Report - www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html

Report Overview

Submitted URL
www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html
IP
104.21.75.148
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-15 09:31:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	1.0 kB	2.2 kB	23.36.77.32
sw.swwpush.com	455649	2020-12-24T21:20:59Z	2023-03-06T16:46:00Z	376 B	73 kB	45.133.44.25
static.bookmsg.com	47495	2020-11-24T15:56:32Z	2023-03-10T11:08:21Z	443 B	863 B	88.198.209.15
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
notification.tubecup.net	8210	2019-08-30T11:36:01Z	2023-03-10T00:51:05Z	443 B	309 B	159.69.161.134
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	5.1 kB	13 kB	23.36.77.32
5ab760da26.bf34686748.com	unknown	2022-11-15T01:46:47Z	2022-11-17T01:08:28Z	4.3 kB	16 kB	168.119.25.22
xml.serve-rtb.com	unknown	2022-07-03T13:14:25Z	2023-03-10T14:22:58Z	752 B	1.4 kB	172.64.133.15
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	387 B	44 kB	142.250.74.168
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	895 B	3.7 kB	31.13.72.36
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	810 B	90 kB	31.13.72.12
na.nawpush.com	38563	2020-12-23T09:18:12Z	2023-03-10T10:48:59Z	407 B	1.2 kB	45.133.44.24
www1.afilmywap.bz	unknown	2022-10-24T13:15:19Z	2023-01-25T14:12:52Z	866 B	6.6 kB	104.21.75.148
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	374 B	21 kB	142.250.74.174
ffafb23ea4.bf34686748.com	unknown	2022-11-14T10:55:44Z	2023-01-15T03:07:00Z	1.4 kB	320 B	45.133.44.25
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	62 kB	34.120.237.76
nereserv.com	40015	2020-12-21T12:07:56Z	2023-03-10T11:08:19Z	557 B	320 B	168.119.25.22
static.serve-rtb.com	unknown	2022-07-04T19:27:53Z	2023-03-10T11:08:21Z	794 B	29 kB	172.64.133.15
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	686 B	1.4 kB	142.250.74.35
lh.wabenaneper.com	unknown	2022-08-04T12:40:08Z	2023-02-28T01:02:36Z	389 B	1.4 kB	172.255.6.118
halltrasy.com	unknown	2021-08-30T11:08:14Z	2023-03-06T01:21:53Z	373 B	1.4 kB	172.255.6.34
js.wpadmngr.com	25762	2021-06-02T16:43:46Z	2023-03-10T00:51:04Z	1.2 kB	1.1 kB	45.133.44.25
fp.metricswpsh.com	unknown	2022-04-22T13:20:32Z	2023-03-10T00:51:05Z	959 B	826 B	157.90.84.242
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.148.17.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	halltrasy.com	Sinkholed

JavaScript (12)

	URL	Size	First Seen	Last Seen
	js.wpadmngr.com/npc/sdk/wp-banners.js	0 B	2023-03-07	2024-04-25
Pretty URL js.wpadmngr.com/npc/sdk/wp-banners.js IP 45.133.44.25 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 00:43:10 Times Seen37051414 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124	309 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash 6461dc09fc66862591e393e371d95831 1ad959aea16a5f4653ba6117773f8f99488f120e aab6b106c31d7dbd09a2cf1086dee7d81ccaa7ca952b9ebb02d9ca7bb1594482 Loading...

	www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html	2.5 kB	2023-03-11	2023-03-11
Pretty URL www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html IP 104.21.75.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash 4e6b026006c64d833878f6b7abf35fdf 6c569c9e862ac65e679da67d628830f7797ace4f 90414928f6dc78caf3ab39ffd215e790cf19cb5011d48da97bd1d7d082eb0d84 Loading...

	www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html	1.5 kB	2023-03-11	2023-03-11
Pretty URL www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html IP 104.21.75.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash eb8d57e6348c3912492459e4522dbfe8 4c6b9fdc2823e883e4d2bb3be0d58c3c93d1965e def42c4e0839659cfebf2159c476462f9791582d983f95f4a76c515a14169f85 Loading...

	www.googletagmanager.com/gtag/js?id=UA-198155354-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-198155354-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:46 Last Seen2023-03-11 12:22:46 Times Seen1 Hash aa8b40d41dec29c46c959df8fcd88ec5 cc59196e27bb1e7bb3267d0924e7207f82a0118a a0a4f2991b26ced3a3d3a1ae43d49ed58264d56c8c7b1c33850dbcf2d0bdd3ee Loading...

	js.wpadmngr.com/static/adManager.js	1.3 kB	2023-03-07	2023-03-17
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.25 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-03-17 12:41:09 Times Seen1 Hash d17122a2baaec1b2ce4e62776349bb2b a732dd7dcf6b3af05e416510b77640dfdb27307f 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e Loading...

	lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243	5 B	2023-03-07	2024-04-24
Pretty URL lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243 IP 172.255.6.118 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-24 23:04:20 Times Seen6330 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html	155 B	2023-03-07	2024-01-04
Pretty URL www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html IP 104.21.75.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:29 Last Seen2024-01-04 16:40:51 Times Seen11 Hash 28cc698f9c96c63529d901b20711dc1c 74611846cf20c6c0ef63584f85bf887c894d079c 9c47bace85188f2c333540cb4670abff0f0ba560c5c54ec8de3ce81490909167 Loading...

	connect.facebook.net/en_GB/all.js#xfbml=1	3.1 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/en_GB/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash e327e6d4b83839f726c7aa6103c7df88 e70979aa5a49cf9e7064b1a8c2ee7d9d97c1ca17 bd7ff0518f54bb1ff84c042b8ebee788f599b874949cd479c0a1c0d5640746ef Loading...

	sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js	295 kB	2023-03-11	2023-03-11
Pretty URL sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js IP 45.133.44.25 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash e102e354a9aca7018eb5d795613a30a9 516421af7d8d0af0bb7b7221417b042e25330b2a a58cb0c61518127c7fe9bb905fe7c147073d89007a3d3a8ec6c27419e9c5d9ac Loading...

	www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html	283 B	2023-03-07	2023-03-11
Pretty URL www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html IP 104.21.75.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:24 Last Seen2023-03-11 22:14:49 Times Seen1 Hash f229dcc5d6929d5aad565d4d5b78e1eb 30be649717ebfb23fc724ee8182d9afd5639a8fe 7fced57adbbc3dfa47603af411ba0949dfbc9cd151793a862a1796e233ffddfd Loading...

HTTP Transactions (62)

URL IP Response Size

www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html

104.21.75.148

301 Moved Permanently

0 B

URL HTTP/1.1
www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html
IP
104.21.75.148:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /movie/1771/sanju-(2018)-movies.html HTTP/1.1
Host: www1.afilmywap.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 09:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 15 Nov 2022 10:31:16 GMT
Location: https://www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqlp0NSt4buLXS%2FHSPDmff01EmNDFMS%2FmNwzYntvznOl%2FmfIChW6Db06vz3BIA8A3fblUhdchzWnEo7PhJC1vNSKbaSsBVuMZeQXrGgxe5Tkv1CxEfwczbKVIwyx053MX5VOcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a6f9147f37b4eb-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4459
Expires: Tue, 15 Nov 2022 10:45:35 GMT
Date: Tue, 15 Nov 2022 09:31:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 814
Cache-Control: max-age=90815
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:16 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 10:44:51 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2780
Expires: Tue, 15 Nov 2022 10:17:36 GMT
Date: Tue, 15 Nov 2022 09:31:16 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
70a57d09882a08686935b6447ebebc89
19caa0c7a571a222ca5065e5a21eaa9385a6cdf4
7d6cd4ae2c406f20ca4aac84977dec3636b18ecb39747beeced3be9799b2e963

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7D6CD4AE2C406F20CA4AAC84977DEC3636B18ECB39747BEECED3BE9799B2E963"
Last-Modified: Sun, 13 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Tue, 15 Nov 2022 12:48:32 GMT
Date: Tue, 15 Nov 2022 09:31:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 08:44:25 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2811
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6pnFGKfCQJBgK+NLY3oVp41vuKTqrrQ6NXFMPjMpK/h+Qe/4goOtd2ulnch9qdHyxZzn+BnUYqY=
x-amz-request-id: SDYRWT7EVQSZYGR3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 08:51:29 GMT
age: 2387
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 09:31:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html

172.67.177.227

200 OK

5.1 kB

URL HTTP/2
www1.afilmywap.bz/movie/1771/sanju-(2018)-movies.html
IP
172.67.177.227:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4190), with CRLF, LF line terminators
Size
5.1 kB (5056 bytes)
Hash
13f6f4071fef9d8d4086a05461a2147b
c8dbc7e7778bdf359ec3ffc7f4c3e86622105920
fa169eb85c1422e4d69aac770b56a3284801082a285bad9c370eda8a094efc0f

HTTP Headers

GET /movie/1771/sanju-(2018)-movies.html HTTP/1.1
Host: www1.afilmywap.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'none'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkI7eQ8ysSh1zeXOVCvk2cXno75MCrIwX%2BgulJ%2FF8Ia7Wm8qRkw5VU4%2FzJEsX8xRiS6b2UHyjXDH0rh3dgfIRnk%2FTRQdkX9G0pUbkYmMArnrtUmK%2B8lzpOlWIZtLQ%2BHJtfACdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f9163a19b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74fcdf483831b1365d22787311766b41
9973f138e47d10dbf0e90cbea3a12009708a8566
6a4b400001c11ab92d0f28c765622aaf047ded8c7f6bb9d6288827a1d0c45c64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A4B400001C11AB92D0F28C765622AAF047DED8C7F6BB9D6288827A1D0C45C64"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10830
Expires: Tue, 15 Nov 2022 12:31:47 GMT
Date: Tue, 15 Nov 2022 09:31:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15af6df9e8dec447de802161befd312f
a67ec7ed4f57bd905a4395565f80ec7a5074c9bb
6cb39b52d0ef47c71dccd7d65ee899e82e8feabca91a1b996aa7854e2fb83bb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CB39B52D0EF47C71DCCD7D65EE899E82E8FEABCA91A1B996AA7854E2FB83BB1"
Last-Modified: Sun, 13 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16716
Expires: Tue, 15 Nov 2022 14:09:53 GMT
Date: Tue, 15 Nov 2022 09:31:17 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=UA-198155354-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-198155354-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43601 bytes)
Hash
6ee0389e29d838fe459e08acd02eabd7
0519fca88c14ac3b590ed540573b0f248c5f23ff
28df1fbcbc499952c95944ec4dde28d65d62ca6170a122341203977d1091f85b

HTTP Headers

GET /gtag/js?id=UA-198155354-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 09:31:17 GMT
expires: Tue, 15 Nov 2022 09:31:17 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b19f85e099631b3ad8a3ac887c999b2
45425cd8c307419c03a829e5231a009e9f366742
b0cac6d6ebcc2c8c2f2045cd4d8ef15be8d2bb79f3d740f38c189ed5f213469e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0CAC6D6EBCC2C8C2F2045CD4D8EF15BE8D2BB79F3D740F38C189ED5F213469E"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11446
Expires: Tue, 15 Nov 2022 12:42:03 GMT
Date: Tue, 15 Nov 2022 09:31:17 GMT
Connection: keep-alive

lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243

172.255.6.118

200 OK

25 B

URL HTTP/1.1
lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243
IP
172.255.6.118:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /r63726337a7ab263726337a7ab3/34243 HTTP/1.1
Host: lh.wabenaneper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:31:17 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 16-Nov-2022 09:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 16-Nov-2022 09:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

halltrasy.com/gqAKupXAAyO9OdQg/33550

172.255.6.34

200 OK

26 B

URL HTTP/1.1
halltrasy.com/gqAKupXAAyO9OdQg/33550
IP
172.255.6.34:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /gqAKupXAAyO9OdQg/33550 HTTP/1.1
Host: halltrasy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:31:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 16-Nov-2022 09:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 16-Nov-2022 09:31:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 09:25:01 GMT
cache-control: public,max-age=3600
age: 376
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39ed54d118ae43c615b5efd6cf46ac6f
05484ec9c0b28f3f662897b85f5a0d61ae0387f3
81f3958a1abfdd416fe8d78ab4b377d680aa9c957e1435a1f8b481883bad7f96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=161604
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:17 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 06:24:41 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 08:41:09 GMT
expires: Tue, 15 Nov 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 3008
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 15 Nov 2022 09:36:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

connect.facebook.net/en_GB/all.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_GB/all.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
f82ad51ea0bc2cd9380609bfdbe860b6
824309a9638fd39597980f50b161cb36dd92a35c
1b0a2481241a5a098d48955752f893b40486201f507e16dfc562842139349bef

HTTP Headers

GET /en_GB/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e327e6d4b83839f726c7aa6103c7df88
etag: "5f896f6a0c8d3414fc1b4ad6493a8f6f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 15 Nov 2022 09:40:44 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: +CrVHqC8LNk4Bgm/2+hgtg==
x-fb-debug: aotSXF7u9nqxU2/Jn0qWWp6ycUoiDWhrVgUsuqkqm/x1aURe1KBEiZCN7iNl0oQWxKHQqlxDR7JtFu6uccl5sw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 09:31:17 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2664d438bd28083756dbcdab36b3037
4a3ad4287e1f07a7e3aa9944aa76b360315c7946
c4fe64c23cb354bc2d012f5cd7edb7708b234b972f508d0510f264b684b41ebb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4FE64C23CB354BC2D012F5CD7EDB7708B234B972F508D0510F264B684B41EBB"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7019
Expires: Tue, 15 Nov 2022 11:28:16 GMT
Date: Tue, 15 Nov 2022 09:31:17 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39ed54d118ae43c615b5efd6cf46ac6f
05484ec9c0b28f3f662897b85f5a0d61ae0387f3
81f3958a1abfdd416fe8d78ab4b377d680aa9c957e1435a1f8b481883bad7f96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=161604
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:17 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 06:24:41 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

na.nawpush.com/tags/5970?version_name=c

45.133.44.24

200 OK

995 B

URL HTTP/2
na.nawpush.com/tags/5970?version_name=c
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (995), with no line terminators
Size
995 B (995 bytes)
Hash
3c99ad15455f5237f094a7fc4a2bbe22
6582db1e57f9abf50e23df218d0f2cef0658c4a3
c601c2c3073861cee0ed37c19f13607d579fcfd5fbeaceba9d592711e6b721c4

HTTP Headers

GET /tags/5970?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:17 GMT
content-type: application/json
content-length: 995
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5837
Cache-Control: max-age=90781
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:31:17 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:44:18 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18734)
Size
87 kB (86738 bytes)
Hash
918f30f09b722b129644020d28d4b2e9
713047a6b63c9c7bfbc6b6b0bb00e3d6a9a4ef2e
b0bad5118e63b4c974c63850e469a626547b486c54554b410017663003791753

HTTP Headers

GET /en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6461dc09fc66862591e393e371d95831
etag: "5a9aeb4921ce312e473e6644b5241011"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 15 Nov 2023 09:00:44 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: kY8w8JtyKxKWRAINKNSy6Q==
x-fb-debug: +YaLC+u7zYtFOhNNr7ItuKOXLRV/Nq8iNjSTAOb6RRw0wOyFdz45HlRWj2RTVYpD2t6gnWxthKqzZOsrs99z2A==
content-length: 86738
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 09:31:17 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df89a01a7297a%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff391b9db2394388%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F1771%2Fsanju-(2018)-movies.html&locale=en_GB&sdk=joey&width=470

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df89a01a7297a%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff391b9db2394388%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F1771%2Fsanju-(2018)-movies.html&locale=en_GB&sdk=joey&width=470
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df89a01a7297a%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff391b9db2394388%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F1771%2Fsanju-(2018)-movies.html&locale=en_GB&sdk=joey&width=470 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: PyH1e/bMc+x47J5wNaN6r4QUkFDfiDUR04EKZEqZ+bUlhWQ5qPFp+/Y+9UbqFkctuLYOueyMuL7gSjk/VL8bFA==
content-length: 0
date: Tue, 15 Nov 2022 09:31:17 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=5970

157.90.84.242

204 No Content

37 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=5970
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
37 B (37 bytes)
Hash
00b2108196841dd498dfce478c01203a
2d5219e47e91755d531f5c12d4cd5058bd6e06c2
7aea87b1bb33d4a64b7667a0fc7a439dd00c01eb64d22f93246c602e71401858

HTTP Headers

OPTIONS /fp?tag_id=5970 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.afilmywap.bz/
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 09:31:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

push.services.mozilla.com/

54.148.17.90

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.17.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zgj9udQElrBz3QFwvqjDpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: amzL+87XCkLETLT5iHnzwNZ8pAg=

notification.tubecup.net/tags?tag_id=5970&timezone_olson=UTC&version_name=c

159.69.161.134

204 No Content

0 B

URL HTTP/2
notification.tubecup.net/tags?tag_id=5970&timezone_olson=UTC&version_name=c
IP
159.69.161.134:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tags?tag_id=5970&timezone_olson=UTC&version_name=c HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:18 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a3764c12539f762ba5a4dc8cba9637af
d06cb9bc3b07f9506b1ed41dcb7598d621f4cab5
d64302c1b5eda28f73ab9a6e011a1d730efcab405e1f207d681d2eb5f4c3e1e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D64302C1B5EDA28F73AB9A6E011A1D730EFCAB405E1F207D681D2EB5F4C3E1E8"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Tue, 15 Nov 2022 14:12:07 GMT
Date: Tue, 15 Nov 2022 09:31:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec5c409661e34821e906d3f57f91bd57
dd595596e9327e0a9c3352a6193e14c5e29bd60e
52dc8fee346332a71c3c8d483dcdbb3d3a889889de0592e3e5547ec0991b6fba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52DC8FEE346332A71C3C8D483DCDBB3D3A889889DE0592E3E5547EC0991B6FBA"
Last-Modified: Mon, 14 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5974
Expires: Tue, 15 Nov 2022 11:10:52 GMT
Date: Tue, 15 Nov 2022 09:31:18 GMT
Connection: keep-alive

fp.metricswpsh.com/fp?tag_id=5970

157.90.84.242

200 OK

27 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=5970
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
27 B (27 bytes)
Hash
183e6bf6f5c39525b4c471c26331c4e4
fc2a0d615a704c8b198b65ce47716b2e168f956e
1127af318c7d62b581d8bb11d56417fef7072f10e3df42bdfb75ba72f94dbe0a

HTTP Headers

POST /fp?tag_id=5970 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22287
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 09:31:18 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Set-Cookie: id=9319911605905661595; Expires=Wed, 15 Nov 2023 09:31:18 GMT; Secure; SameSite=None
Vary: Origin

ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ1OTM2Mzc1OTgyODI3MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE1LjEiLCJ0YWdfaWQiOjU5NzAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiU2FuanUlMkMoMjAxOCklMkNGdWxsJTJDTW92aWUlMkNEb3dubG9hZCUyQ0ZpbG15d2FwJTJDZnJlZSUyQ2Rvd25sb2FkJTJDbW9iaWxlJTJDbW92aWVzJTJDc2FuanUlMkMoMjAxOCklMkNtb3ZpZXMlMkNzYW5qdSUyQygyMDE4KSUyQ2Z1bGwlMkNtb3ZpZSUyQ2Rvd25sb2FkJTJDZmlsbXl3YXAlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ0Z1bGwlMkNNb3ZpZSUyQ0FGaWxteXdhcCUyQ0Rvd25sb2FkJTJDZG93bmxvYWQlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ==

45.133.44.25

200 OK

0 B

URL HTTP/2
ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ1OTM2Mzc1OTgyODI3MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE1LjEiLCJ0YWdfaWQiOjU5NzAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiU2FuanUlMkMoMjAxOCklMkNGdWxsJTJDTW92aWUlMkNEb3dubG9hZCUyQ0ZpbG15d2FwJTJDZnJlZSUyQ2Rvd25sb2FkJTJDbW9iaWxlJTJDbW92aWVzJTJDc2FuanUlMkMoMjAxOCklMkNtb3ZpZXMlMkNzYW5qdSUyQygyMDE4KSUyQ2Z1bGwlMkNtb3ZpZSUyQ2Rvd25sb2FkJTJDZmlsbXl3YXAlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ0Z1bGwlMkNNb3ZpZSUyQ0FGaWxteXdhcCUyQ0Rvd25sb2FkJTJDZG93bmxvYWQlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ==
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ1OTM2Mzc1OTgyODI3MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE1LjEiLCJ0YWdfaWQiOjU5NzAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiU2FuanUlMkMoMjAxOCklMkNGdWxsJTJDTW92aWUlMkNEb3dubG9hZCUyQ0ZpbG15d2FwJTJDZnJlZSUyQ2Rvd25sb2FkJTJDbW9iaWxlJTJDbW92aWVzJTJDc2FuanUlMkMoMjAxOCklMkNtb3ZpZXMlMkNzYW5qdSUyQygyMDE4KSUyQ2Z1bGwlMkNtb3ZpZSUyQ2Rvd25sb2FkJTJDZmlsbXl3YXAlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ0Z1bGwlMkNNb3ZpZSUyQ0FGaWxteXdhcCUyQ0Rvd25sb2FkJTJDZG93bmxvYWQlMkNTYW5qdSUyQygyMDE4KSUyQ01vdmllcyUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ== HTTP/1.1
Host: ffafb23ea4.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:18 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
39a4203bdbb9872ddbfd3b3722235e6c
d99036d5aae7db9ae2a0a261a98253a6b5c28e79
6f3e83322f7e7fabad1bbeb4b4fa84be48b377e1d2a29e58e941900333799404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F3E83322F7E7FABAD1BBEB4B4FA84BE48B377E1D2A29E58E941900333799404"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12756
Expires: Tue, 15 Nov 2022 13:03:54 GMT
Date: Tue, 15 Nov 2022 09:31:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
39a4203bdbb9872ddbfd3b3722235e6c
d99036d5aae7db9ae2a0a261a98253a6b5c28e79
6f3e83322f7e7fabad1bbeb4b4fa84be48b377e1d2a29e58e941900333799404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F3E83322F7E7FABAD1BBEB4B4FA84BE48B377E1D2A29E58E941900333799404"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12756
Expires: Tue, 15 Nov 2022 13:03:54 GMT
Date: Tue, 15 Nov 2022 09:31:18 GMT
Connection: keep-alive

nereserv.com/in/dip?site=native-push&wl=0&event_id=23eaa9fa-ac04-4f3c-85d9-e2f0d9a90178&subid=1410812804&sid=4124668509&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1

168.119.25.22

200 OK

0 B

URL HTTP/2
nereserv.com/in/dip?site=native-push&wl=0&event_id=23eaa9fa-ac04-4f3c-85d9-e2f0d9a90178&subid=1410812804&sid=4124668509&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=0&event_id=23eaa9fa-ac04-4f3c-85d9-e2f0d9a90178&subid=1410812804&sid=4124668509&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js

45.133.44.25

200 OK

72 kB

URL HTTP/2
sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (72448 bytes)
Hash
dcbdf2ca1ffcb0902d70e421c4da9ba5
5e7ad95d5619524051ef16f4743af30d69939f49
0568da6482f4e73a3335669cfade4424c292796445ba52f09a956d2e87576bec

HTTP Headers

GET /npc/sdk/wpu/ipnpush.m.js HTTP/1.1
Host: sw.swwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 09:04:51 GMT
etag: W/"63735633-480a4"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:36:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11290 bytes)
Hash
49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:13:35 GMT
age: 19064
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9311 bytes)
Hash
c5f45accbd2d3551103631fa77deee8f
7295ef4c52bcea1be24b963d7ff170ef5bacf713
495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: 32874a50-bbc5-4246-a819-cd65fe918bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuFsG5IIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d57-64c21f6448b29b4710c8c638;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:08:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wLkQgLmUk7U5jQPXEljFQpuwHVgHUKHHA63UwzEicdLPMMo1decu3g==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 05:54:08 GMT
age: 13031
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 00:41:48 GMT
age: 31771
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7982 bytes)
Hash
508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:48 GMT
age: 42211
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5856 bytes)
Hash
b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: 5261109d-ca5e-4b77-b0a2-17b634a51fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtpFvRoAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff0-570bdfbd329fe34b47d8c7a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8XeCtd88wwfynTV2w67E7r__KCAAIAsfv7sg67o_HSehIsIBae_SkQ==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:01:21 GMT
age: 19798
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9446 bytes)
Hash
fcd8c821cc1f76bbeb3535701b0385e5
398ee550da0a20bd7acf15287ef478fcf08f4738
6b55b0f3a025cf90ac05ae6f5689349ce2eb32d067498de7301ec5a307247a0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9446
x-amzn-requestid: a8e15861-ac8b-4b6a-b1a7-235fcae0c124
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blF8lHfjIAMFqpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e9e9-42c44c247dd4e04d292eb953;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: O-q5RI1NQrxVuEdLNyLnsdxqnFbyn9okLo3Xi8S5wHCfhD4wUP3RMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 07:45:45 GMT
age: 6334
etag: "398ee550da0a20bd7acf15287ef478fcf08f4738"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/multy

168.119.25.22

200 OK

14 kB

URL HTTP/2
5ab760da26.bf34686748.com/in/multy
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (14280), with no line terminators
Size
14 kB (14292 bytes)
Hash
89288f376803649d35c08a202a9e9cad
c208824e5e62bcf3373b10f16fb390b8142973f6
3d9ff033e92069bd8bbf687e5a0b783ce3812666d55e1131412db97c8e94fc73

HTTP Headers

POST /in/multy HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1091
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:19 GMT
content-type: application/json
content-length: 14292
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=13369&price=0.00162486&is_cpm=0&cpm=0&ecpm=0.018886043325856684&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-15&is_native=2&auction_queue=0&burl=zkGre8I1Wi44sWGkUJkEcyx082UETj3UF5mQADhfBed2SzEJMo2KMQ&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=729db724a4a53369ff4e412b4773dc2a&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00162486&user_fp=0&v2_track=0&url=FzE5QJx21hBYRUflLbEKYbCagsicXAIbNjBejuwK2kgYW-QtXUQwiRSeQndjcgk1l7E6-EBuXImbAllWUANF82fQMX2khH28Y7kWZBGzlOT1Xvo8c5pokMUTOVEvQlltU6VqMXwdBBSajL_IC0HKkEpq4zMqabN5CzwQWsTlt4THBzUVoA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.0011983342500000002&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=60e1847d-9b91-41da-822b-1983e22eca59

168.119.25.22

302 Found

0 B

URL HTTP/2
5ab760da26.bf34686748.com/in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=13369&price=0.00162486&is_cpm=0&cpm=0&ecpm=0.018886043325856684&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-15&is_native=2&auction_queue=0&burl=zkGre8I1Wi44sWGkUJkEcyx082UETj3UF5mQADhfBed2SzEJMo2KMQ&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=729db724a4a53369ff4e412b4773dc2a&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00162486&user_fp=0&v2_track=0&url=FzE5QJx21hBYRUflLbEKYbCagsicXAIbNjBejuwK2kgYW-QtXUQwiRSeQndjcgk1l7E6-EBuXImbAllWUANF82fQMX2khH28Y7kWZBGzlOT1Xvo8c5pokMUTOVEvQlltU6VqMXwdBBSajL_IC0HKkEpq4zMqabN5CzwQWsTlt4THBzUVoA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.0011983342500000002&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=60e1847d-9b91-41da-822b-1983e22eca59
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=13369&price=0.00162486&is_cpm=0&cpm=0&ecpm=0.018886043325856684&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-15&is_native=2&auction_queue=0&burl=zkGre8I1Wi44sWGkUJkEcyx082UETj3UF5mQADhfBed2SzEJMo2KMQ&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=729db724a4a53369ff4e412b4773dc2a&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00162486&user_fp=0&v2_track=0&url=FzE5QJx21hBYRUflLbEKYbCagsicXAIbNjBejuwK2kgYW-QtXUQwiRSeQndjcgk1l7E6-EBuXImbAllWUANF82fQMX2khH28Y7kWZBGzlOT1Xvo8c5pokMUTOVEvQlltU6VqMXwdBBSajL_IC0HKkEpq4zMqabN5CzwQWsTlt4THBzUVoA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.0011983342500000002&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=60e1847d-9b91-41da-822b-1983e22eca59 HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591078&created_at=2022-11-15&is_native=1&auction_queue=0&burl=lPF4y1rPaG_u45BD1OiMLetrlNN-RKiXLytQZQl8ZOGT6P1MHKuqpg&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=5dfa408ff3b314b9064db99550c26cf0&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00105&user_fp=0&v2_track=0&url=8C_kaO_y_-l4zY-dRVxNuSN5DKfF8YyrrjBQ68uXDCKue-0XJaiO-_wMUX-2GKUH-sJ0sbVfvKLXvPsfkWIlcvIp-UTh5EFoTtLxKtlPqvN0VBS-FiMduUOyG2SMQVpQgk1RYoU&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3D30Z1d%2AJtnZ0_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=ea689e89-921c-4cfa-8120-98b6f58c3360

168.119.25.22

302 Found

0 B

URL HTTP/2
5ab760da26.bf34686748.com/in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591078&created_at=2022-11-15&is_native=1&auction_queue=0&burl=lPF4y1rPaG_u45BD1OiMLetrlNN-RKiXLytQZQl8ZOGT6P1MHKuqpg&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=5dfa408ff3b314b9064db99550c26cf0&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00105&user_fp=0&v2_track=0&url=8C_kaO_y_-l4zY-dRVxNuSN5DKfF8YyrrjBQ68uXDCKue-0XJaiO-_wMUX-2GKUH-sJ0sbVfvKLXvPsfkWIlcvIp-UTh5EFoTtLxKtlPqvN0VBS-FiMduUOyG2SMQVpQgk1RYoU&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3D30Z1d%2AJtnZ0_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=ea689e89-921c-4cfa-8120-98b6f58c3360
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?mid=1443520105123942161&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=4124668509&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-2-b&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591078&created_at=2022-11-15&is_native=1&auction_queue=0&burl=lPF4y1rPaG_u45BD1OiMLetrlNN-RKiXLytQZQl8ZOGT6P1MHKuqpg&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB1-5&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=5dfa408ff3b314b9064db99550c26cf0&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00105&user_fp=0&v2_track=0&url=8C_kaO_y_-l4zY-dRVxNuSN5DKfF8YyrrjBQ68uXDCKue-0XJaiO-_wMUX-2GKUH-sJ0sbVfvKLXvPsfkWIlcvIp-UTh5EFoTtLxKtlPqvN0VBS-FiMduUOyG2SMQVpQgk1RYoU&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3D30Z1d%2AJtnZ0_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=ea689e89-921c-4cfa-8120-98b6f58c3360 HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://xml.serve-rtb.com/thumbnail?i=30Z1d*JtnZ0_0&imgt=icon
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3071fcf7f084c149fad8e8e1fac5e244
47146509986d6f091b326db9d70b443b8e33d3fc
8124d49a22f26f7324060870d3cc002c2c51d4efcdcb0f71a1b103045c97474c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8124D49A22F26F7324060870D3CC002C2C51D4EFCDCB0F71A1B103045C97474C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7887
Expires: Tue, 15 Nov 2022 11:42:46 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

88.198.209.15

200 OK

590 B

URL HTTP/2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
88.198.209.15:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
590 B (590 bytes)
Hash
debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

HTTP Headers

GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:31:19 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

xml.serve-rtb.com/thumbnail?i=30Z1d*JtnZ0_0

172.64.133.15

302 Found

0 B

URL HTTP/2
xml.serve-rtb.com/thumbnail?i=30Z1d*JtnZ0_0
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=30Z1d*JtnZ0_0 HTTP/1.1
Host: xml.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 15 Nov 2022 09:31:19 GMT
content-length: 0
location: https://static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf4rUhe%2BQXuGu0uX%2BomL%2ByYeKgakSQmKcz2QaBo2mmV4zKqCKRCqUApfZ2RH9OvMIL620FPOA8GHBPmYTXl9GGBZg7F5xxLfk1q0neBJpBK5ZRb5rkLancddecyUu%2Bcag6JZPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f9289cf87774-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xml.serve-rtb.com/thumbnail?i=30Z1d*JtnZ0_0&imgt=icon

172.64.133.15

302 Found

0 B

URL HTTP/2
xml.serve-rtb.com/thumbnail?i=30Z1d*JtnZ0_0&imgt=icon
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=30Z1d*JtnZ0_0&imgt=icon HTTP/1.1
Host: xml.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Tue, 15 Nov 2022 09:31:19 GMT
content-length: 0
location: https://static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWRw4o%2Baw%2BkZNM2wMtFf4tP3BjojRQwyipIt%2FiZE4fRtj7zbSgAIH2utphRJab6tGns5xbh%2B5xm%2B%2Bu0O2IAId%2Fj4798w7pJEMAJrOa7iA1%2Fw3fa6myLLeM8l0fAfDudI20g36A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f9289cfb7774-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg

172.64.133.15

200 OK

14 kB

URL HTTP/2
static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13890 bytes)
Hash
9d1b26ee7c737395b9bc689126ca1963
80404743f017176fcea239a2405bbdfb96d9d4ff
ba8a5b1043b81b0f8ac325b2eb4f7407ef0f6aec29d27b280813e481a6f910f9

HTTP Headers

GET /n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg HTTP/1.1
Host: static.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:19 GMT
content-type: image/jpeg
content-length: 13890
last-modified: Fri, 04 Nov 2022 11:47:13 GMT
etag: "6364fbc1-3642"
cache-control: max-age=86400
x-hw: 1667605435.cds264.lo4.h2,1667605435.cds249.lo4.c
access-control-allow-origin: *
cf-cache-status: HIT
age: 12570
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDduH97vY5eK1j%2FQcllddFwbAl%2BlrQFZwgVFaq3MK0DSisdfzupksDXBLt1A%2Bu1Kj4UXZt0Fgk6AaP6R0Asa%2FTdzy00jE%2Bf1d6dVHOq%2FAH8HOPozXah4bciO6iC5QBMnDfEcannb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a6f9296e237774-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg

172.64.133.15

200 OK

14 kB

URL HTTP/2
static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13890 bytes)
Hash
9d1b26ee7c737395b9bc689126ca1963
80404743f017176fcea239a2405bbdfb96d9d4ff
ba8a5b1043b81b0f8ac325b2eb4f7407ef0f6aec29d27b280813e481a6f910f9

HTTP Headers

GET /n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg HTTP/1.1
Host: static.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:19 GMT
content-type: image/jpeg
content-length: 13890
last-modified: Fri, 04 Nov 2022 11:47:17 GMT
etag: "6364fbc5-3642"
cache-control: max-age=86400
x-hw: 1667605435.cds222.lo4.h2,1667605435.cds214.lo4.c
access-control-allow-origin: *
cf-cache-status: HIT
age: 12570
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uERubAnETNER9LAeM57bBgeLcRJGhFOckUz8WqPfn5YU0ZZ43s%2BOOvROrO5YRxM2A6pXJycOTJo2el6EBC4Uv9tT7UYWA%2B9rcW8W%2F4B3QE4L%2BWGd3BSo8H0I2Q5PJC60M45IvXSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a6f9297e387774-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3071fcf7f084c149fad8e8e1fac5e244
47146509986d6f091b326db9d70b443b8e33d3fc
8124d49a22f26f7324060870d3cc002c2c51d4efcdcb0f71a1b103045c97474c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8124D49A22F26F7324060870D3CC002C2C51D4EFCDCB0F71A1B103045C97474C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7887
Expires: Tue, 15 Nov 2022 11:42:46 GMT
Date: Tue, 15 Nov 2022 09:31:19 GMT
Connection: keep-alive

js.wpadmngr.com/static/adManager.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:36:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.m.js

45.133.44.25

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:31:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 01 Nov 2022 13:27:00 GMT
etag: W/"63611ea4-171bc"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:36:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations