.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
IP 151.101.84.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=281&event=init_embed&thread=8252509882&forum=embedy&forum_id=4238911&imp=1nb92eqq1askb&thread_slug=giantess_yum_the_boss&user_type=anon&referrer=http%3A%2F%2Fembedy.cc%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Aug 2022 19:56:28 GMT
Cross-Origin-Resource-Policy: cross-origin
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash a95e91498d7dcaa762948aee96c33fa6
0e03197b344bd8d4210ed9e54965cc1b62de3b34
2da87d7b314c5ab2b6b13be3ae6fd1207ebc6b0815dd8da7dd09bbf0cc7763da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 19:56:28 GMT
Last-Modified: Tue, 30 Aug 2022 18:14:47 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xjp8itsWpIQyomLsqESnzQiNY41NHWWaMwq4lx2kq1Lo1zjUmkxSNw==
Age: 6101
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 166f6ca3034e5bbb63c7274eb89fa678
f7d8ff40aa312dc2a3a207e5d4e705512808a8ab
a8871e50239f2b6ef98595b54cf9fb51a29aa8d77ce272ff0860dab80f50fbd3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://embedy.cc
access-control-allow-credentials: true
set-cookie: uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1; expires=Fri, 27 Aug 2032 19:56:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.js?experiment=network_default&variant=fallthrough&page_referrer=direct&product=embed&thread=8252509882&thread_id=8252509882&forum=embedy&forum_id=4238911&zone=thread&page_url=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22dark%22%2C%22anchor_color%22%3A%22rgb(204%2C204%2C204)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A980%7D&event=activity&imp=1nb92eqq1askb§ion=default&area=n%2Fa
151.101.84.134200 OK 40 B URL HTTP/1.1 referrer.disqus.com/juggler/event.js?experiment=network_default&variant=fallthrough&page_referrer=direct&product=embed&thread=8252509882&thread_id=8252509882&forum=embedy&forum_id=4238911&zone=thread&page_url=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22dark%22%2C%22anchor_color%22%3A%22rgb(204%2C204%2C204)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A980%7D&event=activity&imp=1nb92eqq1askb§ion=default&area=n%2Fa
IP 151.101.84.134:0
Hash 3f4a0f64733b8c0d50626043fd7886d6
b8a40d3642deca1cc0ea8648ddbfa3bfb0fc8a1e
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
GET /juggler/event.js?experiment=network_default&variant=fallthrough&page_referrer=direct&product=embed&thread=8252509882&thread_id=8252509882&forum=embedy&forum_id=4238911&zone=thread&page_url=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&service=dynamic&verb=view&object_type=product&object_id=embed&extra_data=%7B%22color_scheme%22%3A%22dark%22%2C%22anchor_color%22%3A%22rgb(204%2C204%2C204)%22%2C%22typeface%22%3A%22sans-serif%22%2C%22width%22%3A980%7D&event=activity&imp=1nb92eqq1askb§ion=default&area=n%2Fa HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=embedy&t_u=http%3A%2F%2Fembedy.cc%2Fmovies%2FbXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0%3D&t_d=Giantess%20Yum%20The%20Boss&t_t=Giantess%20Yum%20The%20Boss&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Content-Type: application/javascript
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cross-Origin-Resource-Policy: cross-origin
transfer-encoding: chunked
creepingbrings.com/sfp.js
104.21.234.232200 OK 23 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP 104.21.234.232:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 487ad2b48cd98e36abf708a3b60f4a36
ccf7b110523d50bb619becd48c3f013cc5fdce87
768eff747f795e1232d182eb859170e32d4f06ed29da872c09af5363c459668f
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:29 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 438560ff6ecd49ede178fbfcd45825e2
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 30 Aug 2022 19:56:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3w%2Byq3Hib%2FgYdA%2Fhla3Utvo%2BPaHQBdXB05NN8f0piYvJrX1k%2F%2BVGqRUUuQT4K2ElBeZ1o1PYy0phEhLRw9M4U4ijQh1in%2BLLx%2FbhQIqy5Ax2TVD9eHrFDd0UbtevcN0b78zafo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74301708bd47b734-AMS
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 166f6ca3034e5bbb63c7274eb89fa678
f7d8ff40aa312dc2a3a207e5d4e705512808a8ab
a8871e50239f2b6ef98595b54cf9fb51a29aa8d77ce272ff0860dab80f50fbd3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Cookie: uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://embedy.cc
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 166f6ca3034e5bbb63c7274eb89fa678
f7d8ff40aa312dc2a3a207e5d4e705512808a8ab
a8871e50239f2b6ef98595b54cf9fb51a29aa8d77ce272ff0860dab80f50fbd3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Cookie: uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://embedy.cc
access-control-allow-credentials: true
X-Firefox-Spdy: h2
embedy.cc/video.get/
185.178.208.107200 OK 98 B IP 185.178.208.107:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e82937c7bf1ba5ac80bc01c9dac29c82
bcfab9c05b65782ebb5f227a5c919aaa534b70e3
211bd8445302838981863b0b6fbd2bc7beee968bf0134e9b76fa5a070a842206
POST /video.get/ HTTP/1.1
Host: embedy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/embed/bXJpTUxOTThMaERkbGpFWXkrQzR1UW9pZGJ4MG1rbWg2U21GM1BiL0hiQT0=
Cookie: __ddg1_=UFKxDnN5Dir0ISBpOfLk; PHPSESSID=5chae8jkk3fvh6695omovlh7q4
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 30 Aug 2022 19:56:29 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://embedy.cc
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Origin, Accept, Range, Cache-Control
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
X-Powered-By: Embedy.cc
X-Served-By: srv2.embedy.cc
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&gjid=1229132874&_gid=161785276.1661889388&_u=IEBAAEAAAAAAAC~&z=1429620583
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&gjid=1229132874&_gid=161785276.1661889388&_u=IEBAAEAAAAAAAC~&z=1429620583
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&gjid=1229132874&_gid=161785276.1661889388&_u=IEBAAEAAAAAAAC~&z=1429620583 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://embedy.cc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&gjid=1316263945&_gid=161785276.1661889388&_u=aEDAAUABAAAAAC~&z=1947226996
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&gjid=1316263945&_gid=161785276.1661889388&_u=aEDAAUABAAAAAC~&z=1947226996
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&gjid=1316263945&_gid=161785276.1661889388&_u=aEDAAUABAAAAAC~&z=1947226996 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://embedy.cc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gettube.co/play/44534/?rel=0&showinfo=0
185.178.208.167301 Moved Permanently 568 B URL HTTP/1.1 gettube.co/play/44534/?rel=0&showinfo=0
IP 185.178.208.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /play/44534/?rel=0&showinfo=0 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gettube.co/play/44534/?rel=0&showinfo=0
Content-Type: text/html; charset=utf8
Content-Length: 568
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cb57f70cc3dfd408affeddac5e51ce2c
85fe4cd5f546cdf2c2834ac5665becb84de93b6a
d377d0292cd789fa483c883b04aeee09c0ac26a1e8834fdce23f7fdfbffe3028
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a3174f909a7792a326742671bb6d3dde
fa4703fd1dc5829d61209aaf18407b4498f8a478
bc171d0c715235ad2ba48dbbb594a35ea1af13107fe7b54e988a63a61fa9fb22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea07634338f8ff76bc416057e77bfc2b
6f8201cbf6484136aa5bcdce4fbfa36c6667a9a9
8de0ee1829d0c2996d14a7b0baa917244e384309e5003204b8060caf2e192008
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DE0EE1829D0C2996D14A7B0BAA917244E384309E5003204B8060CAF2E192008"
Last-Modified: Mon, 29 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2551
Expires: Tue, 30 Aug 2022 20:39:00 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a3174f909a7792a326742671bb6d3dde
fa4703fd1dc5829d61209aaf18407b4498f8a478
bc171d0c715235ad2ba48dbbb594a35ea1af13107fe7b54e988a63a61fa9fb22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cb57f70cc3dfd408affeddac5e51ce2c
85fe4cd5f546cdf2c2834ac5665becb84de93b6a
d377d0292cd789fa483c883b04aeee09c0ac26a1e8834fdce23f7fdfbffe3028
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=156898269&_u=aEDAAUABAAAAAC~&z=798308692 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gettube.co/play/44534/?rel=0&showinfo=0
185.178.208.167403 Forbidden 8.2 kB URL HTTP/2 gettube.co/play/44534/?rel=0&showinfo=0
IP 185.178.208.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /play/44534/?rel=0&showinfo=0 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://embedy.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:29 GMT
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddgid_=d342IAER2lSY7xb8; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 30-Aug-2023 19:56:29 GMT
__ddgmark_=8ngAUXhK7peFWR0x; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 31-Aug-2022 19:56:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15423068-7&cid=1526169109.1661889388&jid=2081894162&_u=IEBAAEAAAAAAAC~&z=401133192 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 19:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cb57f70cc3dfd408affeddac5e51ce2c
85fe4cd5f546cdf2c2834ac5665becb84de93b6a
d377d0292cd789fa483c883b04aeee09c0ac26a1e8834fdce23f7fdfbffe3028
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d540bb36b9dd961eb542506943f01784
fc85b89327b75d3d6643766a70f343f6ea0b7a30
1bcfead20bfe1a9677f25dbcec756dbb3244f6e53069b2a830529fd991baabce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 19:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gettube.co/.well-known/ddos-guard/check?context=free_splash
185.178.208.167200 OK 94 kB URL HTTP/2 gettube.co/.well-known/ddos-guard/check?context=free_splash
IP 185.178.208.167:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash c32eb42484e91dedfc68e42bee8ef9b7
96b7268b6be4f96191a18a6cca2a122de06fc11b
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
GET /.well-known/ddos-guard/check?context=free_splash HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:29 GMT
content-type: application/javascript
expires: Tue, 30 Aug 2022 20:56:29 GMT
content-length: 93545
X-Firefox-Spdy: h2
links.services.disqus.com/api/ping
151.101.84.64200 OK 299 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP 151.101.84.64:0
File type ASCII text, with no line terminators
Hash 30a182aebe2e0bdede1cf84e309d7287
62c8d39d23de20af2f2b9c5ef894fecaeeef14f6
b36c6244bc039c2a864895bc91ac7b42151a725e96a9ee9c8e78b166a4b03fed
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 195
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 299
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://embedy.cc
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Tue, 30 Aug 2022 19:56:29 GMT
Set-Cookie: vglnk.Agent.p=c87d8897c3b4c072ad208013ca91e920; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
151.101.84.64200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP 151.101.84.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
Set-Cookie: vglnk.Agent.p=08e22d99b4bf1a1fba13d7ea5ffa315f; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
links.services.disqus.com/api/domains
151.101.84.64200 OK 41 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP 151.101.84.64:0
File type ASCII text, with no line terminators
Hash 0914d25b5ac55d48c7d35b8a64d64a4f
bfb2b5be0e6d11138ac69632c658cac40ffb1bb4
9d04e28e3e61ee43da84369ccef7521e293e41a1976571aa103e5e4a32682dda
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 235
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://embedy.cc
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Tue, 30 Aug 2022 19:56:29 GMT
Set-Cookie: vglnk.Agent.p=46e25a6fb2b3171d567745af8938e75a; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 30 Aug 2023 19:56:29 GMT; path=/
gettube.co/.well-known/ddos-guard/mark/
185.178.208.167200 OK 0 B URL HTTP/2 gettube.co/.well-known/ddos-guard/mark/
IP 185.178.208.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /.well-known/ddos-guard/mark/ HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41268
Origin: https://gettube.co
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:29 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=e85b5c7bdb1a24cd4a76afc29fcc2f61&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=e85b5c7bdb1a24cd4a76afc29fcc2f61&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=e85b5c7bdb1a24cd4a76afc29fcc2f61&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 30 Aug 2022 19:56:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 839a26e34299424daed568d9a4be3791
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82bc1c69018845280d29653d6b2d6f8d
0c122f15422cab7ee3461e8fa657183ae54adcc5
e221638eff281c27ef4656f76e64963718186285c57e50a8958bd3065e662674
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9980
x-amzn-requestid: b9f6b930-9c47-41b9-879d-ce239e39f033
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTMGHlNoAMFuoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d324d-72ea52c010dff34438bbca28;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: orq6ucCez7UBzTSPTyJR8u8ZYf1VOV_zPOLsJFvGD2jfiW0YJmxVSg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:45:02 GMT
age: 79887
etag: "0c122f15422cab7ee3461e8fa657183ae54adcc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=8b5963c5770896045ef1536ef5a90d08&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=8b5963c5770896045ef1536ef5a90d08&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=1&pk=8b5963c5770896045ef1536ef5a90d08&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 30 Aug 2022 19:56:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b0ff94f2780fc5fa1b6b4ef07d32254
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76e5794e744702cc05c5cf327d8d6e8b
0c0aa6e65d901d8e8b712231fb6947b7d904a8d1
8550ab486c08f26ef003f584f9d89ec65b758def9853a1f93d5517528d5fc380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8550AB486C08F26EF003F584F9D89EC65B758DEF9853A1F93D5517528D5FC380"
Last-Modified: Tue, 30 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3267
Expires: Tue, 30 Aug 2022 20:50:56 GMT
Date: Tue, 30 Aug 2022 19:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87425d52d274ccbc12298aa7a47395f2
b2866f84f93b73d97e9aecfa2293ff47131b6d67
2284c74b04493c7a67907b2477bac252832f3550c6a7e57c221abefc45a12549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8478
x-amzn-requestid: 8ae5ce3f-0d58-412b-84f1-579c5cf21fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIH5JoAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-7bb707102a3acb0320585b52;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G0y5MCu_U2IUMTrWxPmyUefwSkF5tcEWpPh7sZ-Bn_1lXZv12tlpgQ==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:58:58 GMT
age: 79051
etag: "b2866f84f93b73d97e9aecfa2293ff47131b6d67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0502c5060f29d82fd10f9f79459e2ce0
110f2eecf72c6b89f250ebefeff5ef664dc2f3f6
f722656c432bbec2baa63b6edc4116c1996850462864456105d9fea9c3bc7ff4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10056
x-amzn-requestid: 2eb7bbf2-47ad-4f80-98e8-ecb45e98961b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xguh2H_woAMFXnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309c472-7dda060b4e7c81262aef3421;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1cunCq4Z1J-oQSmTlcAtgfXO0A4_XpHKl2UHpRCbf75--3eHEIgZGQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 11:39:46 GMT
age: 29803
etag: "110f2eecf72c6b89f250ebefeff5ef664dc2f3f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91310bc1fb5ae0efa502a9bafe046399
ec2a4baf0a21c1738a541d89756cccd6f3bef5fd
5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5925
x-amzn-requestid: fa7479ef-c5db-45ce-a973-a8831df14931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS-ZFH1IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31f5-1a9b0a43065d731b4cc61ed3;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:39:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DBxGjmVUCTjHUrOzLWp37FwLUUo_5CykjgxAeCAaw1TlodWSmbnCrA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:45:06 GMT
age: 79883
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4aa2a22c2851d082acd55c1c9782cee9
20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e
d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8684
x-amzn-requestid: e02c26f6-e28d-4b3f-971a-f42cbbf67845
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIGH0oAMFpEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-3183e76132b622350a75a86b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T1FGC5fMnwea3ltKnLgvqI1AueU8xp5ukWXnRptxDQoAH0DUbXPOEA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:59:22 GMT
age: 79027
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f9132960db725a095b0db1773dc6f69
bf1d4347e1641da5aebe6ae438c0431232ae6242
0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 45669
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash fe7883d8fce01a3df0add3c148f250ee
0404155f4e275d8b29d620f49b1f732ff8de40b7
05dc1d604f927b0b01c33694e83558b89b5e9c1001a12e5c24ede5db825643e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 20:53:31 GMT
Expires: Mon, 05 Sep 2022 20:53:30 GMT
Etag: "0404155f4e275d8b29d620f49b1f732ff8de40b7"
Cache-Control: max-age=521219,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7430170cd818b50c-OSL
check.ddos-guard.net/check.js
185.129.100.100200 OK 152 B URL HTTP/2 check.ddos-guard.net/check.js
IP 185.129.100.100:0
File type ASCII text, with no line terminators
Hash e7650b98dfc4b02b11762241dd72063d
19f4c9255f89d81511e93a1d45f8427356bac953
20dc07d2ec330f77681282852cba2fad77c4c47463bc0041bc73b84669e66d5f
GET /check.js HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: application/javascript
expires: Wed, 30 Aug 2023 19:56:30 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: private, s-maxage=0, max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: yoGwmZiarUsU6jr8
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:30 GMT
content-length: 152
X-Firefox-Spdy: h2
check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
185.129.100.100200 OK 68 B URL HTTP/2 check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
IP 185.129.100.100:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /set/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Cookie: __ddg2=yoGwmZiarUsU6jr8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:30 GMT
content-length: 68
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
185.178.208.167200 OK 68 B URL HTTP/2 gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
IP 185.178.208.167:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /.well-known/ddos-guard/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
set-cookie: __ddg2_=yoGwmZiarUsU6jr8; Domain=gettube.co; Path=/; HttpOnly; Expires=Wed, 30-Aug-2023 19:56:30 GMT
content-length: 68
X-Firefox-Spdy: h2
possessionaddictedflight.com/sbar.json?key=8b5963c5770896045ef1536ef5a90d08&uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5%3A2%3A1
192.243.59.12200 OK 4.5 kB URL HTTP/1.1 possessionaddictedflight.com/sbar.json?key=8b5963c5770896045ef1536ef5a90d08&uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6162), with no line terminators
Hash 5bd0fb5afb28675c4173a8f736ae0dc2
852a15d370a2a947513ce20e998faf712c257a83
60654e7c2a92b05d488ed3cb04ab5c47e8cd18a71dea7398cdafcc2d22746ad1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=8b5963c5770896045ef1536ef5a90d08&uuid=1199c4e7-1d5e-4e78-a02b-26342b3183b5%3A2%3A1 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://embedy.cc
Access-Control-Allow-Origin: http://embedy.cc
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15601424; expires=Wed, 31 Aug 2022 19:56:30 GMT; secure; SameSite=None
uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1; expires=Tue, 06 Sep 2022 19:56:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 31 Aug 2022 19:56:30 GMT; secure; SameSite=None
uncs=1; expires=Wed, 31 Aug 2022 19:56:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 31 Aug 2022 19:56:30 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 31 Aug 2022 19:56:30 GMT; secure; SameSite=None
slec8b5963c5770896045ef1536ef5a90d08=[3551993]; expires=Tue, 30 Aug 2022 19:56:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d1a2ae38f69033a0464be6518845ce6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
possessionaddictedflight.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSQW8bxRvGZ9v08NdfgoJ6QYLKBw4gEWd3be%2Fa9FARQlBEaEpLBSfQ7MzYmXp2ZzWz63V8iqhAPXAwXwBtHicNhQrRGwhRgRMJiUhIMaccyBcAcalUCU7IbkTgvbzvzPOM9Jtn5qOt%2FJi4yOnR0pt6IJWiC42qW3nhXc%2B7VFmVSd6v9JvB%2B0H9UsX0Xm4FVffFyuuCdfWC73qu67leZVka0db9hakImd5redWWW637Va9RR9%2F8d21zB5Y64L1j8jQkn8ztOxcg2RhJ%2FNWSsN1Mpy%2B9FueKZtqgx3dvJN1EFwni07FtHLST3RM3tD1cfgCd7MxwoXv%2FGCM5Ic6PDxAluyeQiHrbM85IQSSI%2BP9R9MYQagxJx2D6FiQ%2FJADjuLKGJL5zRZuCbjxW6VSdkLlHDyGLCZn79QKS%2BMtFJfuV61rlmdSJRb9dQvbHkJ0x0nwP2eAMZLEHln0AyX8mC49WkcTba1ZpSH70vOe1WqwuwnmPN8R8XYTNeer60bwf1Op%2BVPOatagxC0jKMWR7DCWGoPYMcusglw7ytoM8dRDzowrzPC90OaNus8VYjYciCrjr0bDtUc8NmsjZ9A5DZOkQTA3BzCZSs4muHMLk38Oul7Dcgc0IerxEIQgKS1BQgkISFBlB0St3uLK%2BLe9wZfPIO%2Bn%2BSa%2BVI511tuiOzjoiIVvpMXlqFtwfT55HVxxVmlGjFdRYIwzdZitw6w3R9hq1QLQbtOVytwkrS0h7BtQ6GMgJIZ%2F%2BhVQe3vgMEd2DVXtg8jxo%2FhxoMQp9F3R9VG%2B6GCR3RRwJvlFlDFyXSLM5ZBvOljomz8wQAv9PCHZw%2BYffPrz49Vu%2Fg5kSqSlxU%2B4TdNTt0TVdkO1rurDk%2FlqayVgO6PRdr2c0E2c%2Ff0NsFNrwlSU7vPsKmwrT8d7bwmarNOEy6VjyxaLkXJhlbZgg363Yd0R0Nbfri7lJ8nT16qvLK3FqhLVSJ2NQeWg%2FBpMT8j%2BqZx%2F22ZvfQJoxTF4izg%2FISUHqPbB0EzY9pbf6LIw69USpgyIvR8aPTjeVnBD%2F4U9Q4uDy%2FffO7X97bgAalbDiXwdP5y17Gx1zETS7hSQu0TMleqoEVUPY%2FOwoS83B5V9qs0KknFGkjLMdKaM%2BeRyvlUeVsFZzadBqeGFIRRjV%2FWY78Dilfj3wg4DWkNkJe6Kb%2FA0AAP%2F%2FAQAA%2F%2F%2FiVRTdfwQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 possessionaddictedflight.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSQW8bxRvGZ9v08NdfgoJ6QYLKBw4gEWd3be%2Fa9FARQlBEaEpLBSfQ7MzYmXp2ZzWz63V8iqhAPXAwXwBtHicNhQrRGwhRgRMJiUhIMaccyBcAcalUCU7IbkTgvbzvzPOM9Jtn5qOt%2FJi4yOnR0pt6IJWiC42qW3nhXc%2B7VFmVSd6v9JvB%2B0H9UsX0Xm4FVffFyuuCdfWC73qu67leZVka0db9hakImd5redWWW637Va9RR9%2F8d21zB5Y64L1j8jQkn8ztOxcg2RhJ%2FNWSsN1Mpy%2B9FueKZtqgx3dvJN1EFwni07FtHLST3RM3tD1cfgCd7MxwoXv%2FGCM5Ic6PDxAluyeQiHrbM85IQSSI%2BP9R9MYQagxJx2D6FiQ%2FJADjuLKGJL5zRZuCbjxW6VSdkLlHDyGLCZn79QKS%2BMtFJfuV61rlmdSJRb9dQvbHkJ0x0nwP2eAMZLEHln0AyX8mC49WkcTba1ZpSH70vOe1WqwuwnmPN8R8XYTNeer60bwf1Op%2BVPOatagxC0jKMWR7DCWGoPYMcusglw7ytoM8dRDzowrzPC90OaNus8VYjYciCrjr0bDtUc8NmsjZ9A5DZOkQTA3BzCZSs4muHMLk38Oul7Dcgc0IerxEIQgKS1BQgkISFBlB0St3uLK%2BLe9wZfPIO%2Bn%2BSa%2BVI511tuiOzjoiIVvpMXlqFtwfT55HVxxVmlGjFdRYIwzdZitw6w3R9hq1QLQbtOVytwkrS0h7BtQ6GMgJIZ%2F%2BhVQe3vgMEd2DVXtg8jxo%2FhxoMQp9F3R9VG%2B6GCR3RRwJvlFlDFyXSLM5ZBvOljomz8wQAv9PCHZw%2BYffPrz49Vu%2Fg5kSqSlxU%2B4TdNTt0TVdkO1rurDk%2FlqayVgO6PRdr2c0E2c%2Ff0NsFNrwlSU7vPsKmwrT8d7bwmarNOEy6VjyxaLkXJhlbZgg363Yd0R0Nbfri7lJ8nT16qvLK3FqhLVSJ2NQeWg%2FBpMT8j%2BqZx%2F22ZvfQJoxTF4izg%2FISUHqPbB0EzY9pbf6LIw69USpgyIvR8aPTjeVnBD%2F4U9Q4uDy%2FffO7X97bgAalbDiXwdP5y17Gx1zETS7hSQu0TMleqoEVUPY%2FOwoS83B5V9qs0KknFGkjLMdKaM%2BeRyvlUeVsFZzadBqeGFIRRjV%2FWY78Dilfj3wg4DWkNkJe6Kb%2FA0AAP%2F%2FAQAA%2F%2F%2FiVRTdfwQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSQW8bxRvGZ9v08NdfgoJ6QYLKBw4gEWd3be%2Fa9FARQlBEaEpLBSfQ7MzYmXp2ZzWz63V8iqhAPXAwXwBtHicNhQrRGwhRgRMJiUhIMaccyBcAcalUCU7IbkTgvbzvzPOM9Jtn5qOt%2FJi4yOnR0pt6IJWiC42qW3nhXc%2B7VFmVSd6v9JvB%2B0H9UsX0Xm4FVffFyuuCdfWC73qu67leZVka0db9hakImd5redWWW637Va9RR9%2F8d21zB5Y64L1j8jQkn8ztOxcg2RhJ%2FNWSsN1Mpy%2B9FueKZtqgx3dvJN1EFwni07FtHLST3RM3tD1cfgCd7MxwoXv%2FGCM5Ic6PDxAluyeQiHrbM85IQSSI%2BP9R9MYQagxJx2D6FiQ%2FJADjuLKGJL5zRZuCbjxW6VSdkLlHDyGLCZn79QKS%2BMtFJfuV61rlmdSJRb9dQvbHkJ0x0nwP2eAMZLEHln0AyX8mC49WkcTba1ZpSH70vOe1WqwuwnmPN8R8XYTNeer60bwf1Op%2BVPOatagxC0jKMWR7DCWGoPYMcusglw7ytoM8dRDzowrzPC90OaNus8VYjYciCrjr0bDtUc8NmsjZ9A5DZOkQTA3BzCZSs4muHMLk38Oul7Dcgc0IerxEIQgKS1BQgkISFBlB0St3uLK%2BLe9wZfPIO%2Bn%2BSa%2BVI511tuiOzjoiIVvpMXlqFtwfT55HVxxVmlGjFdRYIwzdZitw6w3R9hq1QLQbtOVytwkrS0h7BtQ6GMgJIZ%2F%2BhVQe3vgMEd2DVXtg8jxo%2FhxoMQp9F3R9VG%2B6GCR3RRwJvlFlDFyXSLM5ZBvOljomz8wQAv9PCHZw%2BYffPrz49Vu%2Fg5kSqSlxU%2B4TdNTt0TVdkO1rurDk%2FlqayVgO6PRdr2c0E2c%2Ff0NsFNrwlSU7vPsKmwrT8d7bwmarNOEy6VjyxaLkXJhlbZgg363Yd0R0Nbfri7lJ8nT16qvLK3FqhLVSJ2NQeWg%2FBpMT8j%2BqZx%2F22ZvfQJoxTF4izg%2FISUHqPbB0EzY9pbf6LIw69USpgyIvR8aPTjeVnBD%2F4U9Q4uDy%2FffO7X97bgAalbDiXwdP5y17Gx1zETS7hSQu0TMleqoEVUPY%2FOwoS83B5V9qs0KknFGkjLMdKaM%2BeRyvlUeVsFZzadBqeGFIRRjV%2FWY78Dilfj3wg4DWkNkJe6Kb%2FA0AAP%2F%2FAQAA%2F%2F%2FiVRTdfwQAAA%3D%3D HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Cookie: u_pl=15601424; uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8b5963c5770896045ef1536ef5a90d08=[3551993]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4caf6a9b949a648207a7c5a94484d0e
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85fafacdde2e00b4110b4ac7854df689
1870035fee6c0138b7dc8e50837821e76d79624d
05e990d3cb33325e1b026e5df1d45aed19ab18994135c5f5f8c8ad5139cad33d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05E990D3CB33325E1B026E5DF1D45AED19AB18994135C5F5F8C8AD5139CAD33D"
Last-Modified: Mon, 29 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15527
Expires: Wed, 31 Aug 2022 00:15:17 GMT
Date: Tue, 30 Aug 2022 19:56:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 61a1ce60f68222ea23539ead32a62796
f7a8756a31ce3271c771e03a623bb82d2874a3e0
893aa15f459674be08625f9cb855cc9eefa556784d96950ef68df4bb8c1e82e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "893AA15F459674BE08625F9CB855CC9EEFA556784D96950EF68DF4BB8C1E82E6"
Last-Modified: Sun, 28 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16613
Expires: Wed, 31 Aug 2022 00:33:23 GMT
Date: Tue, 30 Aug 2022 19:56:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 61a1ce60f68222ea23539ead32a62796
f7a8756a31ce3271c771e03a623bb82d2874a3e0
893aa15f459674be08625f9cb855cc9eefa556784d96950ef68df4bb8c1e82e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "893AA15F459674BE08625F9CB855CC9EEFA556784D96950EF68DF4BB8C1E82E6"
Last-Modified: Sun, 28 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16613
Expires: Wed, 31 Aug 2022 00:33:23 GMT
Date: Tue, 30 Aug 2022 19:56:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 61a1ce60f68222ea23539ead32a62796
f7a8756a31ce3271c771e03a623bb82d2874a3e0
893aa15f459674be08625f9cb855cc9eefa556784d96950ef68df4bb8c1e82e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "893AA15F459674BE08625F9CB855CC9EEFA556784D96950EF68DF4BB8C1E82E6"
Last-Modified: Sun, 28 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16613
Expires: Wed, 31 Aug 2022 00:33:23 GMT
Date: Tue, 30 Aug 2022 19:56:30 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 30 Aug 2022 19:56:30 GMT
Date: Tue, 30 Aug 2022 19:56:30 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
104.21.51.177200 OK 5.9 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 104.21.51.177:0
Hash 5d45c1b836d0bcbdedec5d5cfc5c958f
a76474f69c35bdbf28430c96dd679ee8f864d4e2
b3de94d8a664040c88f98709bc8bcb3ffb8c0412a1ae3a3f0f436d4341fbc6dc
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 44267
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bkqMuwHn7WekuKOcOXiNwnWFx3ZwChuXIN5HIXuwlUIYDdwBmkVOzwE9pxzWlPkaRRVW3hqyV3Wsz%2FmJzEgi9lAIOgc73BLWjBuQmTRpLZLTlnD6xA7Q%2FIZCF0GSXskXxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743017141a92b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/08/b7/01/08b7011771b43daf4a1ec90e6ee68d87/1658144859.jpg
45.133.44.10200 OK 15 kB URL HTTP/2 cdn.cloudimagesb.com/si/08/b7/01/08b7011771b43daf4a1ec90e6ee68d87/1658144859.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 31d5ae1d770f3de9f1f0eee47a742413
8035479102b210a23041652b4d9785c5bcedd8ac
1f75948cdbace3e2b27343f401015d13f874bef6c9ee816ddbec9d79d99aa707
GET /si/08/b7/01/08b7011771b43daf4a1ec90e6ee68d87/1658144859.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: image/jpeg
content-length: 15363
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:47:47 GMT
etag: "62d54863-3c03"
expires: Thu, 01 Sep 2022 19:56:30 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=351
192.243.59.12200 OK 0 B URL HTTP/1.1 possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=351
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=351 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 2.0 kB URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 0b94b9fda25fb4e097496482deb35239
d05c8f25709c2fbd9f7d9d4c6e739e08ab8833da
860bc75d1533cec64c5c20995a50b6936b592e02d4e2d0bea1343554004174d2
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 30 Aug 2022 20:56:30 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=67
192.243.59.12200 OK 0 B URL HTTP/1.1 possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=67
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=67 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=85
192.243.59.12200 OK 0 B URL HTTP/1.1 possessionaddictedflight.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=85
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=85 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://embedy.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 20:15:21 GMT
Expires: Thu, 24 Aug 2023 20:15:21 GMT
Cache-Control: public, max-age=31536000
Age: 517270
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 24 Aug 2022 20:14:32 GMT
Expires: Thu, 24 Aug 2023 20:14:32 GMT
Cache-Control: public, max-age=31536000
Age: 517319
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
possessionaddictedflight.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq5PN4csXNEougoY5eFBwZ7tnpueHOQRjXAmuSUwMelLqV89Wprqrqeqenp3TYlBy8DD%2BA9L7zG7WaBBzU8SgswuCC8KOpz24%2F4DiJRDQk8xkcfW9vG%2FV8xR86qn6aCM%2FJD5yenDxTTNUWtOlsOpXXng3CM5VVlSSDyqDdvP9ZuNcxfZf7jSr%2FouV1yXvmaWaH%2Fh%2B4AeVZWVlZAZLMxEqvdcJqh2%2F2qhVg7CBgf3v2uUeHPUg%2BofkaSgxXdj1zkDxCZL4q4vS9TKTvvRanGuaGYu%2B2L6R9BJTJIiPx8h6iJLtIzeM219%2BAJNszXFh%2Bv8YmZoS78cHYMn2ESRYf3POyTRkAib%2Bj6I%2FgdQTKDoBN7egxD4BuMDlK0jiO5eNLejaY5XO1ClZePQQqpiShV%2FPIIm%2FvKDVoHLd6DxTJnEYRCXUYALVnSDNd5ANT0AVO%2BDZB1DiZ7L0aAVJvHnFaQMlDp4Pgk6HN2RrMRChXGzIVnuR%2BjW2WGvWGzVWD9p1Fs4DUmoCFU2g5QjUnUDuPOTKQx55yFMPsTio8CAIWr7g1G93OK%2BLlmRN4Qe0FQU08Jtt5Hx2hxGydASuR%2BB2HaldR0%2BNYPPv4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol1tCu5or7wjtchYc9dpRr5djk3U36JbJujIhG%2BkheWoe3B9PnkZPHlTaLOw06zxstfx2p%2Bk3QhkFYb0po5B2fOG34VQJ5U6AOg9DNSXk07%2BQqv0bn4HRHTi9A65Og%2BbPgRbjVs0HXR032j6GyV0ZMynWqpxDmBJptoBszdvQh%2BSZOUKz9ick3zv%2Fw28fnv36rd%2FBbYnUlripdgm6%2Bvb4minI5jVTOHL%2FSpqpWA3p7F2vZzSTJz9%2FQ64VxopLF93o7it8JszGe29Ll63QRKik68gXF5QQ0i4byyX57pJ7R7KruVu9kNskT1euvrp8KU6tdE6ZZAKq9t3H4GpK%2FkfN%2FMM%2Be%2FMbKDuBzUvE%2BR45KiizA56uw6XH9M6chNXHHpZ6KPJybGvseFOrKak9%2FAla7p2%2F%2F96p3W9PDUFZCSf%2FdfB43nC30bVnQbNbSOISfVuir0tQPYLLT46z1O6d%2F6U%2BLzDtjZm23ibTVn%2FyOF6nDip1X7SYjGSLyUbYiCQXLAyZzyPO6qLd5sjclD%2FRS%2F4GAAD%2F%2FwEAAP%2F%2FYoHBNX8EAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 possessionaddictedflight.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq5PN4csXNEougoY5eFBwZ7tnpueHOQRjXAmuSUwMelLqV89Wprqrqeqenp3TYlBy8DD%2BA9L7zG7WaBBzU8SgswuCC8KOpz24%2F4DiJRDQk8xkcfW9vG%2FV8xR86qn6aCM%2FJD5yenDxTTNUWtOlsOpXXng3CM5VVlSSDyqDdvP9ZuNcxfZf7jSr%2FouV1yXvmaWaH%2Fh%2B4AeVZWVlZAZLMxEqvdcJqh2%2F2qhVg7CBgf3v2uUeHPUg%2BofkaSgxXdj1zkDxCZL4q4vS9TKTvvRanGuaGYu%2B2L6R9BJTJIiPx8h6iJLtIzeM219%2BAJNszXFh%2Bv8YmZoS78cHYMn2ESRYf3POyTRkAib%2Bj6I%2FgdQTKDoBN7egxD4BuMDlK0jiO5eNLejaY5XO1ClZePQQqpiShV%2FPIIm%2FvKDVoHLd6DxTJnEYRCXUYALVnSDNd5ANT0AVO%2BDZB1DiZ7L0aAVJvHnFaQMlDp4Pgk6HN2RrMRChXGzIVnuR%2BjW2WGvWGzVWD9p1Fs4DUmoCFU2g5QjUnUDuPOTKQx55yFMPsTio8CAIWr7g1G93OK%2BLlmRN4Qe0FQU08Jtt5Hx2hxGydASuR%2BB2HaldR0%2BNYPPv4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol1tCu5or7wjtchYc9dpRr5djk3U36JbJujIhG%2BkheWoe3B9PnkZPHlTaLOw06zxstfx2p%2Bk3QhkFYb0po5B2fOG34VQJ5U6AOg9DNSXk07%2BQqv0bn4HRHTi9A65Og%2BbPgRbjVs0HXR032j6GyV0ZMynWqpxDmBJptoBszdvQh%2BSZOUKz9ick3zv%2Fw28fnv36rd%2FBbYnUlripdgm6%2Bvb4minI5jVTOHL%2FSpqpWA3p7F2vZzSTJz9%2FQ64VxopLF93o7it8JszGe29Ll63QRKik68gXF5QQ0i4byyX57pJ7R7KruVu9kNskT1euvrp8KU6tdE6ZZAKq9t3H4GpK%2FkfN%2FMM%2Be%2FMbKDuBzUvE%2BR45KiizA56uw6XH9M6chNXHHpZ6KPJybGvseFOrKak9%2FAla7p2%2F%2F96p3W9PDUFZCSf%2FdfB43nC30bVnQbNbSOISfVuir0tQPYLLT46z1O6d%2F6U%2BLzDtjZm23ibTVn%2FyOF6nDip1X7SYjGSLyUbYiCQXLAyZzyPO6qLd5sjclD%2FRS%2F4GAAD%2F%2FwEAAP%2F%2FYoHBNX8EAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq5PN4csXNEougoY5eFBwZ7tnpueHOQRjXAmuSUwMelLqV89Wprqrqeqenp3TYlBy8DD%2BA9L7zG7WaBBzU8SgswuCC8KOpz24%2F4DiJRDQk8xkcfW9vG%2FV8xR86qn6aCM%2FJD5yenDxTTNUWtOlsOpXXng3CM5VVlSSDyqDdvP9ZuNcxfZf7jSr%2FouV1yXvmaWaH%2Fh%2B4AeVZWVlZAZLMxEqvdcJqh2%2F2qhVg7CBgf3v2uUeHPUg%2BofkaSgxXdj1zkDxCZL4q4vS9TKTvvRanGuaGYu%2B2L6R9BJTJIiPx8h6iJLtIzeM219%2BAJNszXFh%2Bv8YmZoS78cHYMn2ESRYf3POyTRkAib%2Bj6I%2FgdQTKDoBN7egxD4BuMDlK0jiO5eNLejaY5XO1ClZePQQqpiShV%2FPIIm%2FvKDVoHLd6DxTJnEYRCXUYALVnSDNd5ANT0AVO%2BDZB1DiZ7L0aAVJvHnFaQMlDp4Pgk6HN2RrMRChXGzIVnuR%2BjW2WGvWGzVWD9p1Fs4DUmoCFU2g5QjUnUDuPOTKQx55yFMPsTio8CAIWr7g1G93OK%2BLlmRN4Qe0FQU08Jtt5Hx2hxGydASuR%2BB2HaldR0%2BNYPPv4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol1tCu5or7wjtchYc9dpRr5djk3U36JbJujIhG%2BkheWoe3B9PnkZPHlTaLOw06zxstfx2p%2Bk3QhkFYb0po5B2fOG34VQJ5U6AOg9DNSXk07%2BQqv0bn4HRHTi9A65Og%2BbPgRbjVs0HXR032j6GyV0ZMynWqpxDmBJptoBszdvQh%2BSZOUKz9ick3zv%2Fw28fnv36rd%2FBbYnUlripdgm6%2Bvb4minI5jVTOHL%2FSpqpWA3p7F2vZzSTJz9%2FQ64VxopLF93o7it8JszGe29Ll63QRKik68gXF5QQ0i4byyX57pJ7R7KruVu9kNskT1euvrp8KU6tdE6ZZAKq9t3H4GpK%2FkfN%2FMM%2Be%2FMbKDuBzUvE%2BR45KiizA56uw6XH9M6chNXHHpZ6KPJybGvseFOrKak9%2FAla7p2%2F%2F96p3W9PDUFZCSf%2FdfB43nC30bVnQbNbSOISfVuir0tQPYLLT46z1O6d%2F6U%2BLzDtjZm23ibTVn%2FyOF6nDip1X7SYjGSLyUbYiCQXLAyZzyPO6qLd5sjclD%2FRS%2F4GAAD%2F%2FwEAAP%2F%2FYoHBNX8EAAA%3D HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://embedy.cc/
Cookie: u_pl=15601424; uid_id2=1199c4e7-1d5e-4e78-a02b-26342b3183b5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8b5963c5770896045ef1536ef5a90d08=[3551993]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 30 Aug 2022 19:56:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be31e55387d245909b7d0ed1a4b2c9ba
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
104.21.51.177200 OK 210 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 104.21.51.177:0
Hash 14c6a15c2c7729c885b33c990f37d2a5
865d9621a3a4c2b446ec535471412bf491a1e60e
bd7b0405bc197d2564e68c4366fdbfc06c0711a10231877d33c8c6cdd05fe7f0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://embedy.cc
Connection: keep-alive
Referer: http://embedy.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 30 Aug 2022 19:56:30 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 44267
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaWXXKPXCqp19z3iu8clcjTQf%2BUNm0WjgIJrydoy00xNOJW8Z%2BHNJ2G786rRBUz9TWGSh5FCRrSJrTIQ1mdnCJ2HR6gRJeaYJMl3wA79SZPr3ZKjPFmfk2YkCFVbAaCwA%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743017141aa5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettube.co/play/44534/?rel=0&showinfo=0
185.178.208.167403 Forbidden 8.2 kB URL HTTP/2 gettube.co/play/44534/?rel=0&showinfo=0
IP 185.178.208.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /play/44534/?rel=0&showinfo=0 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://embedy.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:31 GMT
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddgid_=DOhIovtnvwOSsxhz; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 30-Aug-2023 19:56:31 GMT
__ddgmark_=00H0OfEMcFLY7xB0; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 31-Aug-2022 19:56:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
check.ddos-guard.net/check.js
185.129.100.100200 OK 152 B URL HTTP/2 check.ddos-guard.net/check.js
IP 185.129.100.100:0
File type ASCII text, with no line terminators
Hash e7650b98dfc4b02b11762241dd72063d
19f4c9255f89d81511e93a1d45f8427356bac953
20dc07d2ec330f77681282852cba2fad77c4c47463bc0041bc73b84669e66d5f
GET /check.js HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Cookie: __ddg2=yoGwmZiarUsU6jr8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:31 GMT
content-type: application/javascript
expires: Wed, 30 Aug 2023 19:56:31 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: private, s-maxage=0, max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: yoGwmZiarUsU6jr8
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:31 GMT
content-length: 152
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
gettube.co/.well-known/ddos-guard/check?context=free_splash
185.178.208.167200 OK 94 kB URL HTTP/2 gettube.co/.well-known/ddos-guard/check?context=free_splash
IP 185.178.208.167:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash c32eb42484e91dedfc68e42bee8ef9b7
96b7268b6be4f96191a18a6cca2a122de06fc11b
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
GET /.well-known/ddos-guard/check?context=free_splash HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:31 GMT
content-type: application/javascript
expires: Tue, 30 Aug 2022 20:56:31 GMT
content-length: 93545
X-Firefox-Spdy: h2
check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
185.129.100.100200 OK 68 B URL HTTP/2 check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
IP 185.129.100.100:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /set/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Cookie: __ddg2=yoGwmZiarUsU6jr8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:32 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:32 GMT
content-length: 68
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
185.178.208.167200 OK 68 B URL HTTP/2 gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
IP 185.178.208.167:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /.well-known/ddos-guard/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:32 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
set-cookie: __ddg2_=yoGwmZiarUsU6jr8; Domain=gettube.co; Path=/; HttpOnly; Expires=Wed, 30-Aug-2023 19:56:32 GMT
content-length: 68
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/mark/
185.178.208.167200 OK 0 B URL HTTP/2 gettube.co/.well-known/ddos-guard/mark/
IP 185.178.208.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /.well-known/ddos-guard/mark/ HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41268
Origin: https://gettube.co
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:32 GMT
content-length: 0
X-Firefox-Spdy: h2
gettube.co/play/44534/?rel=0&showinfo=0
185.178.208.167403 Forbidden 8.2 kB URL HTTP/2 gettube.co/play/44534/?rel=0&showinfo=0
IP 185.178.208.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /play/44534/?rel=0&showinfo=0 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://embedy.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddgid_=QjBWA2rklBQSDJmf; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 30-Aug-2023 19:56:34 GMT
__ddgmark_=IY4axCMH1kQnkKc1; Domain=.gettube.co; HttpOnly; Path=/; Expires=Wed, 31-Aug-2022 19:56:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
check.ddos-guard.net/check.js
185.129.100.100200 OK 152 B URL HTTP/2 check.ddos-guard.net/check.js
IP 185.129.100.100:0
File type ASCII text, with no line terminators
Hash e7650b98dfc4b02b11762241dd72063d
19f4c9255f89d81511e93a1d45f8427356bac953
20dc07d2ec330f77681282852cba2fad77c4c47463bc0041bc73b84669e66d5f
GET /check.js HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Cookie: __ddg2=yoGwmZiarUsU6jr8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-type: application/javascript
expires: Wed, 30 Aug 2023 19:56:34 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: private, s-maxage=0, max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: yoGwmZiarUsU6jr8
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:34 GMT
content-length: 152
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
185.129.100.100200 OK 68 B URL HTTP/2 check.ddos-guard.net/set/id/yoGwmZiarUsU6jr8
IP 185.129.100.100:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /set/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: check.ddos-guard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/
Cookie: __ddg2=yoGwmZiarUsU6jr8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: __ddg2=yoGwmZiarUsU6jr8; Domain=check.ddos-guard.net; Path=/; HttpOnly; SameSite=None; Secure; Expires=Wed, 30-Aug-2023 19:56:34 GMT
content-length: 68
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/check?context=free_splash
185.178.208.167200 OK 94 kB URL HTTP/2 gettube.co/.well-known/ddos-guard/check?context=free_splash
IP 185.178.208.167:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash c32eb42484e91dedfc68e42bee8ef9b7
96b7268b6be4f96191a18a6cca2a122de06fc11b
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
GET /.well-known/ddos-guard/check?context=free_splash HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-type: application/javascript
expires: Tue, 30 Aug 2022 20:56:34 GMT
content-length: 93545
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
185.178.208.167200 OK 68 B URL HTTP/2 gettube.co/.well-known/ddos-guard/id/yoGwmZiarUsU6jr8
IP 185.178.208.167:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /.well-known/ddos-guard/id/yoGwmZiarUsU6jr8 HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-type: image/png
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
set-cookie: __ddg2_=yoGwmZiarUsU6jr8; Domain=gettube.co; Path=/; HttpOnly; Expires=Wed, 30-Aug-2023 19:56:34 GMT
content-length: 68
X-Firefox-Spdy: h2
gettube.co/.well-known/ddos-guard/mark/
185.178.208.167200 OK 0 B URL HTTP/2 gettube.co/.well-known/ddos-guard/mark/
IP 185.178.208.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /.well-known/ddos-guard/mark/ HTTP/1.1
Host: gettube.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41268
Origin: https://gettube.co
Connection: keep-alive
Referer: https://gettube.co/play/44534/?rel=0&showinfo=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 30 Aug 2022 19:56:34 GMT
content-length: 0
X-Firefox-Spdy: h2