watchseriesproject.com/episode/family-guy-season-8-episode-2/
104.21.49.251301 Moved Permanently 0 B URL HTTP/1.1 watchseriesproject.com/episode/family-guy-season-8-episode-2/
IP 104.21.49.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /episode/family-guy-season-8-episode-2/ HTTP/1.1
Host: watchseriesproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 22:13:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 24 Sep 2022 23:13:32 GMT
Location: https://watchseriesproject.com/episode/family-guy-season-8-episode-2/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiwI9L9AWI8Pc4ARwoNDDk%2FCx37i6ECHDcnsw7mC2LKOSTvb1ZnMQDXfgRYtQEoanlNqNvUX8%2FjnRl9eKicv%2BqdIs%2FN9LTJwNBZpxXWmxGU3PQ52teA7H3fo029wk8x4N5aGy5eHiFRk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fede2ed8511c06-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 22:04:54 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S0haloZYylgmxP4VpYUVeax1NDHe1jLTORjPeJm9OhcIb_mdyGMNGw==
Age: 518
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9857
Expires: Sun, 25 Sep 2022 00:57:49 GMT
Date: Sat, 24 Sep 2022 22:13:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lzezMHvPeMqDkvuLxlqMbIaUzHqCkY1xJTDQaj7XuQD4qbdg1fVHJg==
age: 63498
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Sat, 24 Sep 2022 22:13:33 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba86fc8fccaae3e708817e746fc6d740
ef37e6e5c40cd4b21a381835f73c2d8b7df99680
0ff4c71f43a85c809c4bbbe319943af562a485f3d157625b3f2f7abd807b75e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF4C71F43A85C809C4BBBE319943AF562A485F3D157625B3F2F7ABD807B75E3"
Last-Modified: Sat, 24 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6128
Expires: Sat, 24 Sep 2022 23:55:41 GMT
Date: Sat, 24 Sep 2022 22:13:33 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
IP 172.217.21.170:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 15:28:35 GMT
expires: Thu, 21 Sep 2023 15:28:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 283498
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c94802d5de70d9614380b79893142d36
dc230d0264ac82f139fb83bce284a9c388a4a4e5
8f5660d86c94ae931469f2fcaef41a0dcc276357613414f4b3a0ceefa6ecd151
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F5660D86C94AE931469F2FCAEF41A0DCC276357613414F4B3A0CEEFA6ECD151"
Last-Modified: Fri, 23 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13105
Expires: Sun, 25 Sep 2022 01:51:58 GMT
Date: Sat, 24 Sep 2022 22:13:33 GMT
Connection: keep-alive
image.tmdb.org/t/p/w185/q3E71oY6qgAEiw6YZIHDlHSLwer.jpg
89.187.169.3200 OK 14 kB URL HTTP/2 image.tmdb.org/t/p/w185/q3E71oY6qgAEiw6YZIHDlHSLwer.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 9795bea6fbc2c93bddd43e61f56f1649
1213649d810bdc1f488a0796a806fcc96b9819ed
81d91f37713e800851e56d0954af2e02db7808638427eed7bf618c6bccd459ac
GET /t/p/w185/q3E71oY6qgAEiw6YZIHDlHSLwer.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: image/jpeg
content-length: 14521
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272e1e0-38b9"
last-modified: Wed, 04 May 2022 20:28:16 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:44:41
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 8c079ca35b2db00c897d1d848cfa98b1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
172.217.21.170200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP 172.217.21.170:0
Hash 6a250f9325a1058c15c90558411f4e43
b16f279804de06eecca71eeab2f9a0307ee2749c
25c2099b80060fa1f09d9357000732754d81c53d7fb11d1925a2143fb2d96794
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 22:13:33 GMT
date: Sat, 24 Sep 2022 22:13:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
untrendenam.com/tNQkRBXKTd9tBTzqW/29871
142.91.159.140200 OK 25 B URL HTTP/1.1 untrendenam.com/tNQkRBXKTd9tBTzqW/29871
IP 142.91.159.140:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tNQkRBXKTd9tBTzqW/29871 HTTP/1.1
Host: untrendenam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 22:13:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://watchseriesproject.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 25-Sep-2022 22:13:33 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 25-Sep-2022 22:13:33 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
Hash b048f6dcbba45231cce367563d3a86d3
dbe687474b72e16a90bea7bca01eb79445147999
35fabf499f73311776c0a948489c30106df4d73fe804eebd6292df92bd8a7db0
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 22:04:17 GMT
Expires: Sat, 24 Sep 2022 23:02:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dsMv2GKSpXoAt0pl-ldx8CY-4XiNXN9_RCjwB1k8zjModh_mcdVB3w==
Age: 556
www.intelligenceadx.com/jquery.jInvertScroll.min.js
185.76.9.15200 OK 47 kB URL HTTP/2 www.intelligenceadx.com/jquery.jInvertScroll.min.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65447)
Hash c6ed3bb51113d9aff92ecb84cf787148
1d2851efd145b661d2768959f3c7360583836d6c
e866a61e7e77344764685a0577831d23def5b178d0299538541ee36a330162e8
GET /jquery.jInvertScroll.min.js HTTP/1.1
Host: www.intelligenceadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Tue, 27 Sep 2022 06:32:52 GMT
access-control-allow-origin: *
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664260372
server: CDN77-Turbo
x-77-nzt: AblMCQ2y9dH/eSIGAA
x-77-nzt-ray: 6LwYadHbBng
x-cache: HIT
x-age: 402041
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
104.17.24.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2770935
expires: Thu, 14 Sep 2023 22:13:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iioeULYnx4WJjQcEBnVmvr0NHQboGSnIF%2BkdC%2FTVCGVFyRS5LfsmE4HqdbP7KXmj3UzWs%2B8hhhyDoUSpy8pQ7diKSlHWIQ4PdWubB3Yziut%2FTV5K3hChnauILbvSaq2SfVrsH%2Fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74fede34ade50b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w780/wwOZ7Ga1rJHgwt4Wz45fAnnkZyv.jpg
89.187.169.3200 OK 77 kB URL HTTP/2 image.tmdb.org/t/p/w780/wwOZ7Ga1rJHgwt4Wz45fAnnkZyv.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
Hash ffdd84c836d170a5f81e35c584696d2f
3bbcb6727ada6abe1f383ade300e2ad8817efc92
bacfa1c36c5e4513a59fa729d78f4ade3af22c126102af7d574837cd61840809
GET /t/p/w780/wwOZ7Ga1rJHgwt4Wz45fAnnkZyv.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: image/jpeg
content-length: 48780
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62cc0d24-be8c"
last-modified: Mon, 11 Jul 2022 11:44:36 GMT
cdn-storageserver: SYD-386
cdn-requestpullsuccess: True
cdn-fileserver: 343
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/11/2022 19:44:47
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 460308b9fb161eb3085369aca7703d69
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 4.6 kB IP 93.184.220.29:0
Hash e093e9019ced781bd3f96fb70a8e997d
8e369512e4e72da4353670fa553036d9b44636cd
363387ba0d08dc81eda54192809549391f9bf5c56fc4aad69944115622edfa93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Server: ECS (amb/6BA6)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 24 Sep 2022 22:13:33 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:09:41 GMT
expires: Tue, 19 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 435832
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 192795
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6546
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Last-Modified: Sat, 24 Sep 2022 20:24:27 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e5edac0eefabfa5d7a942d55dfb4f20
8af3b10e9d8cad9811e5e7ddc6e8ce90babe454d
737dda30c047838b8e04763b6ccae454e1d9273beffda3f2524aecfdb1da787e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "737DDA30C047838B8E04763B6CCAE454E1D9273BEFFDA3F2524AECFDB1DA787E"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6054
Expires: Sat, 24 Sep 2022 23:54:27 GMT
Date: Sat, 24 Sep 2022 22:13:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7497e5e3a19bb72404d74c619267ceca
d45c008abad4a23384385b1fd8e1ae786f489b2d
00faf89113f273ca30999f6a9b04c64a7616ef97fc5d5a129048cb279ad31d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Last-Modified: Sat, 24 Sep 2022 22:13:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f335aebc53787d84d5a17c1d442ad050
538823dba9eb95e8d929a581446f04a1d225388a
f9bafc99e280dee2a19c0e16a6c5c771d9feef944a2730a8ad33154a78243724
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Last-Modified: Sat, 24 Sep 2022 20:31:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 4.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62a259c875ad3e4b29810c90ea8024f1
78245a4c566c58f26c4d7a358acab20c1632ce3e
0c761d6456b864d018712d361b17acb1c3fe0cfe7247f35e3cb4c66b6f3a9174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "66E95B9A06018F35B5954B471A657F60EA4EE4A66907F99741535EE46F0F01C8"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7589
Expires: Sun, 25 Sep 2022 00:20:02 GMT
Date: Sat, 24 Sep 2022 22:13:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 873 B IP 93.184.220.29:0
Hash 7110d0f249776bf39bc339c24d3fbaa4
8b7e29aa5b4d8b80114cc1c9193a335380cbef74
91338b0261fa4f75b56f5a99a1bab87c39ec029561edd75c30bc454fb3055cc3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Last-Modified: Sat, 24 Sep 2022 20:31:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f335aebc53787d84d5a17c1d442ad050
538823dba9eb95e8d929a581446f04a1d225388a
f9bafc99e280dee2a19c0e16a6c5c771d9feef944a2730a8ad33154a78243724
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:33 GMT
Last-Modified: Sat, 24 Sep 2022 21:04:00 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e1106bedfa47ab68068e0a8e8e65a5d7
870cf777d1aed7a6191b68b619d83c6c2e965c64
443d9ee4da7dbf8e8b4c178bc8c9ec2e7881070606e5aa99301bea57e549ca78
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:04:31 GMT
Expires: Thu, 29 Sep 2022 00:04:30 GMT
Etag: "870cf777d1aed7a6191b68b619d83c6c2e965c64"
Cache-Control: max-age=351656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede35de9c1bfa-OSL
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.123.175200 OK 41 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (32065)
Hash d821cf1d049c7f847049dc5642d835f7
5b3c0e379efaf6e2bb17c334df47f3592c352096
0ae5cb5dea41cccc65ddf56f6c2669c6ae14bd409ae9922beb3264dd448da057
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 7101114
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74fede36afb0b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=40363
date: Sat, 24 Sep 2022 22:13:33 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f038194067eb0a255d9b9a1a70503e3b
63f77e7ab6971b42bc28dc3aed1a783bc2993efe
299e978fbedd998983ca109f8f7998bce61d822803925aefa78e91d7d9987f73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "299E978FBEDD998983CA109F8F7998BCE61D822803925AEFA78E91D7D9987F73"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11327
Expires: Sun, 25 Sep 2022 01:22:21 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 1.1 kB IP 172.64.155.188:0
File type gzip compressed data, from Unix\012- data
Hash 0225191f03a34a7f3b3c530deaf86a38
511bee919107d5e31fc79e30711043ba976435e7
598d03cad0ec27db2b222331bf7f26a83649eda6bf60db53803e3c9874f387ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:04:31 GMT
Expires: Thu, 29 Sep 2022 00:04:30 GMT
Etag: "870cf777d1aed7a6191b68b619d83c6c2e965c64"
Cache-Control: max-age=351655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede37a8471bfa-OSL
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.123.175200 OK 5.7 kB URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.123.175:0
Hash f19de6842be5735db2b36a69c2a58e22
7201a0ecd91361edf2bbac80b5a4e24885e22338
6bf6d822a099a61224c88e0c6c2d6acb8047483bcfe3f3d6d483e15f9fec128c
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 7101114
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74fede36afacb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-/_ate.track.config_resp
23.38.200.123200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/ra-/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=15, s-maxage=86400
date: Sat, 24 Sep 2022 22:13:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.123.175200 OK 8.9 kB URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (29325)
Hash e9ee9e02a54f183933038b1853629ada
fd9f59706a70c8c3651d8a30c954d350dd48a95b
593e1d697fa7b3a6fcb619b08e6367c6e143b5b4e0c9c04a7035c4a4222588b4
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 13368377
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74fede369f98b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://watchseriesproject.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede38ca710b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g7hqRwXymLSA5tg43HSwfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gVpQXIAZWnCq4DQDBtylV/+y2lQ=
ocsp.sectigo.com/
172.64.155.188200 OK 281 B IP 172.64.155.188:0
Hash 9b6bbe0ef34e7e759de103cf9392a4d2
8c4e9982a8086b2249f7adbace4d90c6aa25224c
e4fd01b4436e274c1f89e8ba38eacfd08b93f889099d68bca00e9c2c0c3bc364
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 13:05:17 GMT
Expires: Fri, 30 Sep 2022 13:05:16 GMT
Etag: "8c4e9982a8086b2249f7adbace4d90c6aa25224c"
Cache-Control: max-age=484901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede38e9161bfa-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f344afdec1772f9878becf3ddf39c64
22c87158cb20247fe5e89181ab124e86cbc2948a
2aacf7565424844abc48a116384275b85cc8731c7588f0f027c4dc1f1a5fa925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AACF7565424844ABC48A116384275B85CC8731C7588F0F027C4DC1F1A5FA925"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Sun, 25 Sep 2022 01:19:03 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 35e6c86c11a97981bc5f7a3e1e474a04
4ac0612a6c02a8c29c72190ec09bb5563052825b
9da98ee5ec0f96730ba8c43f479cc3dedb86552d7a91ba7df21676a087e78d79
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 28 Sep 2022 21:46:09 GMT
ETag: "4ac0612a6c02a8c29c72190ec09bb5563052825b"
Last-Modified: Sat, 24 Sep 2022 21:46:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 997
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fede393c271c02-OSL
h4ahsm.cfeucdn.com/video_short.mp4
84.16.243.193206 Partial Content 3.1 kB URL HTTP/1.1 h4ahsm.cfeucdn.com/video_short.mp4
IP 84.16.243.193:0
ASN #28753 Leaseweb Deutschland GmbH
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 639ec085afd48ff720cb1716bb09c075
04789db6677b1e59ae5b2c8c3b565f7ad8bf5c52
7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb
GET /video_short.mp4 HTTP/1.1
Host: h4ahsm.cfeucdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://cdnqq.net
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 24 Sep 2022 22:13:33 GMT
Content-Type: video/mp4
Content-Length: 3078
Last-Modified: Sat, 03 Apr 2021 21:17:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6068db6e-c06"
server: YouTube Frontend Proxy
Expires: Mon, 24 Oct 2022 22:13:33 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,Range
Access-Control-Expose-Headers: Content-Range,Content-Length,ETag
Content-Range: bytes 0-3077/3078
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://watchseriesproject.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
csdqnr6btfxc.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 csdqnr6btfxc.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csdqnr6btfxc.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56077faa415259af9f2dddafe535ebdf
6877f10077f724f29c35fd4e5ef74fee9524d5be
3b21b85f70e346b703546486cfdeaaf08940ba9e57e5b7095cacc496e50cc46e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B21B85F70E346B703546486CFDEAAF08940BA9E57E5B7095CACC496E50CC46E"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10807
Expires: Sun, 25 Sep 2022 01:13:41 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 77 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type ASCII text, with very long lines (1242)
Hash 61f9e60f7163a028fab1451cb66d26e3
d40e2bedbacae44e1bf8a3ec991be4d19e4c7d31
15c011f614b14be703ab6524f05725315c333ab7e46e865c8f5c46e0c7235376
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Sat, 24 Sep 2022 22:13:34 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Sat, 24 Sep 2022 23:13:34 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
csdqnr6btfxc.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 csdqnr6btfxc.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csdqnr6btfxc.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
mc.yandex.ru/watch/48329336?wmode=7&page-url=https%3A%2F%2Fcdnqq.net%2Fe%2FaUVWRVJnYW5QMGg5elpEM09hbzhaZz09&page-ref=https%3A%2F%2Fwatchseriesproject.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A237698161252%3Ahid%3A998736946%3Az%3A0%3Ai%3A20220924221333%3Aet%3A1664057613%3Arn%3A1071849776%3Arqn%3A1%3Au%3A1664057613711788601%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C316%2C0%2C%2C%2C%2C643%3Ans%3A1664057612157%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057613%3At%3AVideo%20player&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/48329336?wmode=7&page-url=https%3A%2F%2Fcdnqq.net%2Fe%2FaUVWRVJnYW5QMGg5elpEM09hbzhaZz09&page-ref=https%3A%2F%2Fwatchseriesproject.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A237698161252%3Ahid%3A998736946%3Az%3A0%3Ai%3A20220924221333%3Aet%3A1664057613%3Arn%3A1071849776%3Arqn%3A1%3Au%3A1664057613711788601%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C316%2C0%2C%2C%2C%2C643%3Ans%3A1664057612157%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057613%3At%3AVideo%20player&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 77a3d4b7c8f5eb70ea6ce3f658f2c107
fd9e0b2668eace3898fbec6135ca42f167d3f4e1
9bd9369197c5fff004cb4c68e94cffd56f49b39b3285e39070ea710351d7702f
GET /watch/48329336?wmode=7&page-url=https%3A%2F%2Fcdnqq.net%2Fe%2FaUVWRVJnYW5QMGg5elpEM09hbzhaZz09&page-ref=https%3A%2F%2Fwatchseriesproject.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A237698161252%3Ahid%3A998736946%3Az%3A0%3Ai%3A20220924221333%3Aet%3A1664057613%3Arn%3A1071849776%3Arqn%3A1%3Au%3A1664057613711788601%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C316%2C0%2C%2C%2C%2C643%3Ans%3A1664057612157%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057613%3At%3AVideo%20player&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdnqq.net
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/48329336/1?wmode=7&page-url=https%3A%2F%2Fcdnqq.net%2Fe%2FaUVWRVJnYW5QMGg5elpEM09hbzhaZz09&page-ref=https%3A%2F%2Fwatchseriesproject.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A237698161252%3Ahid%3A998736946%3Az%3A0%3Ai%3A20220924221333%3Aet%3A1664057613%3Arn%3A1071849776%3Arqn%3A1%3Au%3A1664057613711788601%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C316%2C0%2C%2C%2C%2C643%3Ans%3A1664057612157%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057613%3At%3AVideo%20player&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 24 Sep 2022 22:13:34 GMT
access-control-allow-origin: https://cdnqq.net
set-cookie: yandexuid=131580021664057614; Expires=Sun, 24-Sep-2023 22:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=131580021664057614; Expires=Sun, 24-Sep-2023 22:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=898732831664057614; Path=/; SameSite=None; Secure
i=kHpHTf2rOzAQJvpostMlBoYbFzfF2MRQsKtfD9OjaGyFkBgW6pMhuyiuYgg6GbFIUMsNWUU1kEqxlwp9Zp0HnWLYFpc=; Expires=Tue, 21-Sep-2032 22:13:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695593614.yrts.1664057614#1695593614.yrtsi.1664057614; Expires=Sun, 24-Sep-2023 22:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 24-Sep-2022 22:13:34 GMT
last-modified: Sat, 24-Sep-2022 22:13:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 169 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 1a2a7f97104e0e5a143ec10901aa1d36
9979e72f5b496c334a39cd9c04a9c3b8fae51999
e956ce869650cd9d8c9f29b8936d253bc18a9108cb28ad76e8bf83ee45bcc4ce
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1973
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://watchseriesproject.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 24 Sep 2022 22:13:34 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Sat, 24 Sep 2022 23:13:34 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 691ead31501097a14cc636bef13fee66
d61e929761ff877b000cfa6347073d781e455a7c
ee8c88025f2f19d372ae33d8d82883a27cea6313e91f5fe79ab2101646bce8f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE8C88025F2F19D372AE33D8D82883A27CEA6313E91F5FE79AB2101646BCE8F0"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10235
Expires: Sun, 25 Sep 2022 01:04:09 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?4697305&@f16&@g1&@h1&@i1&@j1664057613128&@k0&@l1&@mWatch%20Family%20Guy%20Season%208%20Episode%202%20Free%20on%20WatchSeries&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:103866810&@b3:1664057613&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&@w
192.99.0.58200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4697305&@f16&@g1&@h1&@i1&@j1664057613128&@k0&@l1&@mWatch%20Family%20Guy%20Season%208%20Episode%202%20Free%20on%20WatchSeries&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:103866810&@b3:1664057613&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 0c883ee584035db07a068b2ad531392c
1dc167930c85338e4e0bcb005b478ac8e3862d7e
11091c631dcc8aad0981daa13b72004ad116c2e319e8078ff246ed3ab709e848
GET /stats/0.php?4697305&@f16&@g1&@h1&@i1&@j1664057613128&@k0&@l1&@mWatch%20Family%20Guy%20Season%208%20Episode%202%20Free%20on%20WatchSeries&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:103866810&@b3:1664057613&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f011f85c7801313ae3c03505a13621d2
78335fb45b5bb03e46f7519a8669f83cc070be32
441fadef7a4be852e47c368e3a1b4e2f507c77d8c648c1f54494ff9bbfa03fc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "441FADEF7A4BE852E47C368E3A1B4E2F507C77D8C648C1F54494FF9BBFA03FC5"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7731
Expires: Sun, 25 Sep 2022 00:22:25 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e27e4fb08edd2406c6125d46c83dc418
d88538018ab93cabcce8b429d2fab88f878c41eb
8cd8d4f4ce71f831ebfc64fd98282b02fdb27bb0566bc2e87f7b894dd3c7ff8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD8D4F4CE71F831EBFC64FD98282B02FDB27BB0566BC2E87F7B894DD3C7FF8C"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6062
Expires: Sat, 24 Sep 2022 23:54:36 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
pseepsie.com/pfe/current/tag.min.js?z=5375966
139.45.197.250200 OK 6.7 kB URL HTTP/2 pseepsie.com/pfe/current/tag.min.js?z=5375966
IP 139.45.197.250:0
Hash 0ddf68e2b0c36102af4b95aa59c320b4
70c41f6fc63fdf70d0bc83db77afc21c4f5f4481
adfeecb6a91c2a60185300e119206ae7e2e1d502690ce7504d33d87459ebf269
GET /pfe/current/tag.min.js?z=5375966 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8675067bf584b754f29d07c751de97d
a89dee4c5ce59ff8234d9a355bf12a2639f2c21d
93b8dc16172b02c03531b5874d9630bd1acf75e3250908270b29ee983030aa6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93B8DC16172B02C03531B5874D9630BD1ACF75E3250908270B29EE983030AA6F"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5743
Expires: Sat, 24 Sep 2022 23:49:17 GMT
Date: Sat, 24 Sep 2022 22:13:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=417706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede3c9c2f1bfa-OSL
my.rtmark.net/gid.js?userId=5ac9e8b426ac4a529b65bd8c253df383
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=5ac9e8b426ac4a529b65bd8c253df383
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 696b9debbfac2c7a18838087b5773e72
7375193229c61ac59f3f02280937338081adb096
17061a89481b8688dd0df39874388abec0c198045f2d3c53aea26a78d729600b
GET /gid.js?userId=5ac9e8b426ac4a529b65bd8c253df383 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tovanillitechan.com/42/38?z=5375965
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=5375965
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=5375965 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: scm=1; OAID=0886d0836db54c54b548175d0a4d6575; oaidts=1664057614
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ef4780c76cadc981748916d52eaee29d
access-control-expose-headers: X-Sc
set-cookie: OAID=0886d0836db54c54b548175d0a4d6575; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
oaidts=1664057614; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5b58ffbbec831ee9ee6feb0cafcdca4a
0725aeb48e79a3575a3cb2792322cb5ed16ad196
850f427aff7589d1bdecbd20747955d2b2249dcc4ade48301613b50e58fa68fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:35 GMT
Last-Modified: Sat, 24 Sep 2022 20:58:05 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
tovanillitechan.com/9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 825b2418e59f9f922455865d4142a84c
797e35706c702b37e3ddd1028aaac635248de9e7
adaf39b31abd0f2d4cd36805be0bad16f31ea4741b4d848c103c6384af711dc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADAF39B31ABD0F2D4CD36805BE0BAD16F31EA4741B4D848C103C6384AF711DC9"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2090
Expires: Sat, 24 Sep 2022 22:48:25 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13699
Expires: Sun, 25 Sep 2022 02:01:54 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13699
Expires: Sun, 25 Sep 2022 02:01:54 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13699
Expires: Sun, 25 Sep 2022 02:01:54 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 2189
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tovanillitechan.com/11?rnd=1728874462&z=5375965&b=14566426&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=XpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg==&ruid=71db9816-630d-4472-af88-9da9df1f7f97&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=118
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/11?rnd=1728874462&z=5375965&b=14566426&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=XpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg==&ruid=71db9816-630d-4472-af88-9da9df1f7f97&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=118
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1728874462&z=5375965&b=14566426&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=XpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg==&ruid=71db9816-630d-4472-af88-9da9df1f7f97&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=118 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: scm=1; OAID=5ac9e8b426ac4a529b65bd8c253df383; oaidts=1664057614
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 07aebd1be53835f2025ce0d28e75e0cf
access-control-expose-headers: X-Sc
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:35 GMT; secure; SameSite=None
oaidts=1664057614; expires=Sun, 24 Sep 2023 22:13:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Content-Type: application/json
Origin: https://watchseriesproject.com
Content-Length: 419
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a0fa0d922ab52c82038f91510cdbd05b
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csdqnr6btfxc.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 csdqnr6btfxc.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csdqnr6btfxc.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:35 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 97654f855cee3c82f33008004d4ab2a4
bb6a8b2898ce43d06593f6a9b80a45db6d192cf0
df0e0ca38ce0585a672297063ec42d27fdc5d782b3787425f3d21245c9fe0225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:50:05 GMT
Expires: Sat, 01 Oct 2022 01:50:04 GMT
Etag: "bb6a8b2898ce43d06593f6a9b80a45db6d192cf0"
Cache-Control: max-age=530788,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede400fbe1bfa-OSL
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Content-Type: application/json
Origin: https://watchseriesproject.com
Content-Length: 802
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3b199eb0c9260c847700380b866aa474
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ecc2a02c5bf02ae98849085d835b2dd
5fc6f043ab0929c95b84b78c9d03befbe0fadea0
ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8883
x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmEaqIAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 2190
etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328516d7184ca4b4f6e50bf895b9bce0
752c2278004a98fcfacf4c3f16470d610ffd2daa
8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6671
x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EAHQ2oAMFaqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 2190
etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 2163
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a9f4d93ea4a06628bc31a00a9c4e692
27f05479fd4fbe68993748fdb043850807ddebdd
31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11435
x-amzn-requestid: e1288aca-0375-4ce8-9daa-81afe23c9c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_ETHE6oAMFqGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-01a836ab57a326356f838bfc;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X8xpMQCKuQGx46BrQ_851U0HhXIALy0k22WRO-zp8TuFhK0KaHItBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 2189
etag: "27f05479fd4fbe68993748fdb043850807ddebdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a0d2b8beddf9f866a2bfe96ac21c2e
dfe5c93dc1637162a0b6ac174dcd7107af80763a
0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12552
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YlYTrHz0oAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 2163
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dozubatan.com/500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d773b216e1dfcc6d5bc5e0a3fdfe174
3361993fd3b389a19f30910645d0ceba555a87af
80fe11ed843f56d15024322ae3d3698efe0d0b9d04cd5e3efd4577550f25e7c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80FE11ED843F56D15024322AE3D3698EFE0D0B9D04CD5E3EFD4577550F25E7C2"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6501
Expires: Sun, 25 Sep 2022 00:01:56 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
172.67.22.216200 OK 13 kB URL HTTP/2 offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 375d4eace3e9692bfe2fc21648f4c59a
57ef9b8278b63d567eab92b8607b68cee29071b8
46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b193-3489"
expires: Sun, 25 Sep 2022 13:33:51 GMT
last-modified: Wed, 16 Mar 2022 09:44:51 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 31184
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede414bce0b65-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 49e5ce5b845b02f2812fd5e0e90657ab
b25b1883b0f0e02956c3eb5beb98552f814ee6ab
626d35b4cb1b83b59e4ee11e274ba2e82d81a7357d085012401623d088bc3985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=397724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede40786f1bfa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5b58ffbbec831ee9ee6feb0cafcdca4a
0725aeb48e79a3575a3cb2792322cb5ed16ad196
850f427aff7589d1bdecbd20747955d2b2249dcc4ade48301613b50e58fa68fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:35 GMT
Last-Modified: Sat, 24 Sep 2022 20:58:05 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://watchseriesproject.com
Content-Length: 1557
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 24 Sep 2022 22:13:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://watchseriesproject.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
interstitial-07.com/?l=sefakiuwXmtTBGU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D383974830%26z%3D5375965%26b%3D14566426%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D71db9816-630d-4472-af88-9da9df1f7f97%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwatchseriesproject.com%252Fepisode%252Ffamily-guy-season-8-episode-2%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.155200 OK 25 kB URL HTTP/2 interstitial-07.com/?l=sefakiuwXmtTBGU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D383974830%26z%3D5375965%26b%3D14566426%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D71db9816-630d-4472-af88-9da9df1f7f97%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwatchseriesproject.com%252Fepisode%252Ffamily-guy-season-8-episode-2%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.155:0
Hash 0d6cdb6033d9009fcef6b8a8db48066e
bdb1c01f92fb7026a5ce2acb280d99661a97a3c7
d17c02fcdcaa3771aa0fd23ee362fad1a7e556e39dea43199fc71daee7e2a331
GET /?l=sefakiuwXmtTBGU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D383974830%26z%3D5375965%26b%3D14566426%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D71db9816-630d-4472-af88-9da9df1f7f97%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwatchseriesproject.com%252Fepisode%252Ffamily-guy-season-8-episode-2%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=dfcv-TGTCwP8JC_of6abzfNSATYG0qPXu4el79fSpvs; expires=Sat, 24-Sep-2022 23:13:35 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/97/9d/a8/6108220fdf5c1958b30270c87e/01455300174645.jpeg
139.45.197.155200 OK 66 kB URL HTTP/2 interstitial-07.com/contents/s/97/9d/a8/6108220fdf5c1958b30270c87e/01455300174645.jpeg
IP 139.45.197.155:0
Hash 3d94b66e46ad1fe7a108dbd48a334fb9
8e779bf16b0843908703112fc4348b430865e8e1
253c6a77e1c6648deb2ddf3b7c771458d4b1c6a9a225259265a36a2483a06f63
GET /contents/s/97/9d/a8/6108220fdf5c1958b30270c87e/01455300174645.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=sefakiuwXmtTBGU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D383974830%26z%3D5375965%26b%3D14566426%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXpByd-PH1OFilrsS7jFARx6IXt-Coj9UidPd2Jrhaa76QM7j0w75_70Im_7h5PgECnir6eHFrZBEzj9egBQUz-xdohEo8UiIykgxaCCBosdzrzNbByXaNUU3AXFOs9tJoz1ipe959Kp5HiHJ1YrfcOXFsCZf6Y3jKkhU13gQ5JSkJNr-UyKaJkG-YKPE_K0nu_t4wNIhWg7zpw7mmV3nTmpafeP4kYc3X6ZKsbBfTWOPkyHBeWOoTytps_MyOAUkddguXyhDekVT2R2zS5qfY80CWGRO1GN0RxRoAbJPj6XbrvmgJr6MDKJ4qWINjLngPijs4oRYUQDT3xLYNpGhSW_OLjPnTdxMZ-b-vudCBr4zMLynOzxpSFJvpbp9-_uhsPgrIAQy8_vnkwmLK_sFpJyUzHxBEBXwZMyvvQhr75w7XSpGRmkCeqlP_BHDcPlezJMLVVUzm1YuqHJRdTawIexeawXRSgsk7pzqtcJYud1vtsmDL0l2ubi4hCMUMZH9hEea8WANMlvRfL_t-RjyeWXLxft2htJfnO68cFS74JPoZToJrzdK6HIqOKIX5PZbdD35Q-vB9wNGWE7d161r4yR1ml79heQNIfvPQ1zcmVRZVH3KxqYw0a8Okkjsn0lRCMAyf_lq6loMR5YNr8Y1qg%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D71db9816-630d-4472-af88-9da9df1f7f97%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwatchseriesproject.com%252Fepisode%252Ffamily-guy-season-8-episode-2%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D898%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: image/jpeg
content-length: 64345
last-modified: Wed, 29 Jun 2022 17:12:35 GMT
etag: "62bc8803-fb59"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3ea37777b24ad3132f8bc92164c608e
5701e444a0be8384b9e5e6e04b0c53d5753f638a
167cf989b2eb81bfcba5079d5216c0d83a019938bf47c8b67cbf633fc0070e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "167CF989B2EB81BFCBA5079D5216C0D83A019938BF47C8B67CBF633FC0070E4B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6222
Expires: Sat, 24 Sep 2022 23:57:17 GMT
Date: Sat, 24 Sep 2022 22:13:35 GMT
Connection: keep-alive
unphionetor.com/fv.js?t=72747&cb=937490179
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=937490179
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=937490179 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4931d46afec9fa2e0963a8d805514ddb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c2c96c88af9b7c5476dc8234398a6af6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cd6d97847f093445947a12a3b3a54c29
541211da7ad2a367ce23daa8d54e3d1382061f36
bcf3d264928016f1160715d59857e0af7138535653382ee0bc1677bbff7e5291
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 04:42:37 GMT
Expires: Sat, 01 Oct 2022 04:42:36 GMT
Etag: "541211da7ad2a367ce23daa8d54e3d1382061f36"
Cache-Control: max-age=541140,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede43cb401bfa-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4361ebb487052960d6112c2b23cf60d1
f3694a9f797ebe0562169fe0a0c05f7ac856de3c
29fdc4826b0fe17b1ed34e0919dc93ece52603bf7e9c423c4ca087d961aee4d0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 21:23:12 GMT
Expires: Sat, 01 Oct 2022 21:23:11 GMT
Etag: "f3694a9f797ebe0562169fe0a0c05f7ac856de3c"
Cache-Control: max-age=601174,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fede407b65b506-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 3f73477834d60fd679ee48f136ddd93b
4416624f02a02c710e5be9ff7d7153d6bb4b1db7
aebc58b19d93057f123621707ab108d9de34fc7d4ff3918fff1823322dfe312e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 28 Sep 2022 19:06:17 GMT
ETag: "4416624f02a02c710e5be9ff7d7153d6bb4b1db7"
Last-Modified: Sat, 24 Sep 2022 19:06:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2740
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fede4508220afe-OSL
intelligenceadx.com/mMjdSW.htm?_=BAYAYy-BDgFjL4EOgAGBAsAAID2WXDKbVykme0BqZiXZue3fd2m0fdUaXksyLmZqGUGdwQBHMEUCIE5JQNRmI4NkzWYnaXDepFL2MvfEVo62X83VhM148Q7JAiEA8RK388H1W1JrebZ0gyXMLhqfydRhxfw7m2N8yvYWIv8&v=4&gwqmPMok=4799967&NQdvqjEw=&AZeGatLP=0,0&YufFTgZO=&xInXSWkw=&s=1280,1024,1,1280,1024,0
208.95.114.100200 OK 834 B URL HTTP/2 intelligenceadx.com/mMjdSW.htm?_=BAYAYy-BDgFjL4EOgAGBAsAAID2WXDKbVykme0BqZiXZue3fd2m0fdUaXksyLmZqGUGdwQBHMEUCIE5JQNRmI4NkzWYnaXDepFL2MvfEVo62X83VhM148Q7JAiEA8RK388H1W1JrebZ0gyXMLhqfydRhxfw7m2N8yvYWIv8&v=4&gwqmPMok=4799967&NQdvqjEw=&AZeGatLP=0,0&YufFTgZO=&xInXSWkw=&s=1280,1024,1,1280,1024,0
IP 208.95.114.100:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash 376ae7a998b65c20394ccb048a9f8b99
a26a33cae541248349ef7702b7c229639408cc4e
7acb71a502963512f7052bb2aef13dbf31907dafd0e0cc0294bf7b2afda55b71
GET /mMjdSW.htm?_=BAYAYy-BDgFjL4EOgAGBAsAAID2WXDKbVykme0BqZiXZue3fd2m0fdUaXksyLmZqGUGdwQBHMEUCIE5JQNRmI4NkzWYnaXDepFL2MvfEVo62X83VhM148Q7JAiEA8RK388H1W1JrebZ0gyXMLhqfydRhxfw7m2N8yvYWIv8&v=4&gwqmPMok=4799967&NQdvqjEw=&AZeGatLP=0,0&YufFTgZO=&xInXSWkw=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intelligenceadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Sat, 24-Sep-2022 23:13:36 GMT; Max-Age=3600
fraudcheck=b7e04eedb623e9cd69d63e92f8053af6; expires=Mon, 24-Oct-2022 22:13:36 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Sun, 25-Sep-2022 04:13:36 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 834
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 22:13:36 GMT
X-Firefox-Spdy: h2
xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
174.137.133.17302 Found 0 B URL HTTP/1.1 xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
IP 174.137.133.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457657&auth=p12tC3&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 22:13:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
Pragma: no-cache
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0617d8e07c98139176c38c1f57d52a
014487eaa63864ee206e157faed70cf8a091993e
204c4f95bd0e6be18b89117e305241e6dab6f973614dafabf3d281fd5674c7c4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "204C4F95BD0E6BE18B89117E305241E6DAB6F973614DAFABF3D281FD5674C7C4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18125
Expires: Sun, 25 Sep 2022 03:15:41 GMT
Date: Sat, 24 Sep 2022 22:13:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1265
Expires: Sat, 24 Sep 2022 22:34:41 GMT
Date: Sat, 24 Sep 2022 22:13:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1265
Expires: Sat, 24 Sep 2022 22:34:41 GMT
Date: Sat, 24 Sep 2022 22:13:36 GMT
Connection: keep-alive
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 490 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a2f274ebee79b3815af30e010e539434
dd1c4abd06455b34375ad432bdf0440502b5fece
dd4dfd82052eff67ad68ec87b40e7e1e0347edd074328951df3397c2fd112d12
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 24 Sep 2022 22:13:36 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhlofHyp7HWjDPWWtFeR7pjJ8cBYVGeG0%2F2UpsuRgxLMBe5Fh%2F9sQwXf%2FKnVnwwtkQkekIsdhLQyEkT6peHq4u06FmpRdJGqSxATBeAUVmICDLesxrbdSMbro%2BMQw3x%2F1FpY24%2BsqZ5Qnlpk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede466a47b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.cachegorilla.com/cf?id=4487727144033411294&sid=B79SGewuO6N&subid=0000&fid=19293&redir=1
104.21.51.225302 Found 0 B URL HTTP/2 c.cachegorilla.com/cf?id=4487727144033411294&sid=B79SGewuO6N&subid=0000&fid=19293&redir=1
IP 104.21.51.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cf?id=4487727144033411294&sid=B79SGewuO6N&subid=0000&fid=19293&redir=1 HTTP/1.1
Host: c.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
location: http://xml.expplatdirect.com/click?i=GeFwv9Dh04o_0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCgNPM%2BMrARpnO8NxIOyQeKkqHMIzNRinm8W%2BElEB8zWPWl8S5AbX1U4oSpVWhut2UbrqcOl23kFwjX1MfsYkAC1zm5tV5%2BoI0S%2BwF5Dy3AV8TqqiuFCxC5ie1EsMRoh%2BxNmV5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede41bafeb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/vqlWwD8
172.67.213.33302 Found 753 B IP 172.67.213.33:0
Hash 6b155cbb42f6e7d578244b868bd32410
b4a9497fd8c5348c820996ce39ea528510fb9b87
7a959ca6126cffb6443d5fc374021244db34f82ac1df98fdebcb24916ee19377
GET /vqlWwD8 HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/html; charset=utf-8
location: https://q.xmlrtb.com/r?fid=k2mHN2AHw88
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Yy-BDw.gkm7vJU0jOuLO5pupcJf2NLxqPI; Expires=Sat, 24 Sep 2022 22:43:35 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrEO286vYKblc9BfGRV7rhjd2MuUWjvsGuBE1Zyq%2B59hNoWb23KfGOQMSTGHZkTw8z%2FczqCthgEvFi2AhMpwAfAb34B0LuMshzJABfBrmW8fYd7p%2Bsqroak5bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede3e48b7b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
q.xmlrtb.com/r?fid=k2mHN2AHw88
172.64.101.31302 Found 503 B URL HTTP/2 q.xmlrtb.com/r?fid=k2mHN2AHw88
IP 172.64.101.31:0
Hash d556b916dd7b237f767af5f971254291
42f73d07aa6cabae12fdb8c418128a9e88ce414c
93fe579fb097ec3523cc4f2c0b5d394a4e6b91493070a04885b50dd0b94244a7
GET /r?fid=k2mHN2AHw88 HTTP/1.1
Host: q.xmlrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
location: https://popxperts.com/w3ar3w1n
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a8pBmNr9%2F%2Fz%2B4PqfZoKwFeH5N4P1eqxf6%2BlsohlU64j2fd3ohK4IZ4X4vvdpZHd%2B6Fzz8V%2BZTTCMvgxRXIAOU%2F3t3cMZSs%2Ffs7Wn%2FKXtcHzusn47D0o4N5whKH9Syo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede3ed981742f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
feed.us.adrunnr.com/12/?id=21fb3a75-3c56-11ed-b3bb-8f90636e6691
54.205.155.201307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/12/?id=21fb3a75-3c56-11ed-b3bb-8f90636e6691
IP 54.205.155.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /12/?id=21fb3a75-3c56-11ed-b3bb-8f90636e6691 HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sat, 24 Sep 2022 22:13:36 GMT
content-length: 0
location: http://engine.spotscenered.info/link.engine?guid=760d8dbc-b726-4132-8e3e-6a6035c3ab27&Hardlink=true&time=0&subid=321a5d4e
set-cookie: __sess=22ef1075-3c56-11ed-b3bb-f3ca1ee682c3; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
xml.revrtb.net/redirect?feed=389295&auth=ANAKRj&pubid=150077
174.137.133.16302 Found 0 B URL HTTP/1.1 xml.revrtb.net/redirect?feed=389295&auth=ANAKRj&pubid=150077
IP 174.137.133.16:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=389295&auth=ANAKRj&pubid=150077 HTTP/1.1
Host: xml.revrtb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://popxperts.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 22:13:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://tsyndicate.com/api/v1/direct/2fd832a4f17c4076a81f2e3792e936f6?extID=458484_464963
Pragma: no-cache
engine.spotscenered.info/link.engine?guid=760d8dbc-b726-4132-8e3e-6a6035c3ab27&Hardlink=true&time=0&subid=321a5d4e
104.18.97.60302 Found 183 B URL HTTP/2 engine.spotscenered.info/link.engine?guid=760d8dbc-b726-4132-8e3e-6a6035c3ab27&Hardlink=true&time=0&subid=321a5d4e
IP 104.18.97.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 933c494ff5a16740e91f8b2159b0a9f8
de57aeafcb0fc1db15a575920c3629bd1da59a88
088be8550aad57fedaebbc327550559cdb527f8e4ccfdd9850f8380ed9dbcc5c
GET /link.engine?guid=760d8dbc-b726-4132-8e3e-6a6035c3ab27&Hardlink=true&time=0&subid=321a5d4e HTTP/1.1
Host: engine.spotscenered.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: text/html; charset=utf-8
content-length: 183
location: https://www.adsupplyads.net/_adunits/pageunder/index.html?source=d
cache-control: private, no-transform
access-control-allow-origin: *
p3p: CP="CAO PSA OUR IND"
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=36d9902f-3740-4af8-b957-bc01b6d1480a; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure
ISSH=662A31; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Sun, 25-Sep-2022 02:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{"2636":[{"SId":"662A31","D":"22/9/24T15:13:37"}]}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[2636]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Fri, 24-Sep-2032 22:13:37 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fede4b79c2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash efd7ff05730d3d7d510f369e08bab716
551d17fcf9966e42572251cf971405461b41bce2
b64a5aab0749ddbc88c4088466006d1842556c31b4c06f209fea7cd8a9f8e752
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5135
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:37 GMT
Last-Modified: Sat, 24 Sep 2022 20:48:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
www.adsupplyads.net/_adunits/pageunder/index.html?source=d
172.67.70.25302 Found 0 B URL HTTP/2 www.adsupplyads.net/_adunits/pageunder/index.html?source=d
IP 172.67.70.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_adunits/pageunder/index.html?source=d HTTP/1.1
Host: www.adsupplyads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:37 GMT
content-length: 0
location: https://is.gd/defaultinfad
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebTEczGWCfqHRcl1%2FIRQzvGx%2FxwhAzLkAwzzLdzTxsTdtjW911as76CmgQmzymNwl%2Bl5plelGQJDPrZisHPjbinhn7jB3pOn2WiUObIxzbgK6aypVAS5MuTTLDeFRR8WHxKEU3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede4d7c26b506-OSL
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=B79SGewuO6N
104.21.51.225302 Found 0 B URL HTTP/2 q.cachegorilla.com/r?fid=B79SGewuO6N
IP 104.21.51.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r?fid=B79SGewuO6N HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
location: http://c.cachegorilla.com/cf?id=4487727144033411294&sid=B79SGewuO6N&subid=0000&fid=19293&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Blxbnd81UBy9L%2BS5YIy%2FNrNoJGOX7OW0R%2B3Gp%2FN1coOkk%2B3aui3d3j4zqu0XmuLtX5P%2F5A7ZZVrsyHlkj1syGy%2B7WPkLmQKjtmAN5a6hdO5OysFFmqP8Xe72DRhKxahg9t0oYKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede3eafe0b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ec887d63eb74fb70978e08f2a3b3012
d80ddb054d0afa427c8416df589bce426fcda526
8739606470ec81944dac760f9de55327370368136c11bca2b3a78ed832075ee4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8739606470EC81944DAC760F9DE55327370368136C11BCA2B3A78ED832075EE4"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16737
Expires: Sun, 25 Sep 2022 02:52:34 GMT
Date: Sat, 24 Sep 2022 22:13:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ec887d63eb74fb70978e08f2a3b3012
d80ddb054d0afa427c8416df589bce426fcda526
8739606470ec81944dac760f9de55327370368136c11bca2b3a78ed832075ee4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8739606470EC81944DAC760F9DE55327370368136C11BCA2B3A78ED832075EE4"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16737
Expires: Sun, 25 Sep 2022 02:52:34 GMT
Date: Sat, 24 Sep 2022 22:13:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 159e396b6cd71a715ba38a9e27f259a5
c3f955c99fef13c18eb2da63d9107e085bdd2965
38d3b51c60ff428ba412c6985eea731603544e69f5d90b358b7f130103c87ca4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:13:37 GMT
Last-Modified: Sat, 24 Sep 2022 21:23:02 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 280
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 696b9debbfac2c7a18838087b5773e72
7375193229c61ac59f3f02280937338081adb096
17061a89481b8688dd0df39874388abec0c198045f2d3c53aea26a78d729600b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gettlucksurvey.top
Connection: keep-alive
Cookie: ID=5ac9e8b426ac4a529b65bd8c253df383
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gettlucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
is.gd/defaultinfad
172.67.83.132301 Moved Permanently 0 B IP 172.67.83.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /defaultinfad HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: text/html; charset=UTF-8
location: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fede4e6f3e1c12-OSL
X-Firefox-Spdy: h2
gettlucksurvey.top/finance-survey.html?z=4297172&offer_id=2577&var=4090537&ymid=8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi&campid={campaignid}
172.67.180.135200 OK 52 kB URL HTTP/2 gettlucksurvey.top/finance-survey.html?z=4297172&offer_id=2577&var=4090537&ymid=8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi&campid={campaignid}
IP 172.67.180.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1834)
Hash 3cbf30fa6ddfe70b217e57afb59e2b72
2b2b3ae510f6731f2460c314da7e54c077e8682c
0ca6c0fe2a644b5df4c9f58774ae1640e57d83a4c6b560e1175146273d18abc4
GET /finance-survey.html?z=4297172&offer_id=2577&var=4090537&ymid=8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi&campid={campaignid} HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: text/html
last-modified: Fri, 23 Sep 2022 08:10:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Fd5JOFZVZA9hLJq4BvT6m3TfPyGfT%2FCAmvGZBBmevBwaiwGqSmyLec5WqluF75u548E9HDWD3p0KvC5JVMAGEreNKzmEnsJECQpy4fV%2FHm6%2F2O35t4XNW4z4zRLVNqx4GKhLK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4ece1fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 696b9debbfac2c7a18838087b5773e72
7375193229c61ac59f3f02280937338081adb096
17061a89481b8688dd0df39874388abec0c198045f2d3c53aea26a78d729600b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gettlucksurvey.top
Connection: keep-alive
Cookie: ID=5ac9e8b426ac4a529b65bd8c253df383
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gettlucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fgettlucksurvey.top%2Ffinance-survey.html%3Fz%3D4297172%26offer_id%3D2577%26var%3D4090537%26ymid%3D8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi%26campid%3D%257Bcampaignid%257D%26utm_campaign%3D4090537%26utm_medium%3D4297172%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1254655485970%3Ahid%3A610436732%3Az%3A0%3Ai%3A20220924221337%3Aet%3A1664057617%3Arn%3A774285044%3Arqn%3A1%3Au%3A1664057617139695533%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C1%2C0%2C%2C112%2C0%2C%2C%2C%2C231%3Ans%3A1664057616653%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057617%3At%3A%24%24%24%20Online%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fgettlucksurvey.top%2Ffinance-survey.html%3Fz%3D4297172%26offer_id%3D2577%26var%3D4090537%26ymid%3D8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi%26campid%3D%257Bcampaignid%257D%26utm_campaign%3D4090537%26utm_medium%3D4297172%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1254655485970%3Ahid%3A610436732%3Az%3A0%3Ai%3A20220924221337%3Aet%3A1664057617%3Arn%3A774285044%3Arqn%3A1%3Au%3A1664057617139695533%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C1%2C0%2C%2C112%2C0%2C%2C%2C%2C231%3Ans%3A1664057616653%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057617%3At%3A%24%24%24%20Online%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 3e9e0418d8538ac9d7d8a4276a9a9ea9
a31e08b40536e7c36aeeb99578f2fb570c655300
0b91f8e530f9e717e69c8d67f81f14ebb98781aaa49004746d9cd9b3a69a8e11
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fgettlucksurvey.top%2Ffinance-survey.html%3Fz%3D4297172%26offer_id%3D2577%26var%3D4090537%26ymid%3D8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi%26campid%3D%257Bcampaignid%257D%26utm_campaign%3D4090537%26utm_medium%3D4297172%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1254655485970%3Ahid%3A610436732%3Az%3A0%3Ai%3A20220924221337%3Aet%3A1664057617%3Arn%3A774285044%3Arqn%3A1%3Au%3A1664057617139695533%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C1%2C0%2C%2C112%2C0%2C%2C%2C%2C231%3Ans%3A1664057616653%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057617%3At%3A%24%24%24%20Online%20Test&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gettlucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fgettlucksurvey.top%2Ffinance-survey.html%3Fz%3D4297172%26offer_id%3D2577%26var%3D4090537%26ymid%3D8HrtDG-VXjdmw60V90ZuDzQ9uKkbgfzsWPNiUTl4whxcjdG-54HOuk2HfuqMXmVotPpJ8PA2xXkfmq60jdwhskxe0XattGa5y4rscqPQV5WWztl9TBHg4wmCvndTyQ_gUIDRUi%26campid%3D%257Bcampaignid%257D%26utm_campaign%3D4090537%26utm_medium%3D4297172%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1254655485970%3Ahid%3A610436732%3Az%3A0%3Ai%3A20220924221337%3Aet%3A1664057617%3Arn%3A774285044%3Arqn%3A1%3Au%3A1664057617139695533%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C1%2C0%2C%2C112%2C0%2C%2C%2C%2C231%3Ans%3A1664057616653%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664057617%3At%3A%24%24%24%20Online%20Test&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 24 Sep 2022 22:13:38 GMT
access-control-allow-origin: https://gettlucksurvey.top
set-cookie: yandexuid=3186801441664057618; Expires=Sun, 24-Sep-2023 22:13:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3186801441664057618; Expires=Sun, 24-Sep-2023 22:13:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1749611631664057618; Path=/; SameSite=None; Secure
i=OXA8AJKeKyy4Eo4/fGwir7nyWf0eRXvoA3NPBDrbOrpTXZwnDH9o6fuZI3z5s15lpHFvESrpuNg/XGUrZRpy5/oUi+M=; Expires=Tue, 21-Sep-2032 22:13:29 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695593618.yrts.1664057618#1695593618.yrtsi.1664057618; Expires=Sun, 24-Sep-2023 22:13:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 24-Sep-2022 22:13:38 GMT
last-modified: Sat, 24-Sep-2022 22:13:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dozubatan.com/impression/d8XiG-nSbvH1DTDxlPw5Elz9qld7VSvCjv2xBmmcMzIpgrfduZ56QDn8CaR0WccyimS2F6pI-RVS90YIUlR78W0AtqYJ_6meamWrx4PEvif4N8LYrGq0OAaDdVl4UpdSYeoe7-b1UGX1VDHcp54-kRmt_uULCOD2zuxRuDTtZGbS3OVdNr_Vc3dVS44CxauMPautMgIEM6rvq4WSuPyO8PoLVcStACipAHDC7tmAYt8xgD-gfAq0lBFaQjxxZV9OP6s_3-np0TNAF1crk97eoudo8qlXV4PB2G_cb35yCpAXTywfCMlqwVnt_mj_MQtG0ISI_aqXa6xcjomvK7c61Sc4Ru90cuUyi3sgufcdVJkbFKrKRDt5jrzHLU1tp9h7LlImdBBtvERHlhTOuLKyZ035AGnLnsrm6Gi6n92am91wJP57ogeq7f39FlcJKj6jccfJbygWsV5fTtcrgVMiWBUkys8u4y6oR6gXowbaV2DZvJl6jYj7pEx8DrC1FiDYxnkGojKa8nOrta5cl70jQEXDtnPauz68MH2My2D9VrtDAY23vCwefe34NpZfbJARoWfak934K4MXEux1IAMPZWyFOfUP93eYjPl0U9JrHl4=?_z=5375964&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 dozubatan.com/impression/d8XiG-nSbvH1DTDxlPw5Elz9qld7VSvCjv2xBmmcMzIpgrfduZ56QDn8CaR0WccyimS2F6pI-RVS90YIUlR78W0AtqYJ_6meamWrx4PEvif4N8LYrGq0OAaDdVl4UpdSYeoe7-b1UGX1VDHcp54-kRmt_uULCOD2zuxRuDTtZGbS3OVdNr_Vc3dVS44CxauMPautMgIEM6rvq4WSuPyO8PoLVcStACipAHDC7tmAYt8xgD-gfAq0lBFaQjxxZV9OP6s_3-np0TNAF1crk97eoudo8qlXV4PB2G_cb35yCpAXTywfCMlqwVnt_mj_MQtG0ISI_aqXa6xcjomvK7c61Sc4Ru90cuUyi3sgufcdVJkbFKrKRDt5jrzHLU1tp9h7LlImdBBtvERHlhTOuLKyZ035AGnLnsrm6Gi6n92am91wJP57ogeq7f39FlcJKj6jccfJbygWsV5fTtcrgVMiWBUkys8u4y6oR6gXowbaV2DZvJl6jYj7pEx8DrC1FiDYxnkGojKa8nOrta5cl70jQEXDtnPauz68MH2My2D9VrtDAY23vCwefe34NpZfbJARoWfak934K4MXEux1IAMPZWyFOfUP93eYjPl0U9JrHl4=?_z=5375964&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/d8XiG-nSbvH1DTDxlPw5Elz9qld7VSvCjv2xBmmcMzIpgrfduZ56QDn8CaR0WccyimS2F6pI-RVS90YIUlR78W0AtqYJ_6meamWrx4PEvif4N8LYrGq0OAaDdVl4UpdSYeoe7-b1UGX1VDHcp54-kRmt_uULCOD2zuxRuDTtZGbS3OVdNr_Vc3dVS44CxauMPautMgIEM6rvq4WSuPyO8PoLVcStACipAHDC7tmAYt8xgD-gfAq0lBFaQjxxZV9OP6s_3-np0TNAF1crk97eoudo8qlXV4PB2G_cb35yCpAXTywfCMlqwVnt_mj_MQtG0ISI_aqXa6xcjomvK7c61Sc4Ru90cuUyi3sgufcdVJkbFKrKRDt5jrzHLU1tp9h7LlImdBBtvERHlhTOuLKyZ035AGnLnsrm6Gi6n92am91wJP57ogeq7f39FlcJKj6jccfJbygWsV5fTtcrgVMiWBUkys8u4y6oR6gXowbaV2DZvJl6jYj7pEx8DrC1FiDYxnkGojKa8nOrta5cl70jQEXDtnPauz68MH2My2D9VrtDAY23vCwefe34NpZfbJARoWfak934K4MXEux1IAMPZWyFOfUP93eYjPl0U9JrHl4=?_z=5375964&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=5&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:40 GMT
content-type: image/gif
content-length: 43
x-trace-id: ec51206edae26be916bec1300109fabd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
dozubatan.com/500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:40 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
dozubatan.com/500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 67 kB URL HTTP/2 dozubatan.com/500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash a46f0d23e6e106abfa2d2bdb3c501adf
6d819207411ec68f5d5eba7d10d5e488a290b2b1
c6fb887faa4ad0645fd0a21354364a6f1cf71c63ea5dcb69fc0cbeb66accb828
GET /500/5375964?excludes=14909896&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=6&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:40 GMT
content-type: application/javascript
x-trace-id: e5eb771cb037d4878efa0b21ac90e12c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://watchseriesproject.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Content-Type: application/json
Origin: https://watchseriesproject.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:41 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 69fdf086d53ae512dd35469175c8123b
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=98719a744eed4f68b33fd31a33dce450&zoneId=5375966&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=98719a744eed4f68b33fd31a33dce450&zoneId=5375966&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 696b9debbfac2c7a18838087b5773e72
7375193229c61ac59f3f02280937338081adb096
17061a89481b8688dd0df39874388abec0c198045f2d3c53aea26a78d729600b
GET /gid.js?pub=0&userId=98719a744eed4f68b33fd31a33dce450&zoneId=5375966&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Cookie: ID=5ac9e8b426ac4a529b65bd8c253df383
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gettlucksurvey.top/js/data/rtc.js?v=1
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/data/rtc.js?v=1
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /js/data/rtc.js?v=1 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14949
etag: W/"632d6a03-3a65"
last-modified: Fri, 23 Sep 2022 08:10:43 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 4764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1au%2FwvtQACkWkMOfw%2FIcfIgR%2F7wkMC%2FPb%2Bm479fh0W%2FuVTU3Rdk42p%2FQc8Pp5wgcJld0C08WkQPAgDOEnBHa1ZnrEqt16%2FoOgoOq5VauWsuKpb3D%2F0O73Tz9n4B0QcK8TSHAEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3ed6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383
IP 139.45.197.239:0
POST /9?z=5375965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=5ac9e8b426ac4a529b65bd8c253df383 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 195
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: scm=1; OAID=0886d0836db54c54b548175d0a4d6575; oaidts=1664057614
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9e38773ab19b38504fe399dd884d607c
access-control-expose-headers: X-Sc
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:35 GMT; secure; SameSite=None
oaidts=1664057614; expires=Sun, 24 Sep 2023 22:13:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
gettlucksurvey.top/css/style.css?v=1
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/css/style.css?v=1
IP 172.67.180.135:0
GET /css/style.css?v=1 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=40801
etag: W/"632d6a04-9f61"
last-modified: Fri, 23 Sep 2022 08:10:44 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXi0ZUsWUSYT1LOc9U1fK8R4NtUgQpTf5jVk8WBuEZ74LndG7sSpYd2UM2UBkg%2FblfHcFR6esc4hfmIfoFF4BsPclKG3UX14mhX6L%2BgT%2Bx7Qn5fb%2FEnh%2FFpCx9IcFofweYUw2kU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3edab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/Jr1zAzZ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /Jr1zAzZ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Yy-BDw.gkm7vJU0jOuLO5pupcJf2NLxqPI; Expires=Sat, 24 Sep 2022 22:43:35 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtFDip1xfTUW0CyNypOWsB8YKc%2FOvsdMdeXWEJv%2FjjinsqdrCyV6bA6qQPbBzsTaFVPJ4ikuM4M%2FdI4ID1vWjgh%2FHv2UvC6aLnrcN1QjDTR02H%2BApMJ53kOdWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede3e58c0b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/js/config.js?v=4
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/config.js?v=4
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /js/config.js?v=4 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"632d6a02-10181"
last-modified: Fri, 23 Sep 2022 08:10:42 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtBJJV2M4gfNp7%2FyWcblJyKoYv1k9oPJeU4%2Bf64njCHEmuNef9MbQc1YOzbOT6IUtZjKGQ3lBOaGkra4TL%2B8Vo0pD%2BObwobEJsbcPhBICEkDks2%2F6Aq0DxZ9pRTzTdfL72IvRgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3ed7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/js/binom-pixel.js
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/binom-pixel.js
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /js/binom-pixel.js HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"632d6a03-4a3"
last-modified: Fri, 23 Sep 2022 08:10:43 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 4764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o69%2B9J5jEQNFRWJHLihI4lYwUi29D7%2BcNScdVFWoiGWajo3dsqstknsIrozVNz4qAGbYxzy7eBazXklPG2%2BfjNAKxnLfX1IiddBOR753FAaENhXgK%2FBu4T32xwgBM49HLuNx7vU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3eeab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/js/survey.js?v=11
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/survey.js?v=11
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /js/survey.js?v=11 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=300412
etag: W/"632d6a03-4957c"
last-modified: Fri, 23 Sep 2022 08:10:43 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BLTPKgBnfrrvFoj6RB9S723qCdumyo%2Bj6XvJcY7tAC9Nsmv56oGC2lMjPnbpypPXvuT%2FD2TNfFYa%2BLlpjAQWf1BqLQp%2BGdcjbHkIITpTsRdLNZeRYlcJsNQ4NO%2BrJnLzV6t%2Bgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3ee7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 8ddf745babb25e62fb46d783ae76cac3
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 25 Sep 2022 21:45:05 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BTrijTaf%2FkLdxGlIAcMSkELj8E6G0Z6Bw1JsTA6tCAfA21UNovKcYSXfPELxwRMr9TT3lAyZzR%2BimMxmwiTBZ%2BExlWlpu65Womc5fYehUyEiiIxUEvjUCMGdp3ecr%2BX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede33ecd40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bedrapiona.com/5/5375967/?oo=1&js_build=iclick-v1.430.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5375967/?oo=1&js_build=iclick-v1.430.0
IP 139.45.197.234:0
GET /5/5375967/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/json
x-trace-id: c6d3ee4490338df97de4f3f0feb50143
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:33 GMT; path=/; secure; SameSite=None
oaidts=1664057613; expires=Sun, 24 Sep 2023 22:13:33 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
172.67.74.188200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 172.67.74.188:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnqq.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtgDmm88qcwGbk1BPoyLvlXE2dL0y8vyX25YuS53G9hmOjIH4i%2Bko54839x4io8E3FtCgtS73ukW5boyEB%2B4kfpmEuQYzuR%2Bp%2FXuiLA1vHlsMUW1ZgvM7UAx201luJXS0v0eV74q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede36995fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
popxperts.com/w3ar3w1n
172.67.145.76200 OK 0 B IP 172.67.145.76:0
GET /w3ar3w1n HTTP/1.1
Host: popxperts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoxET76CUP4hGlMJjeWx6xSfw0zeDCCF%2F%2BEGh%2Bcm3iTxV1TjjRmzLQKg28X29cMeNj01x7tQ6zgJVFtg%2B2xSTXT0WDrEws%2FIJk%2FB7K3dqgFKmLE3k6viqyZ%2FUd4hP0uR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede40bfdc0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
watchseriesproject.com/episode/family-guy-season-8-episode-2/
104.21.49.251200 OK 0 B URL HTTP/2 watchseriesproject.com/episode/family-guy-season-8-episode-2/
IP 104.21.49.251:0
GET /episode/family-guy-season-8-episode-2/ HTTP/1.1
Host: watchseriesproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://watchseriesproject.com/wp-json/>; rel="https://api.w.org/", <https://watchseriesproject.com/?p=249527>; rel=shortlink
x-powered-by: EasyEngine v4.3.1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWCrwwiqU4NFWV0LQPYYSffDkjzeM%2BihZUNhSu9DPZW1zBFOP4IJ9czmXeDFvhqJe6DpdsexJqycUQgNyt4hXXxuFGE8y2kZWovdR3l4oGurHU9lU0Gs4YOzWg8srwDSiT7jdKyx8yfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede30bfa6b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnqq.net/e/aUVWRVJnYW5QMGg5elpEM09hbzhaZz09
104.21.96.50200 OK 0 B URL HTTP/2 cdnqq.net/e/aUVWRVJnYW5QMGg5elpEM09hbzhaZz09
IP 104.21.96.50:0
GET /e/aUVWRVJnYW5QMGg5elpEM09hbzhaZz09 HTTP/1.1
Host: cdnqq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//cdnqq.net>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXfbbBAUENQQNm6N4l7A%2BJOV7XUSjTd14iN7TxECjkZABiCEOiBDhKAUr41bZX4OiKVSuQ3pEWxk6OiBNOcJOGFBvVUoXUxZizleDG7q8Ht7PCJSpADScr2OEBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede351dff0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=5375965
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/1?z=5375965
IP 139.45.197.239:0
GET /1?z=5375965 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bd48ab1f84962a81f9663243f9281959
access-control-expose-headers: X-Sc
x-sc: rOcV9hX_aS3OYm2bs_mD3_qCh-co6TB1V7MwQ_-cPl9h7t2qYw_2Ojghsuw6WbOmX9I2eL79sO9hwDRX2j75aIurKus=
set-cookie: scm=1; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
OAID=0886d0836db54c54b548175d0a4d6575; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
oaidts=1664057614; expires=Sun, 24 Sep 2023 22:13:34 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:33 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 25 Oct 2022 22:13:33 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 778125
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede375e280b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dozubatan.com/500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5375964?excludes=&oaid=5ac9e8b426ac4a529b65bd8c253df383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://watchseriesproject.com
Connection: keep-alive
Referer: https://watchseriesproject.com/
Cookie: OAID=11fc11dd5ace4c7ba8f044d8cfecf936
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: application/javascript
x-trace-id: b6a17b94f23d45913d9938e9292a3481
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://watchseriesproject.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/universal.min.js?v=3.1.395
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/universal.min.js?v=3.1.395
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/400/5375964
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/400/5375964
IP 139.45.197.237:0
GET /400/5375964 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://watchseriesproject.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:34 GMT
content-type: application/javascript
x-trace-id: 90b810d2dcdd0fa2b9bbe7355399dd1c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=11fc11dd5ace4c7ba8f044d8cfecf936; expires=Sun, 24 Sep 2023 22:13:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gettlucksurvey.top/css/survey.css?v=1
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/css/survey.css?v=1
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /css/survey.css?v=1 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=19835
etag: W/"632d6a04-4d7b"
last-modified: Fri, 23 Sep 2022 08:10:44 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8c8vuRHEF1Y7dwOdDn46dCn9jj8Sa9Oh4P5WAMc%2FWGFURrIy%2BCveKLBRbHFZeAkb%2FQTvYk%2FF9E1TrKJfvG6ChUUMy6XVERXo7MTgESrHI8g1QujGVfyzMzir%2BXmMU6HI35v8fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3ed9b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/js/survey-site.js
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/survey-site.js
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /js/survey-site.js HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"632d6a03-edd"
last-modified: Fri, 23 Sep 2022 08:10:43 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 4764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88aJiIqvimPKXjbOcOLsLPEhtwOehrkQJjbVR86ZiiGM4QAmVtDPuLfTy27t2ouqHBWvXa3VHbV%2Fx%2BGBAYzF070t9QNaYc0hoAPmfB00bFQ3E9YQArqS8K68IHk45QoZCBupKPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede4f3ee1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/lxAR5ZJ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /lxAR5ZJ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: text/html; charset=utf-8
location: https://q.cachegorilla.com/r?fid=B79SGewuO6N
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Yy-BDw.gkm7vJU0jOuLO5pupcJf2NLxqPI; Expires=Sat, 24 Sep 2022 22:43:35 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f53I1qZ0FdIxw6ZwAw%2BpM2Ipi3L85IawTEyN4bcSdB6K3WgZr8v9PrZ4ZZJ0rsR1MoQ%2Fz1sQiO4yrOQUu%2F2nXaM1VTLJT8qMmRs8Zgtvpq63rg%2Fd0%2FeQ9Qz5ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede3e38abb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=oFbN7z46vMZgdRUPSIjzZHK-rrKfkn0yIxIHNI4D1lQVGbDCA82dEyGWC3r11tLky_kXdJEXxv1coUZbyaHJN0WKbHPmLCwoguQXwumjt1z40fw732WDGkb_ZXgipnStZ2D3_9K1CifO2yFtj2SRqDf-xBSW6_SbPbL-PTWVt0zLmQ4xZyBqW969tbGqZPNFXgeC30cyCE-kmorTJu7UH_8VjU7EvRS5m6l3uQ%3D%3D&request_ab2=0&zoneid=5375967&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=6378f2c0-52f6-40e2-8f9e-e976f91d5de7&userId=5ac9e8b426ac4a529b65bd8c253df383&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=oFbN7z46vMZgdRUPSIjzZHK-rrKfkn0yIxIHNI4D1lQVGbDCA82dEyGWC3r11tLky_kXdJEXxv1coUZbyaHJN0WKbHPmLCwoguQXwumjt1z40fw732WDGkb_ZXgipnStZ2D3_9K1CifO2yFtj2SRqDf-xBSW6_SbPbL-PTWVt0zLmQ4xZyBqW969tbGqZPNFXgeC30cyCE-kmorTJu7UH_8VjU7EvRS5m6l3uQ%3D%3D&request_ab2=0&zoneid=5375967&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=6378f2c0-52f6-40e2-8f9e-e976f91d5de7&userId=5ac9e8b426ac4a529b65bd8c253df383&m=link
IP 139.45.197.243:0
GET /?rb=oFbN7z46vMZgdRUPSIjzZHK-rrKfkn0yIxIHNI4D1lQVGbDCA82dEyGWC3r11tLky_kXdJEXxv1coUZbyaHJN0WKbHPmLCwoguQXwumjt1z40fw732WDGkb_ZXgipnStZ2D3_9K1CifO2yFtj2SRqDf-xBSW6_SbPbL-PTWVt0zLmQ4xZyBqW969tbGqZPNFXgeC30cyCE-kmorTJu7UH_8VjU7EvRS5m6l3uQ%3D%3D&request_ab2=0&zoneid=5375967&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=3&pl=https%3A%2F%2Fwatchseriesproject.com%2Fepisode%2Ffamily-guy-season-8-episode-2%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=6378f2c0-52f6-40e2-8f9e-e976f91d5de7&userId=5ac9e8b426ac4a529b65bd8c253df383&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watchseriesproject.com/
Origin: https://watchseriesproject.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:13:35 GMT
content-type: application/json
x-trace-id: 94077e9ea6850741884500ef750ba1df
access-control-allow-origin: https://watchseriesproject.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5ac9e8b426ac4a529b65bd8c253df383; expires=Sun, 24 Sep 2023 22:13:35 GMT; path=/; secure; SameSite=None
oaidts=1664057615; expires=Sun, 24 Sep 2023 22:13:35 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 01 Oct 2022 22:13:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
104.21.38.243302 Found 0 B URL HTTP/2 cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
IP 104.21.38.243:0
GET /cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133 HTTP/1.1
Host: cngcpy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 22:13:36 GMT
content-type: text/html; charset=utf-8
location: https://www.safestgatetocontent.com/pmi9278c?key=080c49fd0af21cc0e5d0d2532f20bc51&psid=a355801
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT8zxF9C6FezAUo74ISf4XF62ReRFkJfUbDhiht4Mv7Ph4klRBrsEFLrobNnuw6AC8A%2FuJt11pm0eSE1Kl%2BqUzesPZNVWWL7D%2BAkBvb0yvKSDqOT2kNij1ERsElH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fede463d20b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/img/icon-survey.svg
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/img/icon-survey.svg
IP 172.67.180.135:0
Analyzer Verdict Alert fortinet Phishing
GET /img/icon-survey.svg HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Sep 2022 08:10:44 GMT
etag: W/"632d6a04-c26"
cache-control: max-age=1800
cf-cache-status: HIT
age: 4271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClQO3NHTxpC7Rnt%2B%2BRa3mQiEMg%2F%2F7zrgW7WEwoqUt6HKd16avRKXkLDas8Xowy12mKC82Mzd25CW5pJqgMH%2FLSRgVuFyr9pI%2B3pB5CF%2BzBWRMojSqxb9dT9vv2u37krehZ9akY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede4f3edeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gettlucksurvey.top/js/data/_global-config-sd.js?v=2
172.67.180.135200 OK 0 B URL HTTP/2 gettlucksurvey.top/js/data/_global-config-sd.js?v=2
IP 172.67.180.135:0
GET /js/data/_global-config-sd.js?v=2 HTTP/1.1
Host: gettlucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:13:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=643
etag: W/"632d6a03-283"
last-modified: Fri, 23 Sep 2022 08:10:43 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 4785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1NxI6SUncqq5xUblChCNqaIqZbXO51p9rAJ%2Fabv2OfpF8g3Bpu6y3IiFQQWFwU%2Fo1gkGwHRBn5mh14760%2FDiP2keJ%2BtKiJPS4r64E8qIMqH5LATyCn%2B1AV%2Bj1u4rKkDplGzg5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fede4f3ed3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2