Report - zawadilatumaini.com/vodplay/17280.shtml

Report Overview

Submitted URL
zawadilatumaini.com/vodplay/17280.shtml
IP
104.21.84.204
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-30 19:41:33
Access
public
Website Title
【国产馆】豪乳仙女姐姐真够拼勾引70多岁大爷啪啪李大爷貌似鸡巴还没硬就射-播放-大陆伦理
Final URL
zawadilatumaini.com/vodplay/17280.shtml
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i.ibb.co	13485	2010-07-20	2018-11-25	2024-04-30	1.3 kB	607 kB	162.19.58.159
thumbs2.imgbox.com	192455	2009-02-09	2017-10-23	2024-02-26	876 B	12 kB	212.63.223.226
iili.io	205542	2018-10-09	2018-10-12	2024-04-24	1.7 kB	225 kB	104.21.235.69
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09	2024-04-29	1.0 kB	32 kB	185.76.9.15
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-29	3.8 kB	240 kB	104.17.24.14
91ymdl.site	unknown	unknown	No data	No data	442 B	676 kB	104.21.92.180
zawadilatumaini.com	unknown	unknown	No data	No data	3.4 kB	183 kB	172.67.196.154
cbb328e6.carpe.pages.dev	unknown	2020-09-02	2023-12-09	2024-02-26	462 B	1.2 MB	172.66.47.10
images2.imgbox.com	80761	2009-02-09	2017-10-24	2024-04-24	1.3 kB	705 kB	212.63.223.227
i.jads.co	46788	2012-05-17	2019-12-04	2024-04-29	1.7 kB	55 kB	185.76.9.19
i.yourimageshare.com	unknown	2021-08-27	2023-02-03	2024-03-01	4.5 kB	4.3 MB	104.26.0.171
thumbs4.imagebam.com	287131	2006-09-22	2021-05-23	2024-03-18	3.1 kB	1.1 MB	212.63.223.226
cdn.cloudfrale.com	55750	2019-02-04	2019-02-06	2024-04-29	501 B	363 kB	45.133.44.21
555bbb777www.com	unknown	unknown	No data	No data	452 B	276 kB	67.21.86.36
d20o2isj6ap0eq.cloudfront.net	unknown	2008-04-25	2022-08-15	2024-02-06	458 B	195 kB	54.230.241.47
user-images.githubusercontent.com	10487	2014-02-06	2017-06-06	2024-04-30	493 B	108 kB	185.199.108.133
a.magsrv.com	unknown	2023-08-01	2023-08-04	2024-04-29	814 B	331 kB	185.76.9.19
s.magsrv.com	unknown	2023-08-01	2023-08-04	2024-04-29	2.2 kB	3.5 kB	95.211.229.246
ftpjust.sdf3rt243.cc	unknown	2023-12-11	2024-01-29	2024-04-14	432 B	37 kB	104.21.57.251
ocsp.usertrust.com	899	1997-12-05	2012-05-21	2024-04-30	1.7 kB	5.1 kB	172.64.149.23
static.javhdhello.com	unknown	2018-04-18	2022-10-14	2024-03-04	6.9 kB	280 kB	185.76.9.14
poweredby.jads.co	30525	2012-05-17	2019-12-04	2024-04-29	4.3 kB	14 kB	185.94.237.74
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-29	426 B	95 kB	142.250.74.168
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-04-30	881 B	248 kB	162.19.61.80
r.trackwilltrk.com	unknown	2020-04-24	2020-04-28	2024-04-26	661 B	1.1 kB	185.98.53.17
t7cp4fldl.com	unknown	2023-09-04	2023-09-26	2024-04-27	1.2 kB	122 kB	212.117.190.201
5e259838.carpe.pages.dev	unknown	2020-09-02	2023-11-10	2024-02-26	3.1 kB	2.7 MB	172.66.47.10
84gs08xe1.com	unknown	2024-04-27	2024-04-28	2024-04-28	1.9 kB	109 kB	212.117.190.201
vip2.fhbf9.com	unknown	unknown	No data	No data	1.9 kB	1.2 MB	156.238.193.50
uu11661.com	unknown	2024-02-02	2024-02-03	2024-03-04	449 B	333 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	9 B	2023-03-07	2024-05-26
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-26 06:05:32 Times Seen17058 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	84gs08xe1.com/aas/r45d/vki/1997409/3ac833c7.js	106 kB	2024-04-30	2024-04-30
Pretty URL 84gs08xe1.com/aas/r45d/vki/1997409/3ac833c7.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 21:34:41 Last Seen2024-04-30 21:41:42 Times Seen4 Hash 706952cdf2ff5aac5ac411a22d2dda86 3d06767ef3bde1b93f237a0cd94e06f2b992486e f4d1a5fe4d4ca6e55feaa9eefb7e3f85ab53b69a71cf1c71a44da6dc5c78e8cf Loading...

	zawadilatumaini.com/vodplay/17280.shtml	0 B	2023-03-07	2024-05-26
Pretty URL zawadilatumaini.com/vodplay/17280.shtml IP 172.67.196.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-26 06:41:39 Times Seen38188166 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/dplayer/1.27.1/DPlayer.min.js	305 kB	2023-04-02	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/dplayer/1.27.1/DPlayer.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:26:50 Last Seen2024-04-30 21:41:42 Times Seen52 Hash 2cd381ba72be1f7bf86e97fe4698a542 290283e41ac69bfd570c90800680097f998e4e0c 930aa94317d71f1459823cda409da8453078af00fe405027c67932445ec997e8 Loading...

	t7cp4fldl.com/get/1997345?zoneid=1997345&jp=_clfwum3794zjfesndhu4me&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771536566652416&eclog=0&im=1&freq=0&uf=0	4.2 kB	2024-04-30	2024-04-30
Pretty URL t7cp4fldl.com/get/1997345?zoneid=1997345&jp=_clfwum3794zjfesndhu4me&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771536566652416&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 21:41:41 Last Seen2024-04-30 21:41:41 Times Seen1 Hash 49594ce39d2977ca2e3893c48b36fc3a f9b997bd184188ccf9903787cd047fc2705cb08c d2321c78f17d63bc8a36330a0cdc24d8c721db0c3f60d8fd3d5a3be358622aa7 Loading...

	www.googletagmanager.com/gtag/js?id=G-ZEJMN4V43H	274 kB	2024-04-30	2024-04-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZEJMN4V43H IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 21:41:41 Last Seen2024-04-30 21:41:42 Times Seen2 Hash 1c32dcb9f39b4246c1322e9375c1636f 9bc2d455e0005a82efa6ebabf6c6a6554aa47168 ee9cc8b0e0769a58e21df131aa734ce13f2423e410cb9027d2e15d2a0d6cf2e7 Loading...

	zawadilatumaini.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-26
Pretty URL zawadilatumaini.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.196.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-26 06:11:18 Times Seen58656 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	a.magsrv.com/ad-provider.js	165 kB	2024-04-29	2024-05-13
Pretty URL a.magsrv.com/ad-provider.js IP 185.76.9.19 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:20:07 Last Seen2024-05-13 14:28:10 Times Seen336 Hash 23dca35363e4f4fbf7671ab6c7755f84 057432c37ba5cf65231392a9e07a565ef6689ece 8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370 Loading...

	poweredby.jads.co/js/jads.js	3.8 kB	2023-03-07	2024-05-12
Pretty URL poweredby.jads.co/js/jads.js IP 185.94.237.74 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-12 13:26:19 Times Seen8550 Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 Loading...

	84gs08xe1.com/get/1997409?zoneid=1997409&jp=_clkjfpurlmxy7jet9zzi6r&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1&uf=0	37 B	2023-03-07	2024-05-26
Pretty URL 84gs08xe1.com/get/1997409?zoneid=1997409&jp=_clkjfpurlmxy7jet9zzi6r&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-05-26 04:46:48 Times Seen2426 Hash 26c0446473cdbedd7eb18169ae75e0fd c2a8a31848b22f49c044d0e8f2b4a48e856e08b8 c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-26 06:05:00 Times Seen57328 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/layer.min.js	22 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/layer.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:24 Last Seen2024-05-09 06:35:37 Times Seen78 Hash 060444af631570264c5b3f957e26f5e3 8278c4d47ac985481da0e5efb922457eaaf1dc0c 7ed41c1149adf244bf700213886bfe8648d164942eb68527a7476bb7955c5af9 Loading...

	static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0	0 B	2023-03-07	2024-05-26
Pretty URL static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-26 06:41:39 Times Seen38188166 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	t7cp4fldl.com/lv/esnk/1997345/code.js	116 kB	2024-04-30	2024-04-30
Pretty URL t7cp4fldl.com/lv/esnk/1997345/code.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 21:34:41 Last Seen2024-04-30 21:41:42 Times Seen4 Hash 12353b371bf1f96e3ede093b4d457b0b 678532eef9e1d50b1dd0e24318ba7c9ab3fc0605 5a1bd7593b813786f39a518d73e6ed6663041018e9ccf6325c77c8f9ce5926e8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-05-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-26 06:31:22 Times Seen120424 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	cdnjs.cloudflare.com/ajax/libs/hls.js/1.5.7/hls.min.js	412 kB	2024-03-04	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/hls.js/1.5.7/hls.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 09:36:07 Last Seen2024-04-30 21:41:42 Times Seen37 Hash ed6568e5e9d245faf12e250d874ff998 be07dbbb96597252ee53459215895650b9f25024 a78b3603d762428caba2ef21674e4d47fbc4e7496292b28f845ba7372849360b Loading...

HTTP Transactions (102)

	URL	IP	Response	Size
	zawadilatumaini.com/static/images/load.jpg	172.67.196.154	200 OK	18 kB
URL GET HTTP/3 zawadilatumaini.com/static/images/load.jpg IP 172.67.196.154:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectzawadilatumaini.com Fingerprint9F:C0:74:1F:C7:36:45:1D:88:67:BC:E2:19:DD:BD:09:31:FD:DE:F3 ValidityWed, 03 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type JPEG image data, progressive, precision 8, 600x389, components 3 Size 18 kB (18341 bytes) Hash b84934511a97331b49e2b6d768501bc0 95743d245d8caa2ef10a461c95ae2c2e86fa4b85 9229125f9b07014aa5d3b8292bb55320c14a516688e6f918fd55fc80b181ff35 HTTP Headers GET /static/images/load.jpg HTTP/1.1 Host: zawadilatumaini.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://zawadilatumaini.com/vodplay/17280.shtml DNT: 1 Connection: keep-alive Cookie: JSESSIONID=DXezr4cRXBzAmFcvnknIj-D3_Ad7xBls-2AZ8Fw8; wxxu=QlU9P1luV0txcQVyTwlEcniyUH2nRvHrPQpuaFN_tl5tukRatkSkslBMZlawZ6ZPS4umD92mn5NcrQET6U-cvQQ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: image/jpeg content-length: 18341 last-modified: Thu, 02 Nov 2023 05:09:00 GMT etag: "65432eec-47a5" expires: Thu, 30 May 2024 17:09:18 GMT cache-control: max-age=2678400 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 9105 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoTIPuhBxkFQX7vVJibqq6O9Sv5Un3G9C2m9tYviIvT63V2K%2Bc%2FZ2PXfo4Gbbmls5I8u84ZQxGliDSInWYPNTbgkW8dtoqEwxi3Ae9TFnAefaDliM15ssXnfgr9YyUPb9Pu5zZjp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d00efcb521-OSL alt-svc: h3=":443"; ma=86400

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css	104.17.24.14	200 OK	16 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (65371) Size 16 kB (16149 bytes) Hash ec3bb52a00e176a7181d454dffaea219 6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68 f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c HTTP Headers `GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: text/css; charset=utf-8 content-length: 16149 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb04010-1d970" last-modified: Mon, 04 May 2020 16:17:20 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 8041 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7Kr6uvP4n6p%2FAIdMzS8mQy7xLCivOfttU6%2B2uvzjhPwoijXNLoct9EhxjU%2BFOLaLKUB6b8A7oiVhsDRWFbxsi4ObVDfVcLMIKZOxOqF5Kn9WlgA67M7YL4cLuV4pKvVYPsFD9l3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d0183b7131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	104.17.24.14	200 OK	30 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32077) Size 30 kB (30360 bytes) Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 HTTP Headers `GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript; charset=utf-8 content-length: 30360 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec4-17b8b" last-modified: Mon, 04 May 2020 16:11:48 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 8072 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9lTokA9BTkLcoEY9aJh9IBOdrXGkeZ%2BcjZ0ZJZh9erIXJtqlh3dK%2BYtxp2pHWl27%2BQKj0QPb%2FSrDpGzHZXmcxiqf3KkjRKuDkrTr02C4bioISWL5DNUE2yStOSPYyzf05kn4lpl"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d058747131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/layer.min.js	104.17.24.14	200 OK	6.6 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/layer.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (21713), with no line terminators Size 6.6 kB (6591 bytes) Hash 060444af631570264c5b3f957e26f5e3 8278c4d47ac985481da0e5efb922457eaaf1dc0c 7ed41c1149adf244bf700213886bfe8648d164942eb68527a7476bb7955c5af9 HTTP Headers `GET /ajax/libs/layer/3.1.1/layer.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript; charset=utf-8 content-length: 6591 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5ed4d0d2-54d1" last-modified: Mon, 01 Jun 2020 09:56:34 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 7299 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgLwL%2FZEiDtLGdchExv1dflqxzMhMWXgqYgzmwo3Zc7HeSUwn14N%2BRiax%2FBSILTL5LE9cVVbJNKjsWjjdPK5S5Nmc4glDw0hlOLt6%2BcZnkwmjNGyy2mlAA1wyjYnnZVVzjQJ60bX"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d058787131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js	104.17.24.14	200 OK	8.7 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32033) Size 8.7 kB (8722 bytes) Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef HTTP Headers `GET /ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript; charset=utf-8 content-length: 8722 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb04010-90b5" last-modified: Mon, 04 May 2020 16:17:20 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 8048 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QI3uGf2paYV4x9zAPQNuX2sURtBLmNT%2BnAjBi06PMpi%2F9Ra2h7YbtURZ1K1UA3Lv9sSeJ5Kc8yyac%2FSO9Q9afGvrhg6%2BzSpYOmEq3FP9D5jAyjtrOdZkJ5xup4jwZM1Z7WxkmbxR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d058757131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/dplayer/1.27.1/DPlayer.min.js	104.17.24.14	200 OK	46 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/dplayer/1.27.1/DPlayer.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 46 kB (46460 bytes) Hash 2cd381ba72be1f7bf86e97fe4698a542 290283e41ac69bfd570c90800680097f998e4e0c 930aa94317d71f1459823cda409da8453078af00fe405027c67932445ec997e8 HTTP Headers `GET /ajax/libs/dplayer/1.27.1/DPlayer.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript; charset=utf-8 content-length: 46460 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "63cdcfef-b57c" last-modified: Mon, 23 Jan 2023 00:08:15 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 7044 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIuqMmiLMmci%2Bxig4UZFehQLI7nSLNT3sqiNtM%2BbxQqoZ0mHHT9M00xw%2BasHBqz7ClNa1j42EGTSW194YmY0p%2FssCdpyj%2FeQHeP1TzgCcAZEe7Dm%2FsmK3D0VA64MhloA2z%2FFaymT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d068957131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/hls.js/1.5.7/hls.min.js	104.17.24.14	200 OK	103 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/hls.js/1.5.7/hls.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 103 kB (102761 bytes) Hash ed6568e5e9d245faf12e250d874ff998 be07dbbb96597252ee53459215895650b9f25024 a78b3603d762428caba2ef21674e4d47fbc4e7496292b28f845ba7372849360b HTTP Headers `GET /ajax/libs/hls.js/1.5.7/hls.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript; charset=utf-8 content-length: 102761 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "65dd3b52-19169" last-modified: Tue, 27 Feb 2024 01:30:58 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 3663 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIfQCrOQkFQZQr8sAGWCLhRnLH6Nj%2BBIN4GOTlot6R8wyjw63oLeyRgv8CLZo%2BiYIHs%2FQPMFQ6yZMXKLzNxQwI479b%2B5iKrjITfBNksXRsz4oTPeNE9jm6LlzQt5yNEa%2BYeJx7rD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d0688b7131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	poweredby.jads.co/js/jads.js	185.94.237.74	301 Moved Permanently	178 B
URL GET HTTP/1.1 poweredby.jads.co/js/jads.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 178 B (178 bytes) Hash cd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d HTTP Headers `GET /js/jads.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 30 Apr 2024 19:41:03 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: jads2.js`

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2	104.17.24.14	200 OK	18 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589 Size 18 kB (18028 bytes) Hash 448c34a56d699c29117adc64c43affeb ca35b697d99cae4d1b60f2d60fcd37771987eb07 fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c HTTP Headers GET /ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://cdnjs.cloudflare.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/octet-stream; charset=utf-8 content-length: 18028 access-control-allow-origin: * cache-control: public, max-age=30672000 etag: "5eb04010-466c" last-modified: Mon, 04 May 2020 16:17:20 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 9419 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyrYeJSyhcpxSORLsc7GwY0crCU3i62rT4AiZNRB5rcyZum1%2FiA9v6xkIrAUSr%2Brgo0ftcxQ0gOFJXbc1I5EVvxPf%2Fz%2FquZf88s5fvpy%2Bq039t8%2FHB9qKnHFwzvDFbqHooST89KG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d2edf8b4f4-OSL alt-svc: h3=":443"; ma=86400

	www.googletagmanager.com/gtag/js?id=G-ZEJMN4V43H	142.250.74.168	200 OK	95 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-ZEJMN4V43H IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT File type JavaScript source, ASCII text, with very long lines (3034) Size 95 kB (94614 bytes) Hash 1c32dcb9f39b4246c1322e9375c1636f 9bc2d455e0005a82efa6ebabf6c6a6554aa47168 ee9cc8b0e0769a58e21df131aa734ce13f2423e410cb9027d2e15d2a0d6cf2e7 HTTP Headers `GET /gtag/js?id=G-ZEJMN4V43H HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 30 Apr 2024 19:41:03 GMT expires: Tue, 30 Apr 2024 19:41:03 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 94614 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	poweredby.jads.co/js/jads.js	185.94.237.74	301 Moved Permanently	178 B
URL GET HTTP/1.1 poweredby.jads.co/js/jads.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 178 B (178 bytes) Hash cd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d HTTP Headers `GET /js/jads.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 30 Apr 2024 19:41:03 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: jads2.js`

	poweredby.jads.co/js/jads.js	185.94.237.74	301 Moved Permanently	178 B
URL GET HTTP/1.1 poweredby.jads.co/js/jads.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 178 B (178 bytes) Hash cd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d HTTP Headers `GET /js/jads.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 30 Apr 2024 19:41:03 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: jads2.js`

	cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/theme/default/layer.css?v=3.1.1	104.17.24.14	200 OK	2.4 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/layer/3.1.1/theme/default/layer.css?v=3.1.1 IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (14367), with no line terminators Size 2.4 kB (2396 bytes) Hash 3d2e0d91c5c0b96abb8dbdc2234aba77 9d55e153b30fd7414fada5718e20918e9c7f65e7 e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc HTTP Headers `GET /ajax/libs/layer/3.1.1/theme/default/layer.css?v=3.1.1 HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: text/css; charset=utf-8 content-length: 2396 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5ed4d0d2-381f" last-modified: Mon, 01 Jun 2020 09:56:34 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 3621 expires: Sun, 20 Apr 2025 19:41:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIXVR%2BzryzwO37of6rA3ofcHjuyN8L8QCwi6nagYuN2p3sx%2FpF%2BqJ0zzUjaWfK6PMUR%2BI9ohwcS45Shyzo7fwREHgwHNL%2Bf9CE93DAVvUeX1ubeigwsWSSLz83jZlykxopIaZ%2Fst"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87ca01d3ae8c0b65-OSL alt-svc: h3=":443"; ma=86400

	poweredby.jads.co/js/jads2.js	185.94.237.74	200 OK	1.7 kB
URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (3758), with no line terminators Size 1.7 kB (1719 bytes) Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 HTTP Headers `GET /js/jads2.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/x-javascript Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT Transfer-Encoding: chunked Connection: close ETag: W/"65fdf38d-eae" Content-Encoding: gzip`

	s.magsrv.com/v1/api.php	95.211.229.246	200 OK	2.2 kB
URL POST HTTP/1.1 s.magsrv.com/v1/api.php IP 95.211.229.246:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT File type JSON text data Size 2.2 kB (2185 bytes) Hash ff61a0cbe77c9b96e680edbeb7e27b91 25fbfc1ecc4c20fe9ba59f7eb9e2b458c8018697 0068d65186c83ad160bf0fc0f08a364956e6ac9d5a4e74030af62062c47524d0 HTTP Headers `POST /v1/api.php HTTP/1.1 Host: s.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 324 Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://zawadilatumaini.com Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Request-Method: POST Access-Control-Allow-Credentials: true Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226631495000fab6.993615712861604165%22%3B%7D; expires=Thu, 30-Apr-2026 19:41:04 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None Accept-CH: X-Robots-Tag: noindex, follow Content-Encoding: gzip

	i.yourimageshare.com/fD2zRZIPjg.gif	104.26.0.171	200 OK	59 kB
URL GET HTTP/2 i.yourimageshare.com/fD2zRZIPjg.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 960 x 100 Size 59 kB (58802 bytes) Hash a0de3a004d75c14aab34101f3a7e4cae 6afc8a7888bcc1214846d9ed3479b7e7ecae68be 6662b9b47668e54f4f95ca2adfdbd1bfe14f3ddfffce7e5dc5ab47d2346aa697 HTTP Headers `GET /fD2zRZIPjg.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 58802 last-modified: Tue, 02 Apr 2024 08:09:27 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: null etag: "a0de3a004d75c14aab34101f3a7e4cae" vary: Accept-Encoding, Origin x-cache: Hit from cloudfront via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: nqfRhw0yhEPMByMgMYTGaXzPPEZPHzzSNO6W55DmX42FyLym1_1WCQ== age: 4788 cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Np1zvlW6as9jjjYqNREK8jfh4YKe5ThbZjhtZoHWouNxwyGIbzHEAJFk%2Be%2F9mApZncAEfHm8%2FoiXCfucBV9HDH6brtLT42%2F0ZMkc8zng83yll1ZLrqtD8lirsPfBxRA%2B7h30vqQ4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d56be156be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	poweredby.jads.co/adshow.php?adzone=1006686	185.94.237.74	200 OK	1.7 kB
URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1006686 IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (563), with CRLF, LF line terminators Size 1.7 kB (1727 bytes) Hash 9dfe000e5671dbec9655a8df17b0f7c7 896a2a2d871636adf1b0ecb3f17e6406fcca5c5d e618f7ef59b333b6a7bb53df694be9da8261b8641b6e6b3c28e743a71bc30291 HTTP Headers GET /adshow.php?adzone=1006686 HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/5.6.40 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; expires=Wed, 30-Apr-2025 19:41:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co Content-Encoding: gzip

	i.yourimageshare.com/8ZBcJKeYvu.png	104.26.0.171	200 OK	87 kB
URL GET HTTP/2 i.yourimageshare.com/8ZBcJKeYvu.png IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Size 87 kB (87357 bytes) Hash b2b73bce6da1e8770cbb804ce40e5c00 f59bfef0c88daec179dff6aeb48c55bbcd7e70e0 c463267b4db95be73d5bb1c15f3f6fc32db5d834a9dd5f574cff2f35ac355c9f HTTP Headers `GET /8ZBcJKeYvu.png HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/png content-length: 87357 last-modified: Tue, 30 Apr 2024 10:27:12 GMT etag: "b2b73bce6da1e8770cbb804ce40e5c00" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ObNT2k82pA_Fcb5QcsCVg5wiEUqS9Vqhb7b6O6KbPTIlpDv8kdzi9A== age: 3611 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvHZK05YVIXWMo1RRZBJ5VTAedrZXtAHDpxsfza9yP2JuuYH%2FSNR%2BN%2FLvysBtVSZmI7j85LVX7ALQ3zuGuvtNJAr6QA7wyK5b41VIzmdp%2FL0%2BJ%2BZbPhRBrfCGH5SFiM8hC3SA9IH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d58bfe56be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.yourimageshare.com/CyIZwp5UVI.png	104.26.0.171	200 OK	21 kB
URL GET HTTP/2 i.yourimageshare.com/CyIZwp5UVI.png IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Size 21 kB (20691 bytes) Hash 4bfa3fa01d1476fdeea2d7dd87be0837 cfb1f9df09e445a5ec8608d863b3e5e023c9638f 03a49660fd8b194f5af2587d3846f848520a927ab546fb183e0ea4b92dd167a6 HTTP Headers `GET /CyIZwp5UVI.png HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/png content-length: 20691 last-modified: Tue, 19 Mar 2024 10:46:08 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: null etag: "4bfa3fa01d1476fdeea2d7dd87be0837" vary: Accept-Encoding, Origin x-cache: Hit from cloudfront via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: MZ9bqrim-6AYpZSfSOGj9OkbGUDLEzedoY_bW1NQge90Mc3QUty81A== age: 3447 cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixV6mIQJQYLz03%2FJNJ13bpUZe1RMn2%2BuWXMCR8Bh%2FtC1D78nhX7FalD85WoBb2l2aOSHOvALSgEXCI14BDFauMAd%2BZ62zQMpAB0CBIrYYT89bdN8dxpanUv%2BIxH1I9cEqnMEpIj6"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d58c0556be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	poweredby.jads.co/adshow.php?adzone=1006632	185.94.237.74	200 OK	1.7 kB
URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1006632 IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (423), with CRLF, LF line terminators Size 1.7 kB (1741 bytes) Hash cc432a2da946f9de8f1a9d9e8690008a a27d3f3132fa810897d10fa79fc115b778b86682 365ff31eac560fdc812457fe8905e9afad8afacbc54874a47ef47a0fe30922bb HTTP Headers GET /adshow.php?adzone=1006632 HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/5.6.40 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; expires=Wed, 30-Apr-2025 19:41:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co Content-Encoding: gzip

	i.yourimageshare.com/iAkVUBWe7i.jpg	104.26.0.171	200 OK	12 kB
URL GET HTTP/2 i.yourimageshare.com/iAkVUBWe7i.jpg IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x299, components 3 Size 12 kB (11520 bytes) Hash fcfe49b53e292b3551472644b35b25c7 200f179cd0dec7b68a2bc485eaa5202e9af087c3 6dafeb1fb735f95c8ed4f2e17e0be2a4e3240acb2d4f4ba20fd65862684bddf3 HTTP Headers `GET /iAkVUBWe7i.jpg HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/jpeg content-length: 11520 age: 2323 cf-bgj: h2pri etag: "fcfe49b53e292b3551472644b35b25c7" last-modified: Fri, 29 Mar 2024 13:07:20 GMT vary: Origin, Accept-Encoding via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront) x-amz-cf-id: GyKJhVRwQVbhMQwp9kJ9Y_U0ygvl_RpOx6PPysCodjwxprKSqtdfqQ== x-amz-cf-pop: OSL50-C1 x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C29JWbiwDTMiKMb4kWgO38GXX276WBC0H3XcPlyWk7R5mdofWOTTxAntNXwQB9kXK4ePAINTm%2BE1%2F%2FZzRisCXaCjE3CKYgCtVHKkzF6hJ5ZE5L0PlkR6xPUh7hmHxO5918%2BFdCYU"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d5cc5356be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.yourimageshare.com/SUIdrxPXQH.gif	104.26.0.171	200 OK	37 kB
URL GET HTTP/2 i.yourimageshare.com/SUIdrxPXQH.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 100 x 100 Size 37 kB (37298 bytes) Hash a8a54947b016de0e8f2156dc3fcc3b02 80430f5d73ade1dd3615cdb88366fe939b0408e6 2bf5842fa044ee9e08cef3d814310dc31072cb5399b7838df07312e06d189827 HTTP Headers `GET /SUIdrxPXQH.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 37298 last-modified: Sat, 02 Mar 2024 10:08:00 GMT etag: "a8a54947b016de0e8f2156dc3fcc3b02" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Miss from cloudfront via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ojYyTrxS9LmDFbUHfY8-P1Cq2JiiF0GFZMx9Hyx5MqbMKW7OzHNAqA== vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT age: 425 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1ddPuRr5oqCKF32CROHW8%2BQ8g3iXxt%2BrE0NAYkazuunPIVyw7q7rdJmQbHi%2FNvpzbogAzA8xbbfrNariRL5uz1gD9Mq2%2Fiqr9Szqpw3BYXRpykEfI9BjB5nMgGEErO7mVf439oC"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d63d0756be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.yourimageshare.com/1orrSTcdRX.gif	104.26.0.171	200 OK	39 kB
URL GET HTTP/2 i.yourimageshare.com/1orrSTcdRX.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 80 x 80 Size 39 kB (38720 bytes) Hash e585d241e425afa5d44387b6d1bd3cc1 299d0551fbe8087beff127be0b67ae3fc96e3e6f ccd7af20e8fcd69c75c39b66e57c74b8f24f320ed8c0170536251c2345c69371 HTTP Headers `GET /1orrSTcdRX.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 38720 last-modified: Tue, 30 Apr 2024 10:36:41 GMT etag: "e585d241e425afa5d44387b6d1bd3cc1" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: FebNK_qi6lHWcMqwkFnds3BCff1SLFR4GZQgjQMnP5G1pk9Z8vMWFQ== age: 425 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwyUOptE2SiQXp%2BPh3UZdpeoBT846Ya4F4pbb7zM5MojaUQnhrK5tQkzfVduY2yEH4gcW7x4kyhBPt%2BsJPXwSZxotEASiw0nK3usBSx16nWARMote66fPm%2F%2F6Ewuur3WUW7APSsJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d67d4556be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.yourimageshare.com/Om6C0yugJX.gif	104.26.0.171	200 OK	36 kB
URL GET HTTP/2 i.yourimageshare.com/Om6C0yugJX.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 80 x 80 Size 36 kB (36052 bytes) Hash c173ef86d2bbbe2dc80c24bd5ec6d085 2babcd6e72350ff5d36e3d0bdc30086e8d0793c0 e778260de35203ac68b573ef748f861f69ae3ed2d99647e59e02dd81b3e0b95d HTTP Headers `GET /Om6C0yugJX.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 36052 last-modified: Tue, 30 Apr 2024 10:38:51 GMT etag: "c173ef86d2bbbe2dc80c24bd5ec6d085" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: HTWefKnQMyddgcUQMDeQj1ncBMW0ipg-J1_AfAVp2r_n22YzspeMfQ== age: 2323 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=au%2FNSY%2FCuhii%2BY4XN8UWiF1S427ysW0t7lblSPnJgH7NAhQh2Qrn4tMbIuDcq9C6CJtRRuQjDG5%2Fnb3oywArblmBQR4n%2F1HhKDIfgfAVcqzXUqVmIntNW%2BrTPW3TEZXxaVcMqNg%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d6ad7956be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/5.gif	172.66.47.10	200 OK	98 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/5.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 120 x 120 Size 98 kB (98188 bytes) Hash 64a5b0ff3edde3d869dddf53c7115cda 03f4b64c12175a75fcf02d254216f11bf1bfc0cc 23f879bc1c08463b783ad573b997f424ad957c97c704268cbb5f487d3cfb6903 HTTP Headers `GET /5.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 98188 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "3cacc9ad297104b9d75cb633197520a7" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRFg%2ByEHdHqOzV%2Fgvd8OcQ1VKM2js74lA%2BKABfN%2FTKiL2QYvm22M8%2B2gvh5RztFtDlbA0S6x8lQ6FcGMXJ1jhbqhCvtxFIuuK1Cr%2B2h5h%2FIa0gRU20ePhl5wbnid04r%2BN3y8I3Z3CME1Ibs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d1856bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/1.gif	172.66.47.10	200 OK	34 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/1.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 80 x 80 Size 34 kB (33514 bytes) Hash 73a03790155934bdf5c06b1a7224e7b1 2695ebaeb1f5ddaaeca005f95fc5a241eb8ddd33 87c5d1ad59e4d1fe8ae6e53924d7537a8f8ae5b3a2a80d729ff18b202fb563c4 HTTP Headers `GET /1.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 33514 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "eabe340733fe6a72c955dca09b07d8d3" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mK7kXNVjF%2FKbvSHfv7Mc37Pq8rS8SXVXCZAas0AvWXCx%2BEFkoeCmMtHhP5BDr4mocWjs7nyT%2F8ADVbSjCgefYTGN2Gagg6w8W2aTVHpzSCUYuNr%2B24ABai3n84DE%2FCDl%2FhuIKOw8Miy%2FAGo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d2256bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/15.gif	172.66.47.10	200 OK	32 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/15.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 80 x 80 Size 32 kB (32206 bytes) Hash 7ce167c5d570b82f88cf06e396a934c9 c5e456886ddcbd51bb72e5793e1a22c9368ed8d7 1e87d201795da46c78b088ffea9a3bc1451d15f20057437499e2fb68ebd44abf HTTP Headers `GET /15.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 32206 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "0894987d35d589afa23e8277680186ce" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzUbu75z862znxIkYzZVJqDmcKaRFUCJapANdG8MRiAoaX59%2FmfIKLhos%2BdnWCJymMxWBF5WcbDuZe%2Fyv04eSSo07V8GpJmMx2EWoZXVvLCjiMEn3ZPeqWRYBgJD3xOLpfw2NpxRInkl5Wo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d2156bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/3.gif	172.66.47.10	200 OK	37 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/3.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 80 x 80 Size 37 kB (37289 bytes) Hash 439d8238a74018f59ee0c9591d49429e e350139522c7c041069fdd29c8d6176bbb451f50 c3cb8dea6a44e798e7a72097b1951786358fa9f604454a8abffe17ee840914bf HTTP Headers `GET /3.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 37289 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "bd4f783cdf841d8b3f12d940f62806b2" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9emN7M6E2b2B%2FaFMbowrRIYCpwvCu4yf5skn9yb30lyoPd6YuNSsjR3a50bsXbTnPbmUa%2BTG2HumjNwexDMlIfIOkrztVlMlefdYFSbgHrFKAnDOOnO%2FWcx2cE%2BRMKP%2F5VSKsmh1TQ2ubNs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d1e56bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/huluwa.gif	172.66.47.10	200 OK	66 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/huluwa.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 600 x 600 Size 66 kB (66289 bytes) Hash e7f6ec35ea5dff8f245ef6ec207edb42 45a6a7008e2d7753175bb62733c67506610e93f8 afd2d84656d478ad95539b1f5f935a96585db4b1497f7535d7c18d86aa7e0bde HTTP Headers `GET /huluwa.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 66289 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "09cbbb484deb8f259a514b196e1ef97d" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dB0Z%2BfJWB3Hwmh1MDwEShSusKTO9a2NOq%2B2%2FkP%2Ft6KsKQl0sUZcRl5KkyW68QpC4HsqpSeloyQTn5N2Cqc5iKXYCZwTxBbLMEFEKl0gX%2FJ%2FZKOEZbTApzQK8FSBh5%2F39HCT48H%2FJIrLXp%2Bw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d1b56bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ftpjust.sdf3rt243.cc/ymas_001.jpg	104.21.57.251	200 OK	36 kB
URL GET HTTP/2 ftpjust.sdf3rt243.cc/ymas_001.jpg IP 104.21.57.251:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectsdf3rt243.cc Fingerprint8E:B1:AA:C9:0D:1D:E5:98:9B:12:C7:D3:99:8B:8F:9C:50:90:6D:0B ValidityThu, 18 Apr 2024 07:16:31 GMT - Wed, 17 Jul 2024 07:16:30 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3 Size 36 kB (35995 bytes) Hash 03fcfa7b58f94dc33b9935458316de6c 4b6bc244e0516d2f6aaea3a42ce966fc66615f7c 042afc13387f0f8f28c926e60d729d0898358fdfd8e2e585b5d13d9d4465b060 HTTP Headers `GET /ymas_001.jpg HTTP/1.1 Host: ftpjust.sdf3rt243.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/jpeg content-length: 35995 last-modified: Wed, 27 Dec 2023 02:58:40 GMT etag: "658b92e0-8c9b" access-control-allow-origin: * access-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS access-control-allow-headers: auth_token,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Range,User-Agent,X-CustomHeader,X-Mx-ReqToken,X-Requested-With access-control-allow-credentials: true access-control-max-age: 600 cache-control: max-age=14400 cf-cache-status: HIT age: 4552 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BcDtEjIMoGpMTpTQ6ICdFnvHlWsNL0yXp1O%2BLJFIZw%2Fv9DkpEEzEb8OddR4xwfIwky0WWlb052wzeBxN9bfJV3l8Xk6zw%2FAapIj2bzmi6x%2Fey4yRpJO0tsWUj4ln59MzP8e17aDAA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d71eef0b02-OSL X-Firefox-Spdy: h2

	i.yourimageshare.com/R0ZFEf9sEF.gif	104.26.0.171	200 OK	801 kB
URL GET HTTP/2 i.yourimageshare.com/R0ZFEf9sEF.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 200 x 200 Size 801 kB (800906 bytes) Hash b67d8e3b2e6a17ef65cca5924479bcaf 170f0e54f86d9fe303bca99f7524cee878289a3f 2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c HTTP Headers `GET /R0ZFEf9sEF.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 800906 last-modified: Tue, 30 Apr 2024 10:34:40 GMT etag: "b67d8e3b2e6a17ef65cca5924479bcaf" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: BBOw9BL1Gvi0AIMOp9i5clLnPwXEKwFCcYpnGnCbrrKuJ1-1_meUPA== age: 3611 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiInpxVyY6RCqcxU888xbVDgYmo0G8mDUD4P8SbiXBrTdewpAiC3wLavtrAFBPIxVEuM0rRmBagZeq4m8VG0OYQS6C06Qv0zQrc1B0noOh6GEPdUSAQq4IgO9tczpo3Jfgra%2B8DF"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d59c0e56be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.yourimageshare.com/DLvykTD6bO.gif	104.26.0.171	200 OK	999 kB
URL GET HTTP/2 i.yourimageshare.com/DLvykTD6bO.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 100 x 100 Size 999 kB (998950 bytes) Hash 42afba33938bf4df2648b4f62d87cfc6 786a15cef059d2c53118c61c12295d71bd4a4896 42f48a633a77b2b6f28084e903bb00548bf7cc6758fa79cb6906fc37df718e32 HTTP Headers `GET /DLvykTD6bO.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 998950 last-modified: Fri, 29 Mar 2024 13:05:29 GMT etag: "42afba33938bf4df2648b4f62d87cfc6" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: B-c5qDjzHN_XmVHBWRLVDC0OpyqtkmWYKUUTNol25IOTNQ9AzvyfTA== age: 3447 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99Si3ZTbvyb8nW%2BR09Dnys%2BZ9%2FBD7ZcNvOG1B%2BC2%2Fl0wCAJIOlBZQWZvenpOsrG2RU4%2B9f9q4zFu6xlAX5oz8lkMWr7QFc53paR732fdGVPPEMcx0NA8AToCeRN3VMlxr%2Fhg3l2R"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d59c0f56be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	poweredby.jads.co/adshow.php?adzone=1004411	185.94.237.74	200 OK	1.6 kB
URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1004411 IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (401), with CRLF, LF line terminators Size 1.6 kB (1645 bytes) Hash 8e7d43585ebdbcca841b35509bdb440b ef4cef5adec2d4b0d079288661ad57e1acf44f55 f941901e401573da5f37816e2a4321ceb423b9d5c0af384a91b8383879cb4dd9 HTTP Headers GET /adshow.php?adzone=1004411 HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/5.6.40 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; expires=Wed, 30-Apr-2025 19:41:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 03-May-2024 19:41:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co Content-Encoding: gzip

	i.ibb.co/31Bk8H3/logo-1974a577.png	162.19.58.159	200 OK	58 kB
URL GET HTTP/2 i.ibb.co/31Bk8H3/logo-1974a577.png IP 162.19.58.159:443 ASN #16276 OVH SAS Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT File type PNG image data, 640 x 640, 8-bit/color RGBA, non-interlaced Size 58 kB (58329 bytes) Hash 85b7cf05e2523836a0e8d0f9bb57d587 7b54e073da8e12311b37239bbcf393ca63a2d738 ffab82cf7978f738c2015d48a583c142a06f9639bad772b75f570f8fba05795c HTTP Headers `GET /31Bk8H3/logo-1974a577.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/png content-length: 58329 last-modified: Wed, 20 Dec 2023 10:33:16 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	5e259838.carpe.pages.dev/35.gif	172.66.47.10	200 OK	20 kB
URL GET HTTP/2 5e259838.carpe.pages.dev/35.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 60 x 60 Size 20 kB (19466 bytes) Hash 26b90da13b88ac20863f867b3c6c5bb0 8ec29ab264f4779c1353cee2100641aed4749706 d004fcd565729bfded6a8d77c3b5a80f910a3af47e310b9b529f8197a688f5bc HTTP Headers `GET /35.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 19466 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "205963b647e3939cad8c2373d7b547da" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dihHKHCIKg4WMT6%2BEfDe20%2BOHbheYXJP%2FmN42O5FEBta5%2ByBUoN0mt%2FZGrgqsvi9RWUcRpqa4O6vHKUk1S%2Btu0vk%2Frhzy6cQ4%2F7jnTL3HOcttvenReYgi%2BKdiFJka1lKmv7IYR%2BQo4wS3Q%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d71dd556bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	user-images.githubusercontent.com/138796159/281945527-621174f1-22c7-4f94-bdc8-6b86d3b7866c.gif	185.199.108.133	200 OK	107 kB
URL GET HTTP/2 user-images.githubusercontent.com/138796159/281945527-621174f1-22c7-4f94-bdc8-6b86d3b7866c.gif IP 185.199.108.133:443 ASN #54113 FASTLY Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type GIF image data, version 89a, 300 x 300 Size 107 kB (106825 bytes) Hash 1b49814513dc1ad889d7edb8f0fe3783 4bf8be06d4a92994d7406e4b8ee11575bf241ef9 9646a6506f777102a0873a76e28dff82b3752e97306fa50d6a51e83ad1018119 HTTP Headers `GET /138796159/281945527-621174f1-22c7-4f94-bdc8-6b86d3b7866c.gif HTTP/1.1 Host: user-images.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK last-modified: Fri, 10 Nov 2023 03:27:50 GMT etag: "1b49814513dc1ad889d7edb8f0fe3783" x-amz-server-side-encryption: AES256 content-type: image/gif cache-control: max-age=3600 accept-ranges: bytes date: Tue, 30 Apr 2024 19:41:04 GMT via: 1.1 varnish age: 6643367 x-served-by: cache-hel1410027-HEL x-cache: HIT x-cache-hits: 1177 x-timer: S1714506065.511763,VS0,VE0 content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox; x-fastly-request-id: 746675ef68268afd288f57659e794a19a7e087f3 server: GitHub Cloud strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff timing-allow-origin: https://github.com content-length: 106825 X-Firefox-Spdy: h2

	i.ibb.co/Db8X4XH/aw.gif	162.19.58.159	200 OK	92 kB
URL GET HTTP/2 i.ibb.co/Db8X4XH/aw.gif IP 162.19.58.159:443 ASN #16276 OVH SAS Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT File type GIF image data, version 89a, 200 x 200 Size 92 kB (91676 bytes) Hash edfd14cb56ce79c0a3317801f4ac4bfa 00dce414c4fee9ef4fd0c7eeb8ca78b082c2b301 93c85d73528310946b77750a147dec5ff77da0fef56fd3a9b8328b3e1ecec7eb HTTP Headers `GET /Db8X4XH/aw.gif HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 91676 last-modified: Fri, 29 Mar 2024 12:57:42 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/2FyRtTS/image.gif	162.19.58.159	200 OK	456 kB
URL GET HTTP/2 i.ibb.co/2FyRtTS/image.gif IP 162.19.58.159:443 ASN #16276 OVH SAS Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT File type GIF image data, version 89a, 100 x 100 Size 456 kB (455637 bytes) Hash 0ed9bbf8d9aac7753aaae82ba0790c93 4f8cdfd02151b03f3547463c85f393fd9f9ab3f1 66472e84d2dc2162bd144d3c20c7b15f56954ceae80da689e9699940033064dc HTTP Headers `GET /2FyRtTS/image.gif HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 455637 last-modified: Tue, 02 Apr 2024 12:06:49 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 8d14d19cf7bf9801a5cc3af1ba4d168d 4f774782ee2887ee1da1220c95baddb85ae813aa 2496bc0f70f239664c1fc3a8b01ce27a4222ce05f904184561c5659d4356f3cf HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 29 Apr 2024 08:53:33 GMT Expires: Mon, 06 May 2024 08:53:32 GMT Etag: "4f774782ee2887ee1da1220c95baddb85ae813aa" Cache-Control: max-age=489511,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 572 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 87ca01d99bd1b50c-OSL

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 8d14d19cf7bf9801a5cc3af1ba4d168d 4f774782ee2887ee1da1220c95baddb85ae813aa 2496bc0f70f239664c1fc3a8b01ce27a4222ce05f904184561c5659d4356f3cf HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 29 Apr 2024 08:53:33 GMT Expires: Mon, 06 May 2024 08:53:32 GMT Etag: "4f774782ee2887ee1da1220c95baddb85ae813aa" Cache-Control: max-age=489511,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 572 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 87ca01d99923b4fa-OSL

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 25a3ebf7b29d6e03a48be3d17b05dfed 11b1e29135a6244a61ee8a579f3f4c2cb96f2926 ea26aea76a01de17e9b27b43b214e8c41bea2cf3898bd6cc1cc5bd86111209bb HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 29 Apr 2024 03:56:47 GMT Expires: Mon, 06 May 2024 03:56:46 GMT Etag: "11b1e29135a6244a61ee8a579f3f4c2cb96f2926" Cache-Control: max-age=474343,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1297 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 87ca01d99b23568f-OSL

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 25a3ebf7b29d6e03a48be3d17b05dfed 11b1e29135a6244a61ee8a579f3f4c2cb96f2926 ea26aea76a01de17e9b27b43b214e8c41bea2cf3898bd6cc1cc5bd86111209bb HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 29 Apr 2024 03:56:47 GMT Expires: Mon, 06 May 2024 03:56:46 GMT Etag: "11b1e29135a6244a61ee8a579f3f4c2cb96f2926" Cache-Control: max-age=474343,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1297 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 87ca01d99c130b65-OSL

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 25a3ebf7b29d6e03a48be3d17b05dfed 11b1e29135a6244a61ee8a579f3f4c2cb96f2926 ea26aea76a01de17e9b27b43b214e8c41bea2cf3898bd6cc1cc5bd86111209bb HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:04 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 29 Apr 2024 03:56:47 GMT Expires: Mon, 06 May 2024 03:56:46 GMT Etag: "11b1e29135a6244a61ee8a579f3f4c2cb96f2926" Cache-Control: max-age=474343,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1297 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 87ca01d99eb8b4f3-OSL

	cbb328e6.carpe.pages.dev/fAHFLjJZ92ZJeDejcJzl.gif	172.66.47.10	200 OK	1.2 MB
URL GET HTTP/2 cbb328e6.carpe.pages.dev/fAHFLjJZ92ZJeDejcJzl.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 100 x 80 Size 1.2 MB (1182401 bytes) Hash 1eaa6efa5ca74abca56b6c8642fc9119 84a4972f406a8c64aaad22b923ae2a6e9ac7dfe7 389a1925416e722494613a04ab3b03759c661b3446a4f427686d768183e3fd01 HTTP Headers `GET /fAHFLjJZ92ZJeDejcJzl.gif HTTP/1.1 Host: cbb328e6.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 1182401 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "87f6cf74eb8b7c642f2d4dbab6c57031" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhS0OH7fv13r7NFmCZL77eMDtD%2Fvfm7MXeaLvcjk%2B0b963UUCS6cYoul7IhM5F4xs1c2V5xMelhEBtHAV9U%2BqIBINltB%2Bl1USw%2BIp5y8WHanz1HxfBH6fVUd68t1Lx%2Bl7osGFmBPACxgOqs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d71dd756bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	zawadilatumaini.com/user/srcd.shtml	172.67.196.154	200 OK	0 B
URL POST HTTP/3 zawadilatumaini.com/user/srcd.shtml IP 172.67.196.154:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectzawadilatumaini.com Fingerprint9F:C0:74:1F:C7:36:45:1D:88:67:BC:E2:19:DD:BD:09:31:FD:DE:F3 ValidityWed, 03 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /user/srcd.shtml HTTP/1.1 Host: zawadilatumaini.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://zawadilatumaini.com/vodplay/17280.shtml Content-Type: application/json X-Requested-With: XMLHttpRequest Content-Length: 2 Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Cookie: JSESSIONID=DXezr4cRXBzAmFcvnknIj-D3_Ad7xBls-2AZ8Fw8; wxxu=QlU9P1luV0txcQVyTwlEcniyUH2nRvHrPQpuaFN_tl5tukRatkSkslBMZlawZ6ZPS4umD92mn5NcrQET6U-cvQQ; srcd=false-pf-Linux%20x86_64-h-1024-w-1280 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:05 GMT content-length: 0 strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7F%2B%2Fw%2FDGsCkIOI9d6KjTGfKP9MBTQpUaEtEnEsPStjnnO6AuGT0MCdDWD%2FUWMYabpoutv62M2wxXiHI%2FkOh7Go0nn6gZmIxGKEDpDFes%2B95oca%2F%2BH1fRpvSsyuPl62F4BsWfBX1a"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 87ca01d74990b521-OSL alt-svc: h3=":443"; ma=86400

	i.yourimageshare.com/i2esDPNoD8.gif	104.26.0.171	200 OK	2.2 MB
URL GET HTTP/2 i.yourimageshare.com/i2esDPNoD8.gif IP 104.26.0.171:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectyourimageshare.com FingerprintEF:4F:8D:FA:85:32:2B:03:27:83:9B:E1:DA:10:B2:1F:DA:F0:F1:AC ValidityTue, 05 Mar 2024 04:54:37 GMT - Mon, 03 Jun 2024 04:54:36 GMT File type GIF image data, version 89a, 152 x 152 Size 2.2 MB (2168710 bytes) Hash a0d945b4c30bc77735161545d1e00072 87c77a030ae771c3010d1215f73d1426e03f48dd 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb HTTP Headers `GET /i2esDPNoD8.gif HTTP/1.1 Host: i.yourimageshare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 2168710 last-modified: Tue, 30 Apr 2024 10:40:25 GMT etag: "a0d945b4c30bc77735161545d1e00072" x-amz-server-side-encryption: AES256 x-amz-version-id: null x-cache: Hit from cloudfront via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: bi2Jh1QnDseJVB-wg6EyO_7EWB5fVPn16LrC_wGwJKFyAGCJIsZEyQ== age: 4788 vary: Origin, Accept-Encoding cache-control: max-age=31536000 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTWEcI4D3em2ygmKdpmh309vVf9qz2u6swYABvgR4nAcq8BU06ills1UXztTmNeIJZ3uwlGfEguLAQq%2BY9y7zPCsBG9iXdLl97%2FVbQdcAhMO8WrRpYvRo7Z4RD%2FcElijJyLWc7Xp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * x-robots-tag: noindex, nofollow, noimageindex server: cloudflare cf-ray: 87ca01d69d5d56be-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	5e259838.carpe.pages.dev/im2.gif	172.66.47.10	200 OK	2.4 MB
URL GET HTTP/2 5e259838.carpe.pages.dev/im2.gif IP 172.66.47.10:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoogle Trust Services LLC Subjectcarpe.pages.dev Fingerprint93:62:FF:BB:40:F8:BB:D4:F3:12:C2:70:1E:17:E8:6C:A0:68:EB:5B ValiditySun, 28 Apr 2024 01:35:28 GMT - Sat, 27 Jul 2024 01:35:27 GMT File type GIF image data, version 89a, 394 x 394 Size 2.4 MB (2394415 bytes) Hash 62efcc37dad3efa94216d6ec9b55196e b0e699fabd76f899392408f115607d1af4444b80 c79432da3bf564a6da1a6e1ed45411a933505c260309c4c7c7ef77e2bddb293d HTTP Headers `GET /im2.gif HTTP/1.1 Host: 5e259838.carpe.pages.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:04 GMT content-type: image/gif content-length: 2394415 access-control-allow-origin: * cache-control: public, max-age=0, must-revalidate etag: "38a059e3980764c74d4533ecdcd759e8" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-robots-tag: noindex report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUDuwBvtTcQgfXGQKzbgDULvRrcnhZlBzcSLTEv75NX4qIN4AGiT4Gvh6vbybodTxX6AyVg6FeWsBDefw%2BZ9h5kEqRambqvi5Sy%2FD2pJnsIYgQ6bxQRjBCO7XFTgbnE8lLmDGxNT7j3sI1s%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d68d2456bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12O4UrEQAyEX8UXaEmyk25yv/2toPgA256FA68F7zxPycO7W0XEHQJhMx8zQoKO0CW6Yd2Bd4Rw7p16SM+KuLt/CHBc1kt/XJfT+fk1AINyDAqGhwkRUmDQQY1CyeolOwYLz8imGcEaKahKNAFt64mIOUemeHq83YarJLLY1amuLTiEotJB1wbvU3KzcaLBR1cnozLKlGZPOrlz4yk+y3vZH17K+e1YDsuhn9bjlrxlStYthH7VNSYxktRe9VFs3+X0sUwRf4xNuqH8M/+v3xKpNgaaJ9h4ZjAZ51JKLQ4eIGm2wrV25i+eTzU7fgEAAA==	95.211.229.246	200 OK	20 B
URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12O4UrEQAyEX8UXaEmyk25yv/2toPgA256FA68F7zxPycO7W0XEHQJhMx8zQoKO0CW6Yd2Bd4Rw7p16SM+KuLt/CHBc1kt/XJfT+fk1AINyDAqGhwkRUmDQQY1CyeolOwYLz8imGcEaKahKNAFt64mIOUemeHq83YarJLLY1amuLTiEotJB1wbvU3KzcaLBR1cnozLKlGZPOrlz4yk+y3vZH17K+e1YDsuhn9bjlrxlStYthH7VNSYxktRe9VFs3+X0sUwRf4xNuqH8M/+v3xKpNgaaJ9h4ZjAZ51JKLQ4eIGm2wrV25i+eTzU7fgEAAA== IP 95.211.229.246:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /cimp.php?t=api&data=H4sIAAAAAAAAA12O4UrEQAyEX8UXaEmyk25yv/2toPgA256FA68F7zxPycO7W0XEHQJhMx8zQoKO0CW6Yd2Bd4Rw7p16SM+KuLt/CHBc1kt/XJfT+fk1AINyDAqGhwkRUmDQQY1CyeolOwYLz8imGcEaKahKNAFt64mIOUemeHq83YarJLLY1amuLTiEotJB1wbvU3KzcaLBR1cnozLKlGZPOrlz4yk+y3vZH17K+e1YDsuhn9bjlrxlStYthH7VNSYxktRe9VFs3+X0sUwRf4xNuqH8M/+v3xKpNgaaJ9h4ZjAZ51JKLQ4eIGm2wrV25i+eTzU7fgEAAA== HTTP/1.1 Host: s.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226631495000fab6.993615712861604165%22%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://zawadilatumaini.com Access-Control-Allow-Credentials: true Accept-CH: X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	thumbs2.imgbox.com/c9/eb/leYMqILu_t.jpg	212.63.223.226	200 OK	5.8 kB
URL GET HTTP/1.1 thumbs2.imgbox.com/c9/eb/leYMqILu_t.jpg IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imgbox.com FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92 ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3 Size 5.8 kB (5771 bytes) Hash c819673745f8aa273c037e4ce3050dcd 5b466dafb9afaf1bfdd5a3c30900f6e4f0342189 4767a8a642503e27256ec8a1e82d8f8feedd14ffa8be44abd1e81f7412d2da6b HTTP Headers `GET /c9/eb/leYMqILu_t.jpg HTTP/1.1 Host: thumbs2.imgbox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.14.2 date: Tue, 30 Apr 2024 19:41:05 GMT content-type: image/jpeg content-length: 5771 vary: x-s-token last-modified: Wed, 20 Dec 2023 10:32:04 GMT etag: "168b-60cee7e7af100" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	images2.imgbox.com/cb/9f/XQGCkjQi_o.png	212.63.223.227	200 OK	38 kB
URL GET HTTP/1.1 images2.imgbox.com/cb/9f/XQGCkjQi_o.png IP 212.63.223.227:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imgbox.com FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92 ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type PNG image data, 207 x 204, 8-bit/color RGBA, non-interlaced Size 38 kB (38441 bytes) Hash d9281b2d724078883a5b509d437e328a 42c82fe1691afb5a8cf8413ae042372aecdaf9f0 d66db76edd49e043926f3d85afb684c92cf6b6edb3145306c33d9b0f7c592829 HTTP Headers `GET /cb/9f/XQGCkjQi_o.png HTTP/1.1 Host: images2.imgbox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.14.2 date: Tue, 30 Apr 2024 19:41:05 GMT content-type: image/png content-length: 38441 vary: x-s-token last-modified: Wed, 28 Dec 2022 22:01:20 GMT etag: "9629-5f0ea82248c00" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	thumbs2.imgbox.com/49/06/MKqkp49q_t.gif	212.63.223.226	200 OK	6.2 kB
URL GET HTTP/1.1 thumbs2.imgbox.com/49/06/MKqkp49q_t.gif IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imgbox.com FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92 ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3 Size 6.2 kB (6159 bytes) Hash f7e36d043085eb6ea5c7ea511d610092 2fe535bf1f7432c934f88076ca6e02dd34de9e01 86438d8fa0f119adbe591b8b72a5052416535c76e38794c02f6a95c99d0150ee HTTP Headers `GET /49/06/MKqkp49q_t.gif HTTP/1.1 Host: thumbs2.imgbox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.18.0 date: Tue, 30 Apr 2024 19:41:05 GMT content-type: image/gif content-length: 6159 vary: x-s-token last-modified: Fri, 29 Mar 2024 01:56:45 GMT etag: W/"180f-614cc44e4e780" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	thumbs4.imagebam.com/b9/fa/ae/MESCSLY_t.png	212.63.223.226	200 OK	16 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/b9/fa/ae/MESCSLY_t.png IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Size 16 kB (16425 bytes) Hash f13126216d2d47e3dda780c8bb39e0a0 5a89b98c8c254af6838e2331606452b87f4ffec8 9f5ec28d2edecdc44d43d6078d8118ff449bcab6cb9ed9e034a7199acd42e7d9 HTTP Headers `GET /b9/fa/ae/MESCSLY_t.png HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.22.1 date: Tue, 30 Apr 2024 19:41:05 GMT content-type: image/png content-length: 16425 vary: x-s-token last-modified: Mon, 04 Mar 2024 17:11:02 GMT etag: "4029-612d8cf66eb58" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	thumbs4.imagebam.com/17/19/88/MEPEDLU_t.jpg	212.63.223.226	200 OK	6.2 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/17/19/88/MEPEDLU_t.jpg IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3 Size 6.2 kB (6188 bytes) Hash 155fcc2c1bf1fe24594aa854fc36f3d5 6bf018a247ce46063f98b28979a6e96a5aa28b5b 2657b71deb167f1afd3c56aaf2c67bcc1c3704b368bd6fce5e9b89cb464e50c7 HTTP Headers `GET /17/19/88/MEPEDLU_t.jpg HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.18.0 date: Tue, 30 Apr 2024 19:41:05 GMT content-type: image/jpeg content-length: 6188 vary: x-s-token last-modified: Tue, 10 Oct 2023 02:22:02 GMT etag: "182c-607535f41a344" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12O4UoDMRCEX8UX6DGb3b1k+9vfCooPcJdroWBbaGutMg/v5ZAiZggMu/NlkpBsBVspHsTXJmsYQ7pAZ6kTNz49v9CE1+O12x8P58vmRLNiLuzdxIIlAaa0ks28p6PQJecCMFton6RQnErMSq5mzXWAJGEG314flyuzEhW4JcfsWzETaLPHrcGTapQyVvQxhgcKhjFV3YZ6jZD2APg9fA7T7n24fOyH3WHX1eN+aW6dMpNLC+5aNUbFNM3/mg+4jIfz16GSf4JNfkcb9X/7mwlmilnL0LYZ/dSHT7VqLmXjBVOMOXTycSv1B0Rz9N9+AQAA	95.211.229.246	200 OK	20 B
URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12O4UoDMRCEX8UX6DGb3b1k+9vfCooPcJdroWBbaGutMg/v5ZAiZggMu/NlkpBsBVspHsTXJmsYQ7pAZ6kTNz49v9CE1+O12x8P58vmRLNiLuzdxIIlAaa0ks28p6PQJecCMFton6RQnErMSq5mzXWAJGEG314flyuzEhW4JcfsWzETaLPHrcGTapQyVvQxhgcKhjFV3YZ6jZD2APg9fA7T7n24fOyH3WHX1eN+aW6dMpNLC+5aNUbFNM3/mg+4jIfz16GSf4JNfkcb9X/7mwlmilnL0LYZ/dSHT7VqLmXjBVOMOXTycSv1B0Rz9N9+AQAA IP 95.211.229.246:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /cimp.php?t=api&data=H4sIAAAAAAAAA12O4UoDMRCEX8UX6DGb3b1k+9vfCooPcJdroWBbaGutMg/v5ZAiZggMu/NlkpBsBVspHsTXJmsYQ7pAZ6kTNz49v9CE1+O12x8P58vmRLNiLuzdxIIlAaa0ks28p6PQJecCMFton6RQnErMSq5mzXWAJGEG314flyuzEhW4JcfsWzETaLPHrcGTapQyVvQxhgcKhjFV3YZ6jZD2APg9fA7T7n24fOyH3WHX1eN+aW6dMpNLC+5aNUbFNM3/mg+4jIfz16GSf4JNfkcb9X/7mwlmilnL0LYZ/dSHT7VqLmXjBVOMOXTycSv1B0Rz9N9+AQAA HTTP/1.1 Host: s.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226631495000fab6.993615712861604165%22%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: https://zawadilatumaini.com Access-Control-Allow-Credentials: true Accept-CH: X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	images2.imgbox.com/9f/8c/4136Iste_o.png	212.63.223.227	200 OK	4.7 kB
URL GET HTTP/1.1 images2.imgbox.com/9f/8c/4136Iste_o.png IP 212.63.223.227:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imgbox.com FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92 ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type PNG image data, 183 x 181, 8-bit colormap, non-interlaced Size 4.7 kB (4692 bytes) Hash 2f6e01898bd2e06026a5c6a73a7fbf37 61ee4ce1e9a4ff45acb18a62276cb43d27eb8e7d e35f56d2f22f5d2a44e84597e8cfc800bbb0f808b50f082bfb6747bb9c95541e HTTP Headers `GET /9f/8c/4136Iste_o.png HTTP/1.1 Host: images2.imgbox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.22.1 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/png content-length: 4692 vary: x-s-token last-modified: Wed, 28 Dec 2022 21:59:36 GMT etag: "1254-5f0ea7bf1a200" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	thumbs4.imagebam.com/6f/ce/cf/MEQWUCM_t.jpg	212.63.223.226	200 OK	4.5 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/6f/ce/cf/MEQWUCM_t.jpg IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 100x100, components 3 Size 4.5 kB (4512 bytes) Hash 15480e664a88690f6f441e0b4b8940c0 164020580fcf46a98945e72c627118195fbbde30 bf3786059c32dfc9657d2726d87e183e7786260704405e846ee7bdb69d07a3cc HTTP Headers `GET /6f/ce/cf/MEQWUCM_t.jpg HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.14.2 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 4512 vary: x-s-token last-modified: Wed, 20 Dec 2023 10:27:44 GMT etag: "11a0-60cee6f098ebd" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	iili.io/JjPJOtj.gif	104.21.235.69	200 OK	67 kB
URL GET HTTP/2 iili.io/JjPJOtj.gif IP 104.21.235.69:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectiili.io FingerprintBC:4F:88:30:0C:ED:E2:33:84:5B:56:AE:51:20:EF:39:2E:EB:4B:39 ValidityWed, 03 Apr 2024 03:03:02 GMT - Tue, 02 Jul 2024 03:03:01 GMT File type GIF image data, version 89a, 100 x 100 Size 67 kB (67359 bytes) Hash 01d30f44ca2313c5a1a377cf405786fb 5991ce8af99e8606220975b26e39dacb3423602a 6d657be85791a5c4403f632b168e2b4239d8afa95223ca6e10a3652ef0114652 HTTP Headers `GET /JjPJOtj.gif HTTP/1.1 Host: iili.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 67359 last-modified: Fri, 29 Mar 2024 13:02:31 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cf-cache-status: HIT age: 2788398 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VKVpcjePThQ7N2JlQfybGfCvb2MVTM49DUUUHIo%2FrSZq2kGZVsmsIoCyYgeHj7DnqpZyGdJBZ%2F1NnCWrZMf0r023NP6AVavb98QR0nnrKryG%2FzUCWU%2BbAeg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01e12abab88b-AMS alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	thumbs4.imagebam.com/c3/8e/3f/MEPH2VV_t.gif	212.63.223.226	200 OK	391 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/c3/8e/3f/MEPH2VV_t.gif IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type GIF image data, version 89a, 100 x 100 Size 391 kB (391167 bytes) Hash fffe150799ce2625ee03e3413115acc7 4a8bdd874383c2f4374d1bdf8b199980de6d8721 01c2a50442870e61384546e1bb0024110f3c034edd722fb743e69a59ae11c9f4 HTTP Headers `GET /c3/8e/3f/MEPH2VV_t.gif HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.18.0 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 391167 vary: x-s-token last-modified: Sat, 14 Oct 2023 05:05:31 GMT etag: "5f7ff-607a61f4db07f" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	thumbs4.imagebam.com/63/fd/9f/MEP0AAW_t.jpg	212.63.223.226	200 OK	5.4 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/63/fd/9f/MEP0AAW_t.jpg IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x100, components 3 Size 5.4 kB (5412 bytes) Hash e5f0a1c706fdb48888dda2bf4188b60c 922a61b1640f871676efdcda2b1e13aa6b13898e 0860586d2bea875f3f96f31fe0cd0b5f9181e7d96200b2d8afbfa1a8fd347c24 HTTP Headers `GET /63/fd/9f/MEP0AAW_t.jpg HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.22.1 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 5412 vary: x-s-token last-modified: Mon, 18 Sep 2023 05:43:28 GMT etag: "1524-6059b9f2b1367" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	91ymdl.site/%E6%B7%AB%E6%AF%8DGIF-1-150.gif	104.21.92.180	200 OK	675 kB
URL GET HTTP/2 91ymdl.site/%E6%B7%AB%E6%AF%8DGIF-1-150.gif IP 104.21.92.180:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subject91ymdl.site Fingerprint1A:7E:65:DD:05:42:A4:88:13:5C:90:16:1F:F7:B3:E0:DC:49:9C:D1 ValidityFri, 05 Apr 2024 12:05:12 GMT - Thu, 04 Jul 2024 12:05:11 GMT File type GIF image data, version 89a, 150 x 150 Size 675 kB (674849 bytes) Hash 7c11cbb87ccd6e8da12a872d5f2e8dc1 86ad8cf32351d83af636a502de4809b901796db4 8755489aace6eae8843e58175a110861801ed0d139fd4f8856febc9eb2d6273a HTTP Headers `GET /%E6%B7%AB%E6%AF%8DGIF-1-150.gif HTTP/1.1 Host: 91ymdl.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 674849 etag: "7c11cbb87ccd6e8da12a872d5f2e8dc1" last-modified: Mon, 22 Apr 2024 08:04:47 GMT vary: Accept-Encoding cache-control: max-age=14400 cf-cache-status: HIT age: 4689 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqkLlqwoHTMvsvdpxmgnbcWFqjje%2BXzGNiTRvOQ%2BH4BD4U4eMM7owgnzm35bdl370QiJIsEwxsGSVGbkeTIYWzAjrDF6bGY36a8JBMwwYfxkfcq1P7hHp1pWryWAWw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 87ca01e1fb6656c7-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	iili.io/Jj5Ue2t.md.jpg	104.21.235.69	200 OK	25 kB
URL GET HTTP/2 iili.io/Jj5Ue2t.md.jpg IP 104.21.235.69:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectiili.io FingerprintBC:4F:88:30:0C:ED:E2:33:84:5B:56:AE:51:20:EF:39:2E:EB:4B:39 ValidityWed, 03 Apr 2024 03:03:02 GMT - Tue, 02 Jul 2024 03:03:01 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 500x500, components 3 Size 25 kB (25047 bytes) Hash 549a7863a7a3d0369a5c42196d255db3 d088bbddd4872a2a1b4c5bc60a5a990972d6e0a5 cf844272551cb0cc61b1c9a974e695693b8f2a6b47035fbba0fb366637bc2cc2 HTTP Headers `GET /Jj5Ue2t.md.jpg HTTP/1.1 Host: iili.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 25047 last-modified: Wed, 27 Mar 2024 08:55:03 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cf-cache-status: HIT age: 2976332 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ws4MCCxTY6lP1wwUJcN39xTmXX44ASdAN8oWf4kpSWHJtnOBZJiz6PwEu6Hg3QOCznK6pTyAIqeYKuKed8Ro59jCnlEjYERvbHxbEzEQX8lKYJoGvX6vdlAc"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01e1ebbcb88b-AMS alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	iili.io/JS6RTEQ.md.jpg	104.21.235.69	200 OK	50 kB
URL GET HTTP/2 iili.io/JS6RTEQ.md.jpg IP 104.21.235.69:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectiili.io FingerprintBC:4F:88:30:0C:ED:E2:33:84:5B:56:AE:51:20:EF:39:2E:EB:4B:39 ValidityWed, 03 Apr 2024 03:03:02 GMT - Tue, 02 Jul 2024 03:03:01 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 500x500, components 3 Size 50 kB (49522 bytes) Hash 31e1f2365f543f0d34a229925157cf11 fdbdb47da658ccb4047a96a44abb96077aefbdc9 b162f0a98bd5e2b9e74ec765124454179ec6658a20b58d494ce3fec7b5b2c6c3 HTTP Headers `GET /JS6RTEQ.md.jpg HTTP/1.1 Host: iili.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 49522 last-modified: Wed, 24 Apr 2024 08:30:19 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cf-cache-status: HIT age: 558604 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FACMcTR9IRbINKZOdyADWrFaYAiUeYVZB4w%2BHsVBHPYSsblOzRrK4%2FyDh%2F5ed5WLHN5Ccf0CY2WKtOR5464IM5fAZ5rdYJEy7kneQJfqcQ9SEVoZURzZ907Y"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01e20c15b88b-AMS alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.postimg.cc/XJFJDJnD/sh-Ta-V7-Hn-OSrl-B4w-V8jy6.gif	162.19.61.80	200 OK	226 kB
URL GET HTTP/2 i.postimg.cc/XJFJDJnD/sh-Ta-V7-Hn-OSrl-B4w-V8jy6.gif IP 162.19.61.80:443 ASN #16276 OVH SAS Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectpostimg.cc Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6 ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT File type GIF image data, version 89a, 100 x 100 Size 226 kB (226308 bytes) Hash de861afaf924d9182624a5486153ef1a f2524304fd07f00d5f4efb0d151cf0d8342c75e1 f04bafc739430656615f8b19a88ef02665fc68a9f5b1362152770af4c4c945cb HTTP Headers `GET /XJFJDJnD/sh-Ta-V7-Hn-OSrl-B4w-V8jy6.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 226308 last-modified: Wed, 27 Mar 2024 12:35:57 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	iili.io/JA0lusf.md.png	104.21.235.69	200 OK	80 kB
URL GET HTTP/2 iili.io/JA0lusf.md.png IP 104.21.235.69:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectiili.io FingerprintBC:4F:88:30:0C:ED:E2:33:84:5B:56:AE:51:20:EF:39:2E:EB:4B:39 ValidityWed, 03 Apr 2024 03:03:02 GMT - Tue, 02 Jul 2024 03:03:01 GMT File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 80 kB (79748 bytes) Hash df016b851d6b8a8509b4e3ac5c755476 18a1967d27cb073f70a95919098687d71051b416 78c743b6e552875cfc855126969607951c7633b37cdfcb40f83153bfd6c76f1e HTTP Headers `GET /JA0lusf.md.png HTTP/1.1 Host: iili.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/png content-length: 79748 last-modified: Wed, 20 Dec 2023 10:30:26 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cf-cache-status: HIT age: 4005349 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNzjoEViDftVW6baMLttz2YBIhwq5RBwfnydVlO4912MF32i9i9bsVH8SkjQjhvb7%2F3k0yv6bPivNT%2BxW4i9NRXn%2BNi2%2FzBoe4XRRZCKa1PglKxhwYrrg%2Bl2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01e34d64b88b-AMS alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.postimg.cc/MTt80JGp/image.jpg	162.19.61.80	200 OK	21 kB
URL GET HTTP/2 i.postimg.cc/MTt80JGp/image.jpg IP 162.19.61.80:443 ASN #16276 OVH SAS Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectpostimg.cc Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6 ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3 Size 21 kB (21211 bytes) Hash 62d90877f444ebd6eca9d947cc5a42ac 129efcdb09f6015ed16fc791550a4c1da0aaac92 8d290d7ef0f308f73581ce65252895f4dfa277e97a61241b4398db51c86d2445 HTTP Headers `GET /MTt80JGp/image.jpg HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 21211 last-modified: Tue, 05 Mar 2024 04:18:54 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	thumbs4.imagebam.com/bd/8f/88/MEPKG19_t.gif	212.63.223.226	200 OK	96 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/bd/8f/88/MEPKG19_t.gif IP 212.63.223.226:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type GIF image data, version 89a, 100 x 100 Size 96 kB (95804 bytes) Hash 09687136eb1b102af050ea7f6e2cbaf1 7e1337ea1cee457058b384b81e7fef51c12eae4e 598fa5256920c4fffee36ea3f1208ca6a0a1a85c03dcf9d8ffaa0b8ae84183c3 HTTP Headers `GET /bd/8f/88/MEPKG19_t.gif HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.22.1 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 95804 vary: x-s-token last-modified: Wed, 18 Oct 2023 21:46:01 GMT etag: "1763c-6080490b83af4" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4	185.76.9.15	206 Partial Content	22 kB
URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4 IP 185.76.9.15:443 ASN #60068 Datacamp Limited Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size 22 kB (21956 bytes) Hash 7aab39bd95f3b8fe10a021cef327eee8 8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5 0405eb10aa1fce693abb9d60fbfbb1f82f07b6a72692d0addf003449d11b79eb HTTP Headers GET /library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4 HTTP/1.1 Host: s3t3d2y8.afcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache HTTP/2 206 Partial Content date: Tue, 30 Apr 2024 19:41:06 GMT content-type: video/mp4 content-length: 21956 last-modified: Fri, 29 Jul 2022 16:34:04 GMT etag: "62e40bfc-55c4" accept-ch: expires: Wed, 08 Jan 2025 20:18:27 GMT cache-control: max-age=31536000 access-control-allow-origin: * x-robots-tag: noindex, follow x-77-nzt: EwwBuUwJDQH3JZ+TAAwBuUwKEwH3GgAAAAgBJRPCNAGB x-77-nzt-ray: c0a4cc280d8e673e52493166b900b320 x-accel-expires: @1736367507 x-77-cache: HIT x-accel-date: 1704831533 x-cache-lb: HIT x-age-lb: 26 x-77-age: 9674533 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 9674533 x-77-pop: stockholmSE content-range: bytes 0-21955/21956 X-Firefox-Spdy: h2

	s3t3d2y8.afcdn.net/library/448451/a1e0ad84e7659c2b46dedccd2e2cef1333dc50a0.webp	185.76.9.15	200 OK	8.8 kB
URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/a1e0ad84e7659c2b46dedccd2e2cef1333dc50a0.webp IP 185.76.9.15:443 ASN #60068 Datacamp Limited Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 728x90, Scaling: [none]x[none], YUV color, decoders should clamp Size 8.8 kB (8772 bytes) Hash 700bd73555ac73b5d39f9ff3daedc99c a1e0ad84e7659c2b46dedccd2e2cef1333dc50a0 e24a6319b0dc1e5bc01b7b07b35c5adb79bcbcdf707b44aa704fcc5e5a2dd11c HTTP Headers `GET /library/448451/a1e0ad84e7659c2b46dedccd2e2cef1333dc50a0.webp HTTP/1.1 Host: s3t3d2y8.afcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/webp content-length: 8772 last-modified: Thu, 25 Apr 2024 18:15:27 GMT etag: "662a9dbf-2244" accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version expires: Fri, 25 Apr 2025 19:09:40 GMT cache-control: max-age=31536000 access-control-allow-origin: * x-robots-tag: noindex, follow x-77-nzt: EwwBuUwJDQH3VJsGAAwBuUwKEwH3igMAAAgBJRPCNAGB x-77-nzt-ray: c0a4cc280d8e673e52493166a3a35322 x-accel-expires: @1745608180 x-77-cache: HIT x-accel-date: 1714073086 x-77-age: 432980 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 432980 x-77-pop: stockholmSE accept-ranges: bytes X-Firefox-Spdy: h2

	poweredby.jads.co/js/jads2.js	185.94.237.74	200 OK	1.7 kB
URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (3758), with no line terminators Size 1.7 kB (1719 bytes) Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 HTTP Headers GET /js/jads2.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:06 GMT Content-Type: application/x-javascript Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT Transfer-Encoding: chunked Connection: close ETag: W/"65fdf38d-eae" Content-Encoding: gzip`

	poweredby.jads.co/js/jads2.js	185.94.237.74	200 OK	1.7 kB
URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js IP 185.94.237.74:443 ASN #42567 Mojohost B.v. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (3758), with no line terminators Size 1.7 kB (1719 bytes) Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 HTTP Headers GET /js/jads2.js HTTP/1.1 Host: poweredby.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 30 Apr 2024 19:41:06 GMT Content-Type: application/x-javascript Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT Transfer-Encoding: chunked Connection: close ETag: W/"65fdf38d-eae" Content-Encoding: gzip`

	i.jads.co/ads/user186477/ad1953882-1712824335.gif	185.76.9.19	200 OK	28 kB
URL GET HTTP/2 i.jads.co/ads/user186477/ad1953882-1712824335.gif IP 185.76.9.19:443 ASN #60068 Datacamp Limited Requested by https://poweredby.jads.co/adshow.php?adzone=1006686 Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type GIF image data, version 89a, 300 x 250 Size 28 kB (27692 bytes) Hash 58893ef53c9baeed861d733f34231e32 38f35c89cac52858543dcc64bce2d08d856bcf5e 297c4bbf7aa28a7ff929662c16d533416531fc9288b63010e1731dc96661eb1c HTTP Headers GET /ads/user186477/ad1953882-1712824335.gif HTTP/1.1 Host: i.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://poweredby.jads.co/ Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 27692 last-modified: Thu, 11 Apr 2024 08:32:15 GMT etag: "6617a00f-6c2c" x-77-nzt: EwwBuUwJDQH30JIZAAwBuUwKDAH3WxMAAAwBnJIhJwH3BQAAAA x-77-nzt-ray: c0a4cc289f899e595249316634e62026 x-accel-expires: @1715417122 x-accel-date: 1712830082 x-77-cache: HIT x-77-age: 1675984 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 1675984 x-77-pop: stockholmSE accept-ranges: bytes X-Firefox-Spdy: h2`

	i.jads.co/ads/juicyads_black.gif	185.76.9.19	200 OK	2.2 kB
URL GET HTTP/2 i.jads.co/ads/juicyads_black.gif IP 185.76.9.19:443 ASN #60068 Datacamp Limited Requested by https://poweredby.jads.co/adshow.php?adzone=1006686 Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type GIF image data, version 89a, 62 x 24 Size 2.2 kB (2193 bytes) Hash 4dffc647a404d4297cd77b3974cd666e c4a02f126e24601bd9288a4080eea39adb472e6f b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb HTTP Headers GET /ads/juicyads_black.gif HTTP/1.1 Host: i.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://poweredby.jads.co/ Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 2193 last-modified: Wed, 02 Mar 2016 17:54:59 GMT etag: "56d728f3-891" x-77-nzt: EwwBuUwJDQH3JKwOAAwBuUwKDAH3gwEAAAwBisclwQH3EwAAAA x-77-nzt-ray: c0a4cc289f899e595249316673153027 x-accel-expires: @1716136446 x-accel-date: 1713544494 x-77-cache: HIT x-77-age: 961572 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 961572 x-77-pop: stockholmSE accept-ranges: bytes X-Firefox-Spdy: h2`

	i.jads.co/network/user1037/203-1520185101.jpg	185.76.9.19	200 OK	24 kB
URL GET HTTP/2 i.jads.co/network/user1037/203-1520185101.jpg IP 185.76.9.19:443 ASN #60068 Datacamp Limited Requested by https://poweredby.jads.co/adshow.php?adzone=1006632 Certificate IssuerSectigo Limited Subject.jads.co Fingerprint6C:79:49:F2:EA:3B:68:61:E1:57:17:4B:BA:C8:E9:7C:91:0C:AB:38 ValidityWed, 24 Jan 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3 Size 24 kB (23898 bytes) Hash 9d43d8ef4d6605e218bf318e21923b8c e8cae62be698d197f2f23ad36815f4e2d3f45881 11114dddf1cf3603f2782c8b8ba1d5dd4403147e9030053c6e268819f56f2f64 HTTP Headers GET /network/user1037/203-1520185101.jpg HTTP/1.1 Host: i.jads.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://poweredby.jads.co/ Cookie: surferid=dbf4b7b98bead6f57b29a819fcdf3f49; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/jpeg content-length: 23898 last-modified: Sun, 04 Mar 2018 17:38:21 GMT etag: "5a9c2f0d-5d5a" x-77-nzt: EwwBuUwJDQH366sOAAwBuUwKAQH3BAMAAAwBnJIhHwH3PwAAAA x-77-nzt-ray: c0a4cc289f899e59524931662974ab27 x-accel-expires: @1716136466 x-accel-date: 1713544551 x-77-cache: HIT x-77-age: 961515 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 961515 x-77-pop: stockholmSE accept-ranges: bytes X-Firefox-Spdy: h2`

	r.trackwilltrk.com/s1/9fd95b99-f88f-4693-b956-e7985beff03b?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=130278&cv4=284234&cv5=1004411&cv6=	185.98.53.17	200 OK	828 B
URL GET HTTP/1.1 r.trackwilltrk.com/s1/9fd95b99-f88f-4693-b956-e7985beff03b?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=130278&cv4=284234&cv5=1004411&cv6= IP 185.98.53.17:443 ASN #39572 DataWeb Global Group B.V. Requested by https://poweredby.jads.co/adshow.php?adzone=1004411 Certificate IssuerLet's Encrypt Subjectr.trackwilltrk.com FingerprintEB:5F:29:47:28:65:88:53:93:89:63:55:38:70:AE:EA:8E:99:C4:0E ValidityWed, 28 Feb 2024 22:41:15 GMT - Tue, 28 May 2024 22:41:14 GMT File type HTML document, ASCII text, with very long lines (632) Size 828 B (828 bytes) Hash 134e3faebb2d1085ef3e3e146c844080 4713d98a09c2dc3feb9f955658191ac906b2434d 744788657043060f5a5cc06ddbc91c2ec7d3651a197832990e8b9b4b828e5f03 HTTP Headers GET /s1/9fd95b99-f88f-4693-b956-e7985beff03b?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=130278&cv4=284234&cv5=1004411&cv6= HTTP/1.1 Host: r.trackwilltrk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://poweredby.jads.co/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 30 Apr 2024 19:41:06 GMT Content-Type: text/html; charset=utf-8 Content-Length: 828 Connection: close Set-Cookie: uid=OU0Xo6u-pj; Path=/; Domain=trackwilltrk.com; Expires=Wed, 01 May 2024 19:41:06 GMT; HttpOnly X-Request-Id: c0a7169e-00a5-4a2a-8f73-f1ca3e60a81f`

	cdn.cloudfrale.com/bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4	45.133.44.21	206 Partial Content	362 kB
URL GET HTTP/2 cdn.cloudfrale.com/bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4 IP 45.133.44.21:443 ASN #39572 DataWeb Global Group B.V. Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint5F:02:E3:5B:0C:B7:FA:C1:27:2A:35:DA:29:17:01:A8:47:B5:F3:A8 ValidityWed, 10 Jan 2024 08:59:56 GMT - Sun, 07 Jul 2024 21:59:00 GMT File type ISO Media, MP4 v2 [ISO 14496-14] Size 362 kB (362447 bytes) Hash f2d9f8d3f4f5e49bc0abcee950a5f982 c50cf9928e75954c4a192ef77469fb276f88cbc7 3afc095150562a4ecce69abf62467ecf77c70943404d321c23d6dd98b98573bb HTTP Headers `GET /bn/c50/cf9/928/c50cf9928e75954c4a192ef77469fb276f88cbc7.mp4 HTTP/1.1 Host: cdn.cloudfrale.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache` HTTP/2 206 Partial Content date: Tue, 30 Apr 2024 19:41:06 GMT content-type: video/mp4 content-length: 362447 server: nginx/1.24.0 etag: f2d9f8d3f4f5e49bc0abcee950a5f982 last-modified: Sun, 05 Nov 2023 16:10:35 GMT x-timestamp: 1699200634.90242 x-trans-id: tx0dd563fe840c4ecaba186-0065ccb679 x-openstack-request-id: tx0dd563fe840c4ecaba186-0065ccb679 access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp expires: Thu, 02 May 2024 19:41:06 GMT cache-control: max-age=172800 x-proxy-cache: HIT access-control-allow-origin: * content-range: bytes 0-362446/362447 X-Firefox-Spdy: h2

	images2.imgbox.com/14/23/dyLVNe3D_o.gif	212.63.223.225	200 OK	661 kB
URL GET HTTP/1.1 images2.imgbox.com/14/23/dyLVNe3D_o.gif IP 212.63.223.225:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imgbox.com FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92 ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type GIF image data, version 89a, 200 x 200 Size 661 kB (660635 bytes) Hash 761d52652e04357c1d7a8cf061f4f31b 495f2dbbb7b04a34ea056f37c0efc96bafd7cc72 7f50ae32d20c717e634619b3c518ba28ec164864854af91096faafe8f96fa6a7 HTTP Headers `GET /14/23/dyLVNe3D_o.gif HTTP/1.1 Host: images2.imgbox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Tue, 30 Apr 2024 19:41:06 GMT Content-Type: image/gif Content-Length: 660635 vary: x-s-token last-modified: Thu, 08 Dec 2022 23:15:40 GMT etag: "a149b-5ef5937273f00" X-Cache: HIT X-Whom: srv1535 Accept-Ranges: bytes`

	84gs08xe1.com/solid.gif?z=1997409&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1	212.117.190.201	200 OK	43 B
URL POST HTTP/2 84gs08xe1.com/solid.gif?z=1997409&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1 IP 212.117.190.201:443 ASN #7979 SERVERS-COM Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint2E:BB:12:7D:D0:64:37:24:6A:22:94:BC:E9:DD:26:B3:DA:01:C9:2C ValiditySat, 27 Apr 2024 13:01:10 GMT - Wed, 23 Oct 2024 21:59:00 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 HTTP Headers POST /solid.gif?z=1997409&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1 HTTP/1.1 Host: 84gs08xe1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 43 x-route-id: stats.tag.loaded set-cookie: CHCK=1; Path=/; Expires=Tue, 03 Jun 2025 19:41:06 GMT; Secure; SameSite=None UID=2404301441d254a25f004c4a0c87c66dac6b; Path=/; Expires=Tue, 03 Jun 2025 19:41:06 GMT; Secure; SameSite=None timing-allow-origin: * accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data X-Firefox-Spdy: h2

	static.javhdhello.com/h5/files/overlay/1602-overlay-preview.png	185.76.9.14	200 OK	1.5 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/overlay/1602-overlay-preview.png IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size 1.5 kB (1546 bytes) Hash 7083a71bc40e5d85670940c518cacca2 a2caeb7c6ca3960af2881434fb0df0c2241d7288 7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a HTTP Headers GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: image/png content-length: 1546 last-modified: Wed, 20 Apr 2022 13:56:48 GMT etag: "62601120-60a" expires: Tue, 23 May 2023 11:04:47 GMT cache-control: max-age=31536000 access-control-allow-origin: * server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-77-nzt: EQwBuUwJDQH3gqvEAQ x-77-nzt-ray: c0a4cc28ca8db49d534931666226b407 x-accel-expires: @1716375889 x-accel-date: 1684839889 x-cache: HIT x-age: 29666178 x-77-pop: stockholmSE x-77-cache: HIT x-77-age: 29666178 accept-ranges: bytes

	static.javhdhello.com/h5/files/overlay/1602-overlay.png	185.76.9.14	200 OK	1.8 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/overlay/1602-overlay.png IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size 1.8 kB (1839 bytes) Hash f4403fc07b7c414db6ec613317885035 457d3e8f9e9fb0456292efdbd5f18b318e804ea7 00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7 HTTP Headers GET /h5/files/overlay/1602-overlay.png HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: image/png content-length: 1839 last-modified: Wed, 20 Apr 2022 13:56:47 GMT etag: "6260111f-72f" expires: Tue, 23 May 2023 11:04:47 GMT cache-control: max-age=31536000 access-control-allow-origin: * server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-77-nzt: EQwBuUwJDQH3gqvEAQ x-77-nzt-ray: c0a4cc28ca8d039e53493166fbc10608 x-accel-expires: @1716375889 x-accel-date: 1684839889 x-cache: HIT x-age: 29666178 x-77-pop: stockholmSE x-77-cache: HIT x-77-age: 29666178 accept-ranges: bytes

	static.javhdhello.com/h5/files/button/29-button.png	185.76.9.14	200 OK	733 B
URL GET HTTP/3 static.javhdhello.com/h5/files/button/29-button.png IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size 733 B (733 bytes) Hash 82a66a2d222379716ca9a03ff50d8f42 ae43d917ff791f9172edc527baa6266416182aaa cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de HTTP Headers GET /h5/files/button/29-button.png HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: image/png content-length: 733 last-modified: Tue, 22 Dec 2015 18:41:22 GMT etag: "56799952-2dd" expires: Tue, 23 May 2023 11:04:47 GMT cache-control: max-age=31536000 access-control-allow-origin: * server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-77-nzt: EQwBuUwJDQH3gqvEAQ x-77-nzt-ray: c0a4cc28ca8d0b9e5349316614c30f08 x-accel-expires: @1716375889 x-accel-date: 1684839889 x-cache: HIT x-age: 29666178 x-77-pop: stockholmSE x-77-cache: HIT x-77-age: 29666178 accept-ranges: bytes

	vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/index.m3u8	156.238.193.50	200 OK	513 kB
URL GET HTTP/2 vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/index.m3u8 IP 156.238.193.50:443 ASN #50183 CenturyNetworks Ltd Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerUnizeto Technologies S.A. Subject.fhbf9.com Fingerprint08:0B:00:08:43:12:D4:22:72:88:35:5F:D0:EC:4C:DE:4A:2E:CD:AD ValidityTue, 05 Sep 2023 10:01:23 GMT - Fri, 04 Oct 2024 10:01:22 GMT File type M3U playlist, ASCII text Size 513 kB (513016 bytes) Hash 0247a56fa169032ac0c5d39f8e182e1e 1bf76a79fea9a58c10ef2f1d975c8579629b438c e397c6ddfd60b66435f427a89da2c3a9b37eba513422dda1be13e9e11a3b1aea HTTP Headers `GET /20211012/hmJNrhvQ/800kb/hls/index.m3u8 HTTP/1.1 Host: vip2.fhbf9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: openresty date: Tue, 30 Apr 2024 19:41:06 GMT content-type: application/vnd.apple.mpegURL x-powered-by: Express access-control-allow-origin: * access-control-allow-headers: X-Requested-With access-control-allow-methods: POST, GET, OPTIONS expires: Wed, 01 May 2024 07:41:06 GMT cache-control: max-age=43200 x-cache-key: fanhao/20211012/hmJNrhvQ/800kb/hls/index.m3u8 X-Firefox-Spdy: h2`

	static.javhdhello.com/h5/files/video/7391-17942-300x250.medium.mp4	185.76.9.14	206 Partial Content	4.1 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/video/7391-17942-300x250.medium.mp4 IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type data Size 4.1 kB (4066 bytes) Hash 3f860a94717605689501522c5b264bd2 ab5213e5d7b74140be5969f3203d9180ec838226 85cd6fd99da275c00a1aef87a4393a8d14d261cff6935d7d78c348a8e68ab9c0 HTTP Headers GET /h5/files/video/7391-17942-300x250.medium.mp4 HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=1671168- DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 206 Partial Content date: Tue, 30 Apr 2024 19:41:07 GMT content-type: video/mp4 content-length: 4066 last-modified: Thu, 19 Oct 2023 16:54:52 GMT etag: "65315f5c-198fe2" expires: Fri, 02 Feb 2024 15:11:13 GMT cache-control: max-age=86400 access-control-allow-origin: * x-77-nzt: EwwBuUwJDQH3yj4AAAwBuUwKEwH31R8AAAwBisclxAH3BvUAAA x-77-nzt-ray: c0a4cc28ca8d35a75349316629cbf010 x-accel-expires: @1714576367 x-accel-date: 1714489993 x-77-cache: HIT x-77-age: 16074 x-cache-lb: HIT x-age-lb: 8149 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 16074 x-77-pop: stockholmSE content-range: bytes 1671168-1675233/1675234

	555bbb777www.com/2375d885d80c4a798b3a246e1da8445e.gif	67.21.86.36	200 OK	276 kB
URL GET HTTP/1.1 555bbb777www.com/2375d885d80c4a798b3a246e1da8445e.gif IP 67.21.86.36:443 ASN #46844 SHARKTECH Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subject333bbb666www.com FingerprintC2:0D:FC:64:B3:A3:78:DB:EA:4F:0C:0A:3A:21:DB:4F:FC:09:21:DA ValidityThu, 04 Apr 2024 12:17:04 GMT - Wed, 03 Jul 2024 12:17:03 GMT File type GIF image data, version 89a, 960 x 120 Size 276 kB (275557 bytes) Hash 11860f404faba7f60bb234c85667399a 4fe02c13af45dd4cabbb1a382ad822b0552cbf02 da719a94a6242190011b6b84f65cb5ddd9a7c378a3769a0fa1579816f806656d HTTP Headers `GET /2375d885d80c4a798b3a246e1da8445e.gif HTTP/1.1 Host: 555bbb777www.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 19:41:06 GMT Content-Type: image/gif Content-Length: 275557 Connection: keep-alive Last-Modified: Fri, 26 Apr 2024 11:26:49 GMT ETag: "662b8f79-43465" Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/mrsJqrj6.ts	156.238.193.50	200 OK	333 kB
URL GET HTTP/2 vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/mrsJqrj6.ts IP 156.238.193.50:443 ASN #50183 CenturyNetworks Ltd Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerUnizeto Technologies S.A. Subject.fhbf9.com Fingerprint08:0B:00:08:43:12:D4:22:72:88:35:5F:D0:EC:4C:DE:4A:2E:CD:AD ValidityTue, 05 Sep 2023 10:01:23 GMT - Fri, 04 Oct 2024 10:01:22 GMT File type data Size 333 kB (332760 bytes) Hash da7394af1e62b6e2f4dbed382a9c6c07 4e5cf660cc6f111855dbc4eea1044c2926564acb 5da58d232a84e493e52e5ddb8032773ff2dfcefc21624e385695e84b47323cf4 HTTP Headers `GET /20211012/hmJNrhvQ/800kb/hls/mrsJqrj6.ts HTTP/1.1 Host: vip2.fhbf9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: openresty date: Tue, 30 Apr 2024 19:41:07 GMT content-type: application/octet-stream content-length: 332760 last-modified: Tue, 12 Oct 2021 20:59:07 GMT content-disposition: attachment; filename="mrsJqrj6.ts" etag: "6165f71b-513d8" access-control-allow-origin: * access-control-allow-headers: X-Requested-With access-control-allow-methods: POST, GET, OPTIONS expires: Wed, 30 Apr 2025 19:41:07 GMT cache-control: max-age=31536000 x-cache-status: HIT x-cache-key: fanhao/20211012/hmJNrhvQ/800kb/hls/mrsJqrj6.ts accept-ranges: bytes X-Firefox-Spdy: h2

	static.javhdhello.com/h5/files/video/7391-17942-300x250.medium.mp4	185.76.9.14	206 Partial Content	259 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/video/7391-17942-300x250.medium.mp4 IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type data Size 259 kB (259318 bytes) Hash fd1ff59a7b01983f442b03bfeb2f2a41 fcc58c6ff2fc70ba017363997e28e2f706a4576c effc0001cd1257f95e8dddcaf9c0df422045844d578b67a7dcb1792e62ad4cfc HTTP Headers GET /h5/files/video/7391-17942-300x250.medium.mp4 HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=32768- DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 206 Partial Content date: Tue, 30 Apr 2024 19:41:07 GMT content-type: video/mp4 content-length: 1642466 last-modified: Thu, 19 Oct 2023 16:54:52 GMT etag: "65315f5c-198fe2" expires: Fri, 02 Feb 2024 15:11:13 GMT cache-control: max-age=86400 access-control-allow-origin: * x-77-nzt: EwwBuUwJDQH3yj4AAAwBuUwKEwH31R8AAAwBisclxAH3BvUAAA x-77-nzt-ray: c0a4cc28ca8d5ba8534931664d253112 x-accel-expires: @1714576367 x-accel-date: 1714489993 x-77-cache: HIT x-77-age: 16074 x-cache-lb: HIT x-age-lb: 8149 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 16074 x-77-pop: stockholmSE content-range: bytes 32768-1675233/1675234

	thumbs4.imagebam.com/c0/af/fc/MEP35MT_t.GIF	212.63.223.227	200 OK	601 kB
URL GET HTTP/1.1 thumbs4.imagebam.com/c0/af/fc/MEP35MT_t.GIF IP 212.63.223.227:443 ASN #50827 SpaceDump IT AB Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerGoGetSSL Subject.imagebam.com FingerprintC5:CD:16:6E:B3:3F:39:C6:11:94:2C:AA:7F:3E:E6:2C:FC:68:07:8A ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT File type GIF image data, version 89a, 100 x 92 Size 601 kB (601441 bytes) Hash 1cf9c89cf3066dcaec8120ac3d583fe2 3bee0da5184ae911e425add7fbcc72f2127892e9 ea9145f74bde32b8c641d3ac768e466cfba9cbc7a006d73a2b6aa084e0cd2b2a HTTP Headers `GET /c0/af/fc/MEP35MT_t.GIF HTTP/1.1 Host: thumbs4.imagebam.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK server: nginx/1.18.0 date: Tue, 30 Apr 2024 19:41:06 GMT content-type: image/gif content-length: 601441 vary: x-s-token last-modified: Fri, 22 Sep 2023 04:14:13 GMT etag: "92d61-605ead75befd0" x-cache: HIT x-whom: srv1535 accept-ranges: bytes`

	vip2.fhbf9.com/20211012/hmJNrhvQ/index.m3u8	156.238.193.50	200 OK	10 kB
URL GET HTTP/2 vip2.fhbf9.com/20211012/hmJNrhvQ/index.m3u8 IP 156.238.193.50:443 ASN #50183 CenturyNetworks Ltd Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerUnizeto Technologies S.A. Subject.fhbf9.com Fingerprint08:0B:00:08:43:12:D4:22:72:88:35:5F:D0:EC:4C:DE:4A:2E:CD:AD ValidityTue, 05 Sep 2023 10:01:23 GMT - Fri, 04 Oct 2024 10:01:22 GMT File type data Size 10 kB (10000 bytes) Hash 7e93fab43b450d00b7b95cad4fecba01 71a2cf325a089c08ac4018c92e1d0fbd9e30d3aa 3f899c899d5896c9050ec4d9e156365fa82f6d0eb6f3060b659a0219856cef0b HTTP Headers `GET /20211012/hmJNrhvQ/index.m3u8 HTTP/1.1 Host: vip2.fhbf9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: openresty date: Tue, 30 Apr 2024 19:41:06 GMT content-type: application/vnd.apple.mpegURL x-powered-by: Express access-control-allow-origin: * access-control-allow-headers: X-Requested-With access-control-allow-methods: POST, GET, OPTIONS expires: Wed, 01 May 2024 07:41:06 GMT cache-control: max-age=43200 x-cache-key: fanhao/20211012/hmJNrhvQ/index.m3u8 X-Firefox-Spdy: h2`

	vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/3u9sbdy2.ts	156.238.193.50	200 OK	296 kB
URL GET HTTP/2 vip2.fhbf9.com/20211012/hmJNrhvQ/800kb/hls/3u9sbdy2.ts IP 156.238.193.50:443 ASN #50183 CenturyNetworks Ltd Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerUnizeto Technologies S.A. Subject.fhbf9.com Fingerprint08:0B:00:08:43:12:D4:22:72:88:35:5F:D0:EC:4C:DE:4A:2E:CD:AD ValidityTue, 05 Sep 2023 10:01:23 GMT - Fri, 04 Oct 2024 10:01:22 GMT File type data Size 296 kB (296476 bytes) Hash d8dc174c4000b74186b0b5cd53dd7b28 8f6ca7e29ea2486735568f29a68076df07bcc9ea abd0b6df0fac1479a6c298bff52a773963fec899867978b51a9cf7d355e5760f HTTP Headers `GET /20211012/hmJNrhvQ/800kb/hls/3u9sbdy2.ts HTTP/1.1 Host: vip2.fhbf9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://zawadilatumaini.com DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: openresty date: Tue, 30 Apr 2024 19:41:07 GMT content-type: application/octet-stream content-length: 296476 last-modified: Tue, 12 Oct 2021 20:58:30 GMT content-disposition: attachment; filename="3u9sbdy2.ts" etag: "6165f6f6-4861c" access-control-allow-origin: * access-control-allow-headers: X-Requested-With access-control-allow-methods: POST, GET, OPTIONS expires: Wed, 30 Apr 2025 19:41:07 GMT cache-control: max-age=31536000 x-cache-status: HIT x-cache-key: fanhao/20211012/hmJNrhvQ/800kb/hls/3u9sbdy2.ts accept-ranges: bytes X-Firefox-Spdy: h2

	d20o2isj6ap0eq.cloudfront.net/ad-img/gif/2024-01-18-1.png	54.230.241.47	200 OK	194 kB
URL GET HTTP/2 d20o2isj6ap0eq.cloudfront.net/ad-img/gif/2024-01-18-1.png IP 54.230.241.47:443 ASN #16509 AMAZON-02 Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced Size 194 kB (194256 bytes) Hash c60e55428e9136dbd490803fef52d1e5 579fa81848c85a0c619ede24aef01961fe20743c 79144e36afd8c10866ff1444090e433e9349dc941a0c1133fa68a080551350bb HTTP Headers `GET /ad-img/gif/2024-01-18-1.png HTTP/1.1 Host: d20o2isj6ap0eq.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 194256 last-modified: Thu, 18 Jan 2024 03:36:32 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: MWg0TVGVwwnHXNcE6nALu55SLMS35dW6 accept-ranges: bytes server: AmazonS3 date: Tue, 30 Apr 2024 03:17:19 GMT etag: "c60e55428e9136dbd490803fef52d1e5" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: EQxpZvtGn5l0jcSsKKbab9qZH3SKjlK12W4v3i1znOAufYQurw1w7A== age: 59150 X-Firefox-Spdy: h2

	a.magsrv.com/ad-provider.js	185.76.9.19	200 OK	165 kB
URL GET HTTP/2 a.magsrv.com/ad-provider.js IP 185.76.9.19:443 ASN #60068 Datacamp Limited Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT File type JavaScript source, ASCII text, with very long lines (34846) Size 165 kB (164763 bytes) Hash 23dca35363e4f4fbf7671ab6c7755f84 057432c37ba5cf65231392a9e07a565ef6689ece 8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370 HTTP Headers `GET /ad-provider.js HTTP/1.1 Host: a.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"057432c37ba5cf65231392a9e07" accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version expires: Tue, 30 Apr 2024 17:02:13 GMT cache-control: max-age=10800 x-robots-tag: noindex, follow access-control-allow-origin: * x-77-nzt: EwwBuUwJDQH3iBoAAAwBuUwKEwH3qQAAAAwB1GY4EQH3iQoAAA x-77-nzt-ray: c0a4cc284d8418b44f493166acdbff22 x-accel-expires: @1714510071 x-accel-date: 1714499271 x-77-cache: HIT x-77-age: 6792 content-encoding: gzip server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 6792 x-77-pop: stockholmSE X-Firefox-Spdy: h2

	uu11661.com/f80ae992fca78728346d70073566269e.gif	0.0.0.0		0 B
URL GET uu11661.com/f80ae992fca78728346d70073566269e.gif IP 0.0.0.0:0 ASN #0 Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectuu11661.com FingerprintD3:8C:FB:80:BE:AB:8C:FD:88:EF:40:96:F9:4D:78:B1:9E:26:01:3D ValiditySun, 28 Apr 2024 15:53:25 GMT - Sat, 27 Jul 2024 15:53:24 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /f80ae992fca78728346d70073566269e.gif HTTP/1.1 Host: uu11661.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK cache-control: max-age=2592000 content-encoding: gzip content-type: image/gif date: Tue, 30 Apr 2024 15:57:14 GMT etag: W/"645e2872-47dfe" expires: Thu, 30 May 2024 15:57:14 GMT last-modified: Tue, 30 Apr 2024 15:57:14 GMT server: nginx vary: Accept-Encoding x-cache: HIT, policy, disk X-Firefox-Spdy: h2`

	static.javhdhello.com/h5/files/css/style.css	185.76.9.14	200 OK	2.0 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/css/style.css IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type ASCII text, with very long lines (2098), with no line terminators Size 2.0 kB (1981 bytes) Hash 17e0f04a6abd6363cebb6b78ace070ca f5913c8083b7bb7d31a03722a2504f55530f9959 4ff86eaa04fe436210b5190d598eb3e4122d2962ada68abadb7ec554a5f1862e HTTP Headers GET /h5/files/css/style.css HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: text/css last-modified: Wed, 25 May 2016 08:29:12 GMT etag: W/"57456258-7bd" expires: Tue, 23 May 2023 11:04:47 GMT cache-control: max-age=31536000 access-control-allow-origin: * server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-77-nzt: EQwBuUwJDQH3g6vEAQ x-77-nzt-ray: c0a4cc28ca8d809d534931665eae8f07 x-accel-expires: @1716375888 x-accel-date: 1684839888 x-cache: HIT x-age: 29666179 x-77-pop: stockholmSE x-77-cache: HIT x-77-age: 29666179 vary: Accept-Encoding content-encoding: gzip

	84gs08xe1.com/aas/r45d/vki/1997409/3ac833c7.js	212.117.190.201	200 OK	106 kB
URL GET HTTP/2 84gs08xe1.com/aas/r45d/vki/1997409/3ac833c7.js IP 212.117.190.201:443 ASN #7979 SERVERS-COM Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint2E:BB:12:7D:D0:64:37:24:6A:22:94:BC:E9:DD:26:B3:DA:01:C9:2C ValiditySat, 27 Apr 2024 13:01:10 GMT - Wed, 23 Oct 2024 21:59:00 GMT File type JavaScript source, ASCII text, with very long lines (65106) Size 106 kB (106460 bytes) Hash 706952cdf2ff5aac5ac411a22d2dda86 3d06767ef3bde1b93f237a0cd94e06f2b992486e f4d1a5fe4d4ca6e55feaa9eefb7e3f85ab53b69a71cf1c71a44da6dc5c78e8cf HTTP Headers `GET /aas/r45d/vki/1997409/3ac833c7.js HTTP/1.1 Host: 84gs08xe1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:06 GMT content-type: application/javascript last-modified: Thu, 25 Apr 2024 17:06:20 GMT vary: Accept-Encoding etag: W/"662a8d8c-1a022" x-js-ab2: current timing-allow-origin: * accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding: gzip X-Firefox-Spdy: h2

	a.magsrv.com/ad-provider.js	185.76.9.19	200 OK	165 kB
URL GET HTTP/3 a.magsrv.com/ad-provider.js IP 185.76.9.19:443 ASN #60068 Datacamp Limited Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT File type JavaScript source, ASCII text, with very long lines (34846) Size 165 kB (164763 bytes) Hash 23dca35363e4f4fbf7671ab6c7755f84 057432c37ba5cf65231392a9e07a565ef6689ece 8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370 HTTP Headers `GET /ad-provider.js HTTP/1.1 Host: a.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript vary: Accept-Encoding etag: W/"057432c37ba5cf65231392a9e07" accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version expires: Tue, 30 Apr 2024 17:02:13 GMT cache-control: max-age=10800 x-robots-tag: noindex, follow access-control-allow-origin: * x-77-nzt: EwwBuUwJDQH3iBoAAAwBuUwKEwH3qQAAAAwB1GY4EQH3iQoAAA x-77-nzt-ray: c0a4cc28538e48cc4f493166019ae02f x-accel-expires: @1714510071 x-accel-date: 1714499271 x-77-cache: HIT x-77-age: 6792 content-encoding: gzip server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 6792 x-77-pop: stockholmSE

	zawadilatumaini.com/favicon.ico	172.67.196.154	200 OK	68 kB
URL GET HTTP/3 zawadilatumaini.com/favicon.ico IP 172.67.196.154:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectzawadilatumaini.com Fingerprint9F:C0:74:1F:C7:36:45:1D:88:67:BC:E2:19:DD:BD:09:31:FD:DE:F3 ValidityWed, 03 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Size 68 kB (67646 bytes) Hash 442f7210f6b618147c3e00e98274007e 503266e86c13136efe81e761bc23348f5699bd88 5b2a62fcea48c3d149b4ebf234643e6cb160144c726393b8a6308f168e648339 HTTP Headers GET /favicon.ico HTTP/1.1 Host: zawadilatumaini.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://zawadilatumaini.com/vodplay/17280.shtml DNT: 1 Connection: keep-alive Cookie: JSESSIONID=DXezr4cRXBzAmFcvnknIj-D3_Ad7xBls-2AZ8Fw8; wxxu=QlU9P1luV0txcQVyTwlEcniyUH2nRvHrPQpuaFN_tl5tukRatkSkslBMZlawZ6ZPS4umD92mn5NcrQET6U-cvQQ; srcd=false-pf-Linux%20x86_64-h-1024-w-1280; _ga_ZEJMN4V43H=GS1.1.1714506064.1.0.1714506064.0.0.0; _ga=GA1.1.1209996462.1714506064; bnState_1997345={"impressions":1,"delayStarted":0} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: image/x-icon last-modified: Thu, 02 Nov 2023 05:12:04 GMT etag: W/"65432fa4-1083e" expires: Thu, 30 May 2024 17:30:23 GMT cache-control: max-age=2678400 strict-transport-security: max-age=31536000 cf-cache-status: HIT age: 7844 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Pxrti%2BlKXYMzkfZ9vUenTRamyF2HePkaxO%2BMbn4blA6PKseoBoACHCsmb2Rusm0PyeQs2fIPSVRY0YmnS8q6g0hqeh3j3dv%2BK3mMpkeVrJ4Yr3NwuT0EHoTXjrXkaB9CFKwqpRf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01e9b9c5b521-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	zawadilatumaini.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	172.67.196.154	200 OK	1.2 kB
URL GET HTTP/3 zawadilatumaini.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.196.154:443 ASN #13335 CLOUDFLARENET Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerCloudflare, Inc. Subjectzawadilatumaini.com Fingerprint9F:C0:74:1F:C7:36:45:1D:88:67:BC:E2:19:DD:BD:09:31:FD:DE:F3 ValidityWed, 03 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1271), with no line terminators Size 1.2 kB (1239 bytes) Hash 40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c HTTP Headers GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: zawadilatumaini.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://zawadilatumaini.com/vodplay/17280.shtml DNT: 1 Connection: keep-alive Cookie: JSESSIONID=DXezr4cRXBzAmFcvnknIj-D3_Ad7xBls-2AZ8Fw8; wxxu=QlU9P1luV0txcQVyTwlEcniyUH2nRvHrPQpuaFN_tl5tukRatkSkslBMZlawZ6ZPS4umD92mn5NcrQET6U-cvQQ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript last-modified: Tue, 23 Apr 2024 17:56:46 GMT etag: W/"6627f65e-4d7" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfEiEKVz5lCa%2Bgq2iPv3ee%2BQbPu4lvpeC%2FE1wcQ9wu38R3lmHPY0i%2FvSpwS4mHjRnYOrciCZIx09W8mSXFCehVtncUTP0zWX3DF2OmkzrN8NLl0AZhWRc9zF3kTeifYGUwgbF17a"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87ca01d04f64b521-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Thu, 02 May 2024 19:41:03 GMT cache-control: max-age=172800, public content-encoding: gzip

	static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0	185.76.9.14	200 OK	3.4 kB
URL GET HTTP/2 static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://r.trackwilltrk.com/s1/9fd95b99-f88f-4693-b956-e7985beff03b?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=130278&cv4=284234&cv5=1004411&cv6= Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type HTML document, ASCII text, with very long lines (3586), with no line terminators Size 3.4 kB (3370 bytes) Hash 2910b48a4ce0b3c3d25c33e86ed55a37 5a8177b253657bee47e58f72607afee4cd6a2a5f 85e580d96d3bc7df82ea1a1fe806b081ef8a3b6b9142efe38613542be237ee74 HTTP Headers GET /h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://r.trackwilltrk.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: text/html vary: Accept-Encoding last-modified: Mon, 27 Nov 2023 08:16:35 GMT etag: W/"65645063-d2a" expires: Fri, 29 Mar 2024 16:36:52 GMT cache-control: max-age=2592000 access-control-allow-origin: * x-77-nzt: EwwBuUwJDQHXR7cCAAwBuUwKAQH3EGMAAAgBnJIhHwGB x-77-nzt-ray: c0a4cc28cd9502975349316691333e03 x-accel-expires: @1716919296 x-77-cache: HIT content-encoding: gzip x-accel-date: 1714328076 x-77-age: 177991 server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-cache: HIT x-age: 177991 x-77-pop: stockholmSE X-Firefox-Spdy: h2

	t7cp4fldl.com/get/1997345?zoneid=1997345&jp=_clfwum3794zjfesndhu4me&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771536566652416&eclog=0&im=1&freq=0&uf=0	212.117.190.201	200 OK	4.2 kB
URL GET HTTP/2 t7cp4fldl.com/get/1997345?zoneid=1997345&jp=_clfwum3794zjfesndhu4me&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771536566652416&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201:443 ASN #7979 SERVERS-COM Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint1E:73:92:9F:14:DF:47:2D:DB:3D:0B:6D:38:9F:71:8C:33:6D:14:F2 ValidityTue, 09 Jan 2024 13:35:36 GMT - Sat, 06 Jul 2024 21:59:00 GMT File type ASCII text, with very long lines (4247), with no line terminators Size 4.2 kB (4167 bytes) Hash 1cf416eb90cd9bd6f0deb7360208dc08 c266df2cc9486b389c8a52e631fb7ef9a4a753db 484bcf697188536843b53414b9e1338822495752eb90dad7d3a125dbc7c0a84c HTTP Headers GET /get/1997345?zoneid=1997345&jp=_clfwum3794zjfesndhu4me&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771536566652416&eclog=0&im=1&freq=0&uf=0 HTTP/1.1 Host: t7cp4fldl.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:04 GMT content-type: text/javascript; charset=utf-8 vary: Accept-Encoding x-route-id: config set-cookie: CHCK=1; Path=/; Expires=Tue, 03 Jun 2025 19:41:04 GMT; Secure; SameSite=None UID=240430144143705837e50a4f0d9cc549033f; Path=/; Expires=Tue, 03 Jun 2025 19:41:04 GMT; Secure; SameSite=None content-encoding: gzip timing-allow-origin: * accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data X-Firefox-Spdy: h2

	static.javhdhello.com/h5/files/css/style.css	185.76.9.14	200 OK	2.0 kB
URL GET HTTP/3 static.javhdhello.com/h5/files/css/style.css IP 185.76.9.14:443 ASN #60068 Datacamp Limited Requested by https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Certificate IssuerLet's Encrypt Subject1079288232.rsc.cdn77.org Fingerprint78:13:B0:32:3C:BF:6D:36:3E:80:C9:CB:0B:C3:74:8D:B6:4D:53:63 ValiditySat, 27 Apr 2024 14:33:24 GMT - Fri, 26 Jul 2024 14:33:23 GMT File type ASCII text, with very long lines (2098), with no line terminators Size 2.0 kB (1981 bytes) Hash 17e0f04a6abd6363cebb6b78ace070ca f5913c8083b7bb7d31a03722a2504f55530f9959 4ff86eaa04fe436210b5190d598eb3e4122d2962ada68abadb7ec554a5f1862e HTTP Headers GET /h5/files/css/style.css HTTP/1.1 Host: static.javhdhello.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.javhdhello.com/h5/files/17527/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff95d4b5b-1d90-468e-a078-4a3041bc0aec%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D130278%26cv4%3D284234%26cv5%3D1004411%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyODE5NTgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsImZsIjowLCJvIjoyLCJwIjoxLCJzIjoyODg3NH0 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Tue, 30 Apr 2024 19:41:07 GMT content-type: text/css last-modified: Wed, 25 May 2016 08:29:12 GMT etag: W/"57456258-7bd" expires: Tue, 23 May 2023 11:04:47 GMT cache-control: max-age=31536000 access-control-allow-origin: * server: CDN77-Turbo alt-svc: h3=":443"; ma=86400 x-77-nzt: EQwBuUwJDQH3g6vEAQ x-77-nzt-ray: c0a4cc28ca8dee9e534931662f40e808 x-accel-expires: @1716375888 x-accel-date: 1684839888 x-cache: HIT x-age: 29666179 x-77-pop: stockholmSE x-77-cache: HIT x-77-age: 29666179 vary: Accept-Encoding content-encoding: gzip

	zawadilatumaini.com/vodplay/17280.shtml	172.67.196.154	200 OK	92 kB
URL User Request GET HTTP/2 zawadilatumaini.com/vodplay/17280.shtml IP 172.67.196.154:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectzawadilatumaini.com Fingerprint9F:C0:74:1F:C7:36:45:1D:88:67:BC:E2:19:DD:BD:09:31:FD:DE:F3 ValidityWed, 03 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 92 kB (92448 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /vodplay/17280.shtml HTTP/1.1 Host: zawadilatumaini.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 30 Apr 2024 19:41:03 GMT content-type: text/html;charset=UTF-8 set-cookie: JSESSIONID=DXezr4cRXBzAmFcvnknIj-D3_Ad7xBls-2AZ8Fw8; path=/ wxxu=QlU9P1luV0txcQVyTwlEcniyUH2nRvHrPQpuaFN_tl5tukRatkSkslBMZlawZ6ZPS4umD92mn5NcrQET6U-cvQQ; path=/; HttpOnly; Max-Age=86400; Expires=Wed, 01-May-2024 19:41:03 GMT content-language: en-US strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hlga6t4LIpKmMODmXSNRUD3ZsIgRXXrFjCWJvn0vilJbKzWXoxCvCSz1K6oKJO0XwZEhjSuvXBG9l4N%2FQBsbdP4TGrk7KmEr4F63MGWkHXLU02RHTKAPprupbU6%2BxBa9JJBJ4uhm"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 87ca01cb4ffa5694-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	t7cp4fldl.com/lv/esnk/1997345/code.js	212.117.190.201	200 OK	116 kB
URL GET HTTP/2 t7cp4fldl.com/lv/esnk/1997345/code.js IP 212.117.190.201:443 ASN #7979 SERVERS-COM Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint1E:73:92:9F:14:DF:47:2D:DB:3D:0B:6D:38:9F:71:8C:33:6D:14:F2 ValidityTue, 09 Jan 2024 13:35:36 GMT - Sat, 06 Jul 2024 21:59:00 GMT File type JavaScript source, ASCII text, with very long lines (65107) Size 116 kB (115697 bytes) Hash 12353b371bf1f96e3ede093b4d457b0b 678532eef9e1d50b1dd0e24318ba7c9ab3fc0605 5a1bd7593b813786f39a518d73e6ed6663041018e9ccf6325c77c8f9ce5926e8 HTTP Headers `GET /lv/esnk/1997345/code.js HTTP/1.1 Host: t7cp4fldl.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:03 GMT content-type: application/javascript last-modified: Thu, 25 Apr 2024 17:06:20 GMT vary: Accept-Encoding etag: W/"662a8d8c-1c437" x-js-ab2: current timing-allow-origin: * accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding: gzip X-Firefox-Spdy: h2

	84gs08xe1.com/get/1997409?zoneid=1997409&jp=_clkjfpurlmxy7jet9zzi6r&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1&uf=0	212.117.190.201	200 OK	37 B
URL GET HTTP/2 84gs08xe1.com/get/1997409?zoneid=1997409&jp=_clkjfpurlmxy7jet9zzi6r&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1&uf=0 IP 212.117.190.201:443 ASN #7979 SERVERS-COM Requested by https://zawadilatumaini.com/vodplay/17280.shtml Certificate IssuerBuypass AS-983163327 Subject Fingerprint2E:BB:12:7D:D0:64:37:24:6A:22:94:BC:E9:DD:26:B3:DA:01:C9:2C ValiditySat, 27 Apr 2024 13:01:10 GMT - Wed, 23 Oct 2024 21:59:00 GMT File type ASCII text, with no line terminators Size 37 B (37 bytes) Hash 26c0446473cdbedd7eb18169ae75e0fd c2a8a31848b22f49c044d0e8f2b4a48e856e08b8 c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 HTTP Headers GET /get/1997409?zoneid=1997409&jp=_clkjfpurlmxy7jet9zzi6r&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023336380492288&eclog=0&im=1&uf=0 HTTP/1.1 Host: 84gs08xe1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://zawadilatumaini.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Tue, 30 Apr 2024 19:41:06 GMT content-type: text/javascript vary: Accept-Encoding x-route-id: config set-cookie: CHCK=1; Path=/; Expires=Tue, 03 Jun 2025 19:41:06 GMT; Secure; SameSite=None UID=240430144192feef718ff84d82b625c64a8c; Path=/; Expires=Tue, 03 Jun 2025 19:41:06 GMT; Secure; SameSite=None content-encoding: gzip timing-allow-origin: * accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL