Overview

URL www1.gomovies.cyou/movie/-the-lord-of-the-rings-the-two-towers-2002/watching.html?ep=1&sv=9
IP104.21.88.252
ASNCLOUDFLARENET
Location
Report completed2022-09-27 18:40:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 moksoxos.com Sinkholed
2022-09-27 2 fleraprt.com Sinkholed
2022-09-27 2 goomaphy.com Sinkholed
2022-09-27 2 goomaphy.com Sinkholed
2022-09-27 2 goomaphy.com Sinkholed
2022-09-27 2 unphionetor.com Sinkholed
2022-09-27 2 moksoxos.com Sinkholed


Files

No files detected



Passive DNS (26)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS goomaphy.com (3) 0 2022-07-22 19:39:03 UTC 2022-09-27 16:23:08 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS player.123moviesfree.ltd (2) 340087 2020-07-18 11:58:30 UTC 2022-09-26 09:18:22 UTC 172.67.165.49
mnemonic passive DNS unphionetor.com (1) 54035 2022-02-11 12:53:49 UTC 2022-09-27 15:05:17 UTC 139.45.197.236
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 12:39:40 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 52.35.74.102
mnemonic passive DNS w1.123movies.cards (13) 0 2022-03-01 19:44:16 UTC 2022-09-26 09:17:25 UTC 104.21.77.21 Domain (123movies.cards) ranked at: 841651
mnemonic passive DNS tovanillitechan.com (5) 0 2022-07-22 05:21:08 UTC 2022-09-27 15:22:08 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-27 04:54:13 UTC 139.45.195.8
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-27 15:22:08 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-09-27 15:22:09 UTC 139.45.197.152
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-27 12:08:14 UTC 93.184.220.29
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.24.14
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-27 17:50:47 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.25
mnemonic passive DNS moksoxos.com (2) 0 2022-08-22 14:41:03 UTC 2022-09-27 16:37:38 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 15:18:37 UTC 142.250.74.174
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-27 04:52:54 UTC 69.16.175.42
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-27 15:13:10 UTC 104.18.32.68
mnemonic passive DNS www1.gomovies.cyou (2) 0 2022-09-18 11:21:39 UTC 2022-09-27 08:16:43 UTC 172.67.155.49 Domain (gomovies.cyou) ranked at: 96429
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 14:55:40 UTC 143.204.55.27
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 104.21.88.252

Date UQ / IDS / BL URL IP
2022-12-01 10:16:12 +0000
0 - 0 - 1 cleverevoke.top/ 104.21.88.252
2022-10-27 08:04:50 +0000
0 - 0 - 2 tryluckysurveynow.top/ 104.21.88.252
2022-10-16 08:09:47 +0000
0 - 0 - 2 tryluckysurveynow.top/ 104.21.88.252
2022-09-27 18:40:01 +0000
0 - 0 - 7 www1.gomovies.cyou/movie/-the-lord-of-the-rin (...) 104.21.88.252

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-03 18:31:41 +0000
0 - 0 - 5 highest-value.me/steam_gift_cards 188.114.96.1
2022-12-03 18:30:20 +0000
1 - 0 - 1 storageapi.fleek.co/f65409f0-fc6e-416e-8256-7 (...) 104.18.7.145
2022-12-03 18:28:59 +0000
0 - 0 - 66 409n7.com/ 104.21.83.220
2022-12-03 18:28:21 +0000
0 - 0 - 7 bafybeid54hc3gffgs7f67dym7q6jzr2jpyjn7m7w2a32 (...) 104.18.22.52
2022-12-03 18:28:16 +0000
0 - 0 - 1 www.sabishare.com/file/qFgRVLvhg15-zola-2020- (...) 188.114.96.1

Last 1 reports on domain: gomovies.cyou

Date UQ / IDS / BL URL IP
2022-09-27 18:40:01 +0000
0 - 0 - 7 www1.gomovies.cyou/movie/-the-lord-of-the-rin (...) 104.21.88.252

No other reports with similar screenshot



JavaScript

Executed Scripts (50)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (74)


Request Response
                                        
                                            GET /movie/-the-lord-of-the-rings-the-two-towers-2002/watching.html?ep=1&sv=9 HTTP/1.1 
Host: www1.gomovies.cyou
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.155.49
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 18:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 19:39:50 GMT
Location: https://www1.gomovies.cyou/movie/-the-lord-of-the-rings-the-two-towers-2002/watching.html?ep=1&sv=9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JI17OGiPrekPI5kpd1OMcjQhZ4RSqCU5AgaY7ZDuF8z%2FMM7c9%2FAulbD%2FqBUIVNjuAIKAKXvioTQvdkRo48eZpl4tSijc%2FtE1v0PC%2F8dwoPgA66w8wx2csPjUDQqzu9Qr62wgFw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75165d42bfed0b3d-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 18:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uR7wikA8cq8zKMnQCcpuB2RMGqRjkoofEh54xGXKA1rMB1QR1452OA==
Age: 1460


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5673
Expires: Tue, 27 Sep 2022 20:14:23 GMT
Date: Tue, 27 Sep 2022 18:39:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PN_1U_6t-jFXhJ5JrqdjxBSPAzalZMICg7MA7dWhxSdHbPLXfJvoTw==
age: 33337
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1784
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:39:50 GMT
Last-Modified: Tue, 27 Sep 2022 18:10:06 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 18:10:46 GMT
Expires: Tue, 27 Sep 2022 19:04:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jzGA4Pk6_cO_qdYmbMmnbV4ETRQF_UwZLiJiCRuKikHaZh9dgSZ5Kw==
Age: 1744


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1785
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:39:51 GMT
Last-Modified: Tue, 27 Sep 2022 18:10:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3095
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:39:51 GMT
Last-Modified: Tue, 27 Sep 2022 17:48:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5989
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:39:51 GMT
Last-Modified: Tue, 27 Sep 2022 17:00:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/octet-stream; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3017313
expires: Sun, 17 Sep 2023 18:39:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEH4H5Kb7ri0Se606nySbGH%2FMsA8rHCr5VI2LxyHopRIivZH6Ixm1cb%2F1lU%2BE88U29bhRguyvX01%2B1uPqIzLMlhm94ES1fO%2BRQpPd2TiftKXjYxaIoQZlXDoSba%2BjyXkrIVK1YGa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165d49bceb0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5989
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:39:51 GMT
Last-Modified: Tue, 27 Sep 2022 17:00:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fQbDA24zTg0TrcrZo9RztA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4Nl72pMyjM0ecCU3xooVjuIMtwY=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2403
Md5:    5d22c39f0568bf66d8cae5fb183c48d2
Sha1:   22906de26cadf5613f85d4dd5c3ef010a9902564
Sha256: 0c76f340d5d77239f41ab16e25fdfb96b6a66161e8dd2b1d338304e4041d6d42
                                        
                                            GET /gtag/js?id=UA-138303733-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:39:51 GMT
expires: Tue, 27 Sep 2022 18:39:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42378
Md5:    01432056f752dc0a4a9aa28728aa0771
Sha1:   a7f2a2f5eb9d677c3b42a9219092a16baa925829
Sha256: 279a1e7fb1e1c8ac2e011b302d300229245c960fd010321253be9d4847739965
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   21713
Md5:    c6fc2d4a52687ecb04efcf3c8f1d1848
Sha1:   071f0ad645d608c1144b03cf77e0e78ca28bd507
Sha256: 55c047407f28a8b4d19cf70c6220dfd623c4093d8af46093010d97aed3ce56f4
                                        
                                            GET /thumbs/images/daughter.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 9911
last-modified: Sat, 14 Aug 2021 06:35:54 GMT
cache-control: max-age=31536000
expires: Mon, 25 Sep 2023 17:44:10 GMT
etag: "6117644a-26b7"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 176141
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9T82Ix3%2BIS9hiHyTnbW7xFl%2BTnItKbHaAu%2B16yEKnI6uiERibfdtX%2F935fsBFaETicBtuY3WurBr5pOsa1X9DnVLNJvOUIdqWgN%2FPegVI8cKDhY%2FL%2Bo6f6jvtue9r5LuY%2FaujE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde630b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Size:   9911
Md5:    3339f86ce4310088621da3ad98d92be5
Sha1:   7463d8c858aedc583ddb9c6eee38fdd69006b8cf
Sha256: 02dead5d71917eb9b40a82f4e3f975e1c69a5ace327eb88f54abe688c6c9c192
                                        
                                            GET /thumbs/images/Below%20Deck%20Mediterranean.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 8214
last-modified: Tue, 22 Jun 2021 18:35:20 GMT
cache-control: max-age=31536000
expires: Sat, 16 Sep 2023 14:08:16 GMT
etag: "60d22d68-2016"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 966695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GcqlJVzOy0GULa8GzhlCcsYPh6phdzbZ6WpuEYu5CZx9AEQLzbMFwZxYgc%2FKqDMbVAMYmenbtrSC5QqLhbPk1FcXp31cNbhZ%2FFVuqVAa5KW2lTgYRdiDXoDFZPOuAYF8OUt8ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde640b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 182x268, components 3\012- data
Size:   8214
Md5:    89cd3454c64f565a499da2a9a1bbcd75
Sha1:   8399e421bac95ec229a39e2da98841635e232e29
Sha256: edb6ee03c96aaf807fd2cdfcfdefd76003cc667f385c3626e4ab5e57644ba7c7
                                        
                                            GET /thumbs/images/another-soul.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 9694
last-modified: Sat, 14 Aug 2021 06:35:52 GMT
cache-control: max-age=31536000
expires: Mon, 25 Sep 2023 18:51:17 GMT
etag: "61176448-25de"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 172114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x34jR6K2OsX1QKVOlXehD6vCb%2FiVT7zDwLlFmUt4ns4%2FAlEsQefMtlQIu7zZdiGdTek9DRPec%2F9V%2BBxIYvECimYYoLEGc1gybLKi5pwULAkxNpowOiOfLpFrSE7OaD%2B%2BNp9VE8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde670b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 193x300, components 3\012- data
Size:   9694
Md5:    6ccc14533a65578772272edde1f7b909
Sha1:   9cd2c741ab6d7ea6714909069cbb171f3b644c1a
Sha256: c81a36b174ef52f0c634d7fae6ec143161f7c8d00f04f31b7c4b7ccb3ffc8509
                                        
                                            GET /thumbs/images/the-curse-of-sleeping-beauty.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 15847
last-modified: Sat, 14 Aug 2021 06:35:46 GMT
cache-control: max-age=31536000
expires: Fri, 15 Sep 2023 17:39:53 GMT
etag: "61176442-3de7"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1040398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Uo8bKbxS42hlxoOg8u8R0iRPOsHEIHsYS4eDqoXjEcM8rWhDm5D6QbRS0mtsSFSB2nvqAJD4bEDiFjnjL0jL7qy3RBqZKux2fcKhvFDSo7vg0vclN21vS7ujHf2h33nn1FvSPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde6a0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x300, components 3\012- data
Size:   15847
Md5:    70abfda1b5cf2529b9c08b062f7f04e2
Sha1:   cad4fcede31f51f66ebb7d30de2580ba1ba47b90
Sha256: 28d3d655a2186113edf1a4ad885f5defe481484e6e1e5bb5fdb04c192dc1cb7e
                                        
                                            GET /thumbs/images/the-proposal.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 12361
last-modified: Sat, 14 Aug 2021 06:35:56 GMT
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 18:05:51 GMT
etag: "6117644c-3049"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 88439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHbC9xu40uKBrGRP5ejb2enCMAbLHDNIIzvO42H4i14Oyxdfz30yCUO631hFoMZAdyRk2l29su3hT9X71ZwsN4JbtoCkekj%2B1opxhU9jlzlKnJrPgJQ4kLgy7oIJTc9upN3Q8YA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde6c0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 203x300, components 3\012- data
Size:   12361
Md5:    f4372570a3b2b485557c2a03561955b0
Sha1:   cb13ef1004b333983f375742f922c926d7fe6367
Sha256: 6cfdf5b0224f381ccf48d9dae547a2b45bef429a9614a54a37ee1651c1578918
                                        
                                            GET /thumbs/images/-the-lord-of-the-rings-the-two-towers-2002.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 17114
last-modified: Sat, 14 Aug 2021 06:35:50 GMT
cache-control: max-age=31536000
expires: Thu, 24 Aug 2023 23:06:26 GMT
etag: "61176446-42da"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 2921604
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6Hqt4Jv7FVWr1NcCMRXPUydXHJ9e8QjsCEWFhf7tbtD2EqCGNlK74NZ9LaToGN%2FADp3l7RzSDyyf5zkhrtq6zc75usug7KqnBvAdLJX6hRPtwU7B42%2F%2FVSb%2BsdEi2ohggQNEGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde6b0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Size:   17114
Md5:    bd03023721714f0b6c4b7052d70f15ce
Sha1:   4a9a3a814ffb13b715c943eabd8da01e56f9eb50
Sha256: 7bce54cd98cc46f4c2b618a9e9f8171daa9e20acbdbc9df1c4d6b47f4d1f425a
                                        
                                            GET /thumbs/images/the-scorpion-king-rise-of-a-warrior.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 30734
last-modified: Sat, 14 Aug 2021 06:35:54 GMT
cache-control: max-age=31536000
expires: Fri, 15 Sep 2023 21:50:44 GMT
etag: "6117644a-780e"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 1025347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQUrXFDmR%2FNH7aXxzsjQ6kr%2BKot9lCfORSQfFSi9RB0skOIFUCWbCbjtd2VK7kaJwUAyky21gfiHrWKPRleHTahRBZdE6dToPL3yV0M7M012ztjMB2wnlhBrfw%2BGHDfVRF347EA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde690b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 221x300, components 3\012- data
Size:   30734
Md5:    1db6044ae6200744f9613387a14132a8
Sha1:   266c961c9e414d5ebf6adb60680fe58e188d9b4e
Sha256: 44648727a3b6304dd49ee0bb4104fc6bb1a175b81d1a2c34779650a11cf65084
                                        
                                            GET /thumbs/images/brimstone-incorporated.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 23546
last-modified: Sat, 14 Aug 2021 06:35:56 GMT
cache-control: max-age=31536000
expires: Sat, 23 Sep 2023 17:06:47 GMT
etag: "6117644c-5bfa"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 351184
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cknSyZb7b19%2BYvhyEGZOkyWm5uu1k9SEKMa8A9PzmLsBhd7zjxz9h7h%2F0tgHkowmW24Z7DEv21XVNihZJ3tWOVA1h0K37UTsK%2F%2FcocEVYymtnlIsITn5eX8k8EgGjFeYDDqJhp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde620b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Size:   23546
Md5:    232907a59934bae0643d053afec3d8f3
Sha1:   d9afe72694503be5f6c38170e5293cc028a2c6f1
Sha256: f8c06d8971f86036180dc8ef58560af42cf965506f3fad3375997f7fa36ea24f
                                        
                                            GET /thumbs/images/tan.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 6433
last-modified: Wed, 13 Oct 2021 16:19:16 GMT
cache-control: max-age=31536000
expires: Sat, 23 Sep 2023 20:21:26 GMT
etag: "61670704-1921"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 339505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAsg9eFIqnw5Gush7cqJoRwQOYuJjdVGIzf94BlQEWVwo%2FpqmqRkiL7RDpK75rZ1N4G8iVeKcswR0YA7w17DHphBobz%2BKG7QTCVvUpQd4yg2eIrd4R%2B1e7uJZ1q4ngrRgdAd7f0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde780b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 1\012- data
Size:   6433
Md5:    4651752ec84093aeb8fef32cda61a705
Sha1:   709a95fca490d57cbd1b57a9d47916ea5c40964b
Sha256: 707696ddf88641654aa277e8e27d10f7179b98cf826b0dabec7db9a941090608
                                        
                                            GET /thumbs/images/allure.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 14146
last-modified: Sat, 14 Aug 2021 06:35:50 GMT
cache-control: max-age=31536000
expires: Wed, 27 Sep 2023 08:42:18 GMT
etag: "61176446-3742"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 35853
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5M5c09wFMKl2oMADXCpTrnYoyDxcMGDGupGUkb4kkZoRI%2FiFVcd68zM3asLEQ9l9kVxwBYZWRrbCeZZLOuVHpxYSZ563RmO7tolOuT2qsBUbVxendD0MUf2KZ3zCaC0%2BSKk0NU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde770b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 202x300, components 3\012- data
Size:   14146
Md5:    30b52312eaa7493a400d146775785771
Sha1:   8fba1c0837c8ddc7c65058c2996e494724ab52b5
Sha256: 83a42c01cec2731bc419263cf0ef209638c130e6bd6d1b411f56144259a89308
                                        
                                            GET /thumbs/images/machine-gun-preacher.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 20578
last-modified: Sat, 14 Aug 2021 06:35:44 GMT
cache-control: max-age=31536000
expires: Fri, 22 Sep 2023 23:24:42 GMT
etag: "61176440-5062"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 414908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7%2FjbMflXdJk0vo11YM9ixCPHYa5paml%2FLmDK3xeGIL6OxdFA5tHSSDISe0vHb9aU5LvgDaMktVUpecSCknMBJvQPHaYWfjJf35z079%2BBdQ5aXH2%2Boop0qHu3ycnHky%2FqyK%2FF90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde720b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 202x300, components 3\012- data
Size:   20578
Md5:    e860daf89ca86d57fd54a134580ee85a
Sha1:   0fa6910a15c80452ff4c296410571f553e0034d2
Sha256: f419a2c55f956493a5517ee93b0308ffcb74c352a37dacc04630c32f136ccce0
                                        
                                            GET /thumbs/images/bill-burr-presents-friends-who-kill.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.77.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
content-length: 13670
last-modified: Thu, 30 Jun 2022 17:44:48 GMT
cache-control: max-age=31536000
expires: Fri, 30 Jun 2023 18:17:57 GMT
etag: "62bde110-3566"
x-powered-by: PleskLin
cf-cache-status: HIT
age: 7690914
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrcLmTTERU06rpgrC96x4oygOFl0NfP3jb0pso6VUu6T%2FYHMXWq4XOFrjphGASQ2L8QkpywFbBTMrXH4OZsyPOqJqEM%2BQ9krqNkN2TwYW09uLLAyTil5SoWzg77lfMN1pvjyWjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde710b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Size:   13670
Md5:    78da22564ade0d8f255e461910d0787e
Sha1:   d311b7e4983b806a6ad1db1bc11ba886f46e8fe4
Sha256: 856711e7452d3687c3d7f40c60722174822bcdcbf79d8fe15a4fabb0940de3c6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "58173ECB190B9E9567D9455D0CEF7D3D2AA126F9383E1CF5BD97BE3EAD3E03B0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12292
Expires: Tue, 27 Sep 2022 22:04:44 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "58173ECB190B9E9567D9455D0CEF7D3D2AA126F9383E1CF5BD97BE3EAD3E03B0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12292
Expires: Tue, 27 Sep 2022 22:04:44 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BFE36D1D5B5E033D20F3C6E5C5A5CD999F25B5F954113BBA8EC8825FA331E8F"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5912
Expires: Tue, 27 Sep 2022 20:18:24 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1803
Md5:    3cae9d586cf5db74e248846ee9f077d6
Sha1:   3fdc5a11684ba1bf74f03b9d8b3e9612e3a211c9
Sha256: 4c3ee87ac4c6c56c4b43086674c9f87d4e79c80cd8b8462990e5d32b5a768124
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: moksoxos.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:52 GMT
content-length: 22987
content-encoding: br
x-trace-id: 616d4e6c1f8790a6bf95950a62eb174b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 16:05:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (725)
Size:   26607
Md5:    a143a182c701e06dff414fc4d419aa23
Sha1:   811ae887f2e721473aad7efa37f1cac338dd04d9
Sha256: b1ac0ea31f4435ab69660d3b4ea845ec2daf0bcbe74e4c0e7bdebcb0dede530a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Tue, 27 Sep 2022 22:09:36 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1884
Md5:    964b468ef74493e401849905ffcbde86
Sha1:   d7be8a9a57eb9be955cbdfc24e489b6d5849e559
Sha256: 9026e54a1e03e4440df7617a21b515cd397c919aaacec5952c9253261f228429
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Tue, 27 Sep 2022 22:09:36 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12584
Expires: Tue, 27 Sep 2022 22:09:36 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 74609
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:00 GMT
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
age: 75652
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 75645
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /thumbs/images/in-the-trap.jpg HTTP/1.1 
Host: w1.123movies.cards
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.77.21
HTTP/2 404 Not Found
content-type: text/html
                                        
date: Tue, 27 Sep 2022 18:39:52 GMT
last-modified: Tue, 01 Mar 2022 06:28:43 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywS4JSMqD3v3LHYkHJA0lSwMGarcDpuUsQSns9wsdgNcA8m1rmsoBRF4MRZpGmfAsHv5AFfi8cgy%2FumL6N3PKWt73kdJz1R%2BuV6hgGXRk%2BALc30%2Bjx4e2td2IcBmKpZj%2FCLN%2F9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d4cde650b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   7845
Md5:    b899c32bcf4b5d79c6c571c1b471c75f
Sha1:   d2a5e92f4eace340faadecf8a9dad072250c4c02
Sha256: 30b5fd921870fa6e5a89a523a11a355530b5a261362a06519bcdd476018ccdf0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 75655
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 61322
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52B73249D787244356D8FADC4EE2C73ACFAA25EC2586B3CD5F00DBA23148F94B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18215
Expires: Tue, 27 Sep 2022 23:43:27 GMT
Date: Tue, 27 Sep 2022 18:39:52 GMT
Connection: keep-alive

                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.123moviesfree.ltd
Connection: keep-alive
Referer: https://player.123moviesfree.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:39:53 GMT
content-encoding: gzip
content-length: 29811
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664303993.dop230.sk1.t,1664303993.cds213.sk1.hn,1664303993.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /1?z=5406917 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:52 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d367d3266f3f20a1dd1edb7ce8d07f9d
access-control-expose-headers: X-Sc
x-sc: e4ehEMJ7Xp7KL46ks3TeVGnJsRHCTjVlQCEBxnI2u-NBUNNalWPpCozoJdURJjLHNrX3s-e7LQ_nNWqXP5GdVVr0e1s=
set-cookie: scm=1; expires=Wed, 27 Sep 2023 18:39:52 GMT; secure; SameSite=None OAID=cf8a25c759ab4c059f9bdc40b1a8e6b9; expires=Wed, 27 Sep 2023 18:39:52 GMT; secure; SameSite=None oaidts=1664303992; expires=Wed, 27 Sep 2023 18:39:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7767)
Size:   3548
Md5:    639dddfa4c23ff17f9d7336c03eeba98
Sha1:   c1433ef58f92cdbd8ff84336420b26286dcfe585
Sha256: 158c26a102d445279a629729e9adf6220b348fb44235732fd2cbf2a900d65180
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:53 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=473724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75165d53cf65b4f4-OSL

                                        
                                            GET /gid.js?userId=c920059a3e154326b72ec01e8681f510 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
content-length: 65
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c920059a3e154326b72ec01e8681f510; expires=Wed, 27 Sep 2023 18:39:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=453745,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75165d547f5fb50c-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.gomovies.cyou/
Content-Type: text/plain;charset=UTF-8
Origin: https://www1.gomovies.cyou
Content-Length: 1587
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 18:40:11 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www1.gomovies.cyou
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 16:41:09 GMT
expires: Tue, 27 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 7124
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            OPTIONS /500/5390197?excludes=&oaid=c920059a3e154326b72ec01e8681f510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www1.gomovies.cyou/
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6
Md5:    7d14c6d06a6075d413d43d381c992eba
Sha1:   49bdfc1145f7c7a7bf870f069b9d23a97966cb30
Sha256: f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /9?z=5406917&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=c920059a3e154326b72ec01e8681f510 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.gomovies.cyou/
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /500/5390197?excludes=&oaid=c920059a3e154326b72ec01e8681f510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Cookie: OAID=475bea8bcc324c06965e065214a6fa59
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
x-trace-id: 1e5fcd7339ee05dbf6efd11730a4f16b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www1.gomovies.cyou
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c920059a3e154326b72ec01e8681f510; expires=Wed, 27 Sep 2023 18:39:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   97823
Md5:    5035134a9980ef91b9d0267ed872fa20
Sha1:   560ff9c180a7110ceaa7f5c78e13dbdcbfd68eb2
Sha256: 278fc7e6fbc0154566a3b5eb7b28c8608244229ca0dc66d3447a2ff93f969dc8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /11?rnd=2788899078&z=5406917&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=SRthy7UKXNOBT-Ux7M6-yz9ocxuYaIC1QzDFrbOwqQ5AelHYDr7HOU-IgqzL4t2WiERhXgyeaaL502ZSRKl4omcZdbgjuzfxtqMAvlqGyPuAIjwFfje35RAHxSJeI34ob2FZd5Uj6B49uRTQ-BYoXpR4qML4QFFNt46hptZdM4c8tvZpo0rDI5TMOxj4NqF6h9IuBd-A1Wekwz9pEJr20F8W380OoekDoaZTzdB-4Qv05FcCrmhhkyQcOsoWu9nrq59tOb4tP-oDMxNTiJFjEWpmGzFpKAnXZzBSHWYJz1RF-2JT6LPOHAw9_xc16ph9iPP5QWsV6mqBHCtnc9q4BE2Idjx-lCp-W7YTvBltKfTWRrdEraIOjaJSGnSf3yniYYLb0xNR_mdSQ3z7RbHMzc-qdbPmhchvPjJsNj8VRLx9SYk2aG-oEcOHV4wacNytU09XLs9wgLYmkRi6x_pUiwRQBsQLiqwXr64GCbx1-OKBSV7xDb_gwqLVBE4tt3xtjUtAMS3BmHEelp5wVVp_KP9ZQxz7DUHpSLUOtKx_KdDlX8obM0utoRX4NOezWxK3WCgCdMCkJYU_m4d1VXNLv7NLMJPl3pn_UYYHhAbQzKuRXmV8D4i-KZW6yHwpTbXIoUFhz2N5qQtwp8tjDos0ew==&ruid=0bf7dd2c-63ce-44a9-92d3-8a9204deac8a&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=78 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Cookie: scm=1; OAID=c920059a3e154326b72ec01e8681f510; oaidts=1664303992
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 002ca5ea5aadcd5a2c29f192bfd08e9d
access-control-expose-headers: X-Sc
set-cookie: OAID=c920059a3e154326b72ec01e8681f510; expires=Wed, 27 Sep 2023 18:39:54 GMT; secure; SameSite=None oaidts=1664303992; expires=Wed, 27 Sep 2023 18:39:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /player/movies.php?id=tt0167261 HTTP/1.1 
Host: player.123moviesfree.ltd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.165.49
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:39:53 GMT
x-powered-by: PHP/7.4.30, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHJq6ENn41l1f9X1lmjP90mnL9q6r16mkY0KEyapQhjTZD8P%2F7NHAeq3fiIw2IznljEM4hF7SGzoeVf%2FGyNSbkgPVaXyXRimBo7jum2BnNHdmtgHmkEc8I8%2ByaLBleMAJvJOZTq4%2FCmQVlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75165d514dff1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1705)
Size:   2093
Md5:    b89ed5cf7d1eb483d877adf7b6a48e5d
Sha1:   96f9acecfabdec89f9e8a53224e12adcb1523122
Sha256: 4819647397df51818ee24fcdc63e8b4488e3d67ff61220d0021f4ccc8e017aca
                                        
                                            GET /impression/ar76tvFkfcEXMPSZD9YcGRxIQmpMn4Fw-p5Sp75xorL-Vwu1k-6BeOo1BPluMDHmeTNjziwid6lBXpogkmPLTkFWLN9GzdNrvoASPHIz52JIs6MHVYD65lPAD7f-NXxTymxrncXObbKo5hjW5rOM-FLNmslIQHJjmbOv7ucXcaP0WmXzfqrRtmIKgGuFQnnqIFySWMy3loX9lU3qwkz9apkPX-1rAIq7T_CuMuYlc55VX62lztROxkHRvtnFtumKvuwHk6brWWvyX2ntFHd8_vpoSRPs9Z7X4XW4X_B6lglOcaUcbQN23OXWEMDyGwf7CU3zxm6BhaMZZ7DT-GOs8OA8iI-4cU2YpoDY9qTsxhZ8fjdCcN0LNAxn-03KPJQAKhGpjXwuuNcIGZb9sNSxCG29odpKh_uX-PvldL7QJif3ERjYyVEHR27CeAH85366451LSkuwhJVAu6S2hkIhR1SQ6oseXp0NbS4kfzzw17ZUaZ1-jCKA9I0GD5JZD5miPg4tFVeBNaxhrMkAdqO916C8rzuNd4TfZciTCALIdQyeYqbSQLwab-7lab2-ibvAhWIu6oU6ltabSwbA9UyOpAkhkZqBCxp8jzXJZQ==?_z=5390197&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Cookie: OAID=c920059a3e154326b72ec01e8681f510
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
content-length: 43
x-trace-id: a77542d65b6d537d2a311f5d215297ad
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /contents/s/ce/99/a6/01265fa9e5c31dada900870d7f/01310893827865.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D669835366%26z%3D5406917%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DSRthy7UKXNOBT-Ux7M6-yz9ocxuYaIC1QzDFrbOwqQ5AelHYDr7HOU-IgqzL4t2WiERhXgyeaaL502ZSRKl4omcZdbgjuzfxtqMAvlqGyPuAIjwFfje35RAHxSJeI34ob2FZd5Uj6B49uRTQ-BYoXpR4qML4QFFNt46hptZdM4c8tvZpo0rDI5TMOxj4NqF6h9IuBd-A1Wekwz9pEJr20F8W380OoekDoaZTzdB-4Qv05FcCrmhhkyQcOsoWu9nrq59tOb4tP-oDMxNTiJFjEWpmGzFpKAnXZzBSHWYJz1RF-2JT6LPOHAw9_xc16ph9iPP5QWsV6mqBHCtnc9q4BE2Idjx-lCp-W7YTvBltKfTWRrdEraIOjaJSGnSf3yniYYLb0xNR_mdSQ3z7RbHMzc-qdbPmhchvPjJsNj8VRLx9SYk2aG-oEcOHV4wacNytU09XLs9wgLYmkRi6x_pUiwRQBsQLiqwXr64GCbx1-OKBSV7xDb_gwqLVBE4tt3xtjUtAMS3BmHEelp5wVVp_KP9ZQxz7DUHpSLUOtKx_KdDlX8obM0utoRX4NOezWxK3WCgCdMCkJYU_m4d1VXNLv7NLMJPl3pn_UYYHhAbQzKuRXmV8D4i-KZW6yHwpTbXIoUFhz2N5qQtwp8tjDos0ew%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D0bf7dd2c-63ce-44a9-92d3-8a9204deac8a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww1.gomovies.cyou%252Fmovie%252F-the-lord-of-the-rings-the-two-towers-2002%252Fwatching.html%253Fep%253D1%2526sv%253D9%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
content-length: 24908
last-modified: Mon, 06 Jun 2022 13:58:07 GMT
etag: "629e07ef-614c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   24908
Md5:    ce99a601265fa9e5c31dada900870d7f
Sha1:   ab71f9a154eb4483874800d024a3627c5fd0d01f
Sha256: 833bfae4c3e0710f7913efe21caf2a641d55b54cdd0dbe77e4b6faed2a80548c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "47DEC190DEDBFB1F7B67F28B22296B678E073115FE0A2BD9D3FB6FC8A6FA44A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4261
Expires: Tue, 27 Sep 2022 19:50:55 GMT
Date: Tue, 27 Sep 2022 18:39:54 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/4a/99/77/2107149f60d6eff18b9d5b53e0/01198882198633.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D669835366%26z%3D5406917%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DSRthy7UKXNOBT-Ux7M6-yz9ocxuYaIC1QzDFrbOwqQ5AelHYDr7HOU-IgqzL4t2WiERhXgyeaaL502ZSRKl4omcZdbgjuzfxtqMAvlqGyPuAIjwFfje35RAHxSJeI34ob2FZd5Uj6B49uRTQ-BYoXpR4qML4QFFNt46hptZdM4c8tvZpo0rDI5TMOxj4NqF6h9IuBd-A1Wekwz9pEJr20F8W380OoekDoaZTzdB-4Qv05FcCrmhhkyQcOsoWu9nrq59tOb4tP-oDMxNTiJFjEWpmGzFpKAnXZzBSHWYJz1RF-2JT6LPOHAw9_xc16ph9iPP5QWsV6mqBHCtnc9q4BE2Idjx-lCp-W7YTvBltKfTWRrdEraIOjaJSGnSf3yniYYLb0xNR_mdSQ3z7RbHMzc-qdbPmhchvPjJsNj8VRLx9SYk2aG-oEcOHV4wacNytU09XLs9wgLYmkRi6x_pUiwRQBsQLiqwXr64GCbx1-OKBSV7xDb_gwqLVBE4tt3xtjUtAMS3BmHEelp5wVVp_KP9ZQxz7DUHpSLUOtKx_KdDlX8obM0utoRX4NOezWxK3WCgCdMCkJYU_m4d1VXNLv7NLMJPl3pn_UYYHhAbQzKuRXmV8D4i-KZW6yHwpTbXIoUFhz2N5qQtwp8tjDos0ew%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D0bf7dd2c-63ce-44a9-92d3-8a9204deac8a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww1.gomovies.cyou%252Fmovie%252F-the-lord-of-the-rings-the-two-towers-2002%252Fwatching.html%253Fep%253D1%2526sv%253D9%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
content-length: 53466
last-modified: Tue, 10 May 2022 17:34:16 GMT
etag: "627aa218-d0da"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   53466
Md5:    4a99772107149f60d6eff18b9d5b53e0
Sha1:   5beb10695e9d76e04c95239a1d70095dc2fe17f7
Sha256: 3eaa5fa0a60738c49226982a0fe9f1ddd270f3383a6c7731816e18da4b0845bc
                                        
                                            GET /?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D669835366%26z%3D5406917%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DSRthy7UKXNOBT-Ux7M6-yz9ocxuYaIC1QzDFrbOwqQ5AelHYDr7HOU-IgqzL4t2WiERhXgyeaaL502ZSRKl4omcZdbgjuzfxtqMAvlqGyPuAIjwFfje35RAHxSJeI34ob2FZd5Uj6B49uRTQ-BYoXpR4qML4QFFNt46hptZdM4c8tvZpo0rDI5TMOxj4NqF6h9IuBd-A1Wekwz9pEJr20F8W380OoekDoaZTzdB-4Qv05FcCrmhhkyQcOsoWu9nrq59tOb4tP-oDMxNTiJFjEWpmGzFpKAnXZzBSHWYJz1RF-2JT6LPOHAw9_xc16ph9iPP5QWsV6mqBHCtnc9q4BE2Idjx-lCp-W7YTvBltKfTWRrdEraIOjaJSGnSf3yniYYLb0xNR_mdSQ3z7RbHMzc-qdbPmhchvPjJsNj8VRLx9SYk2aG-oEcOHV4wacNytU09XLs9wgLYmkRi6x_pUiwRQBsQLiqwXr64GCbx1-OKBSV7xDb_gwqLVBE4tt3xtjUtAMS3BmHEelp5wVVp_KP9ZQxz7DUHpSLUOtKx_KdDlX8obM0utoRX4NOezWxK3WCgCdMCkJYU_m4d1VXNLv7NLMJPl3pn_UYYHhAbQzKuRXmV8D4i-KZW6yHwpTbXIoUFhz2N5qQtwp8tjDos0ew%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D0bf7dd2c-63ce-44a9-92d3-8a9204deac8a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww1.gomovies.cyou%252Fmovie%252F-the-lord-of-the-rings-the-two-towers-2002%252Fwatching.html%253Fep%253D1%2526sv%253D9%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D4%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=Xs3Js15fBsQfOvBbuRYlyAT53YmskhOl6cyTkRqaNKo; expires=Tue, 27-Sep-2022 19:39:54 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5213)
Size:   5116
Md5:    63cbcdd20945c41b9fb186268e2c9140
Sha1:   234b83055d552595e0ad6fc56784f98144ba6c9c
Sha256: ff953130ffd456a2ae98f30c6354986a3dcc4c97a7e86d35f2359d25846f910a
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:54 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2596203ad7c80bf3ba4ddd2edf9f7583
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 515146
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 515146
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: player.123moviesfree.ltd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.123moviesfree.ltd/player/movies.php?id=tt0167261
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.165.49
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:39:53 GMT
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFxu20zVwHrtnbgl%2BmHjAnwqpHQCT%2B%2FardZH1ZqEOY%2Fe%2FhWd2WZ1o64Ro1CkSg5BIllJ6nz%2FRnS9%2FAVGdRZJSa2QjK6A0A6qYAwxNuPsgu6IdTlq1ltAR0r3wO4Lx1pWD0Uywov64Iugl7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d548a2b1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 29 Sep 2022 18:39:53 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /movie/-the-lord-of-the-rings-the-two-towers-2002/watching.html?ep=1&sv=9 HTTP/1.1 
Host: www1.gomovies.cyou
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.155.49
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:39:51 GMT
x-powered-by: PHP/5.6.40, PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=m849hcvqisq8s06c7s0dt9d205; path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nG%2FpjGtuB5%2F135WAO4Deh0Kkc1JAtI7nEGnaz%2BtG5Ql8WmuNH9kwWl6tvUK8xmCiWzBfpYB3CNRVYpUC7nFK0cys3iC8r0JIgQip8X8WZe%2BJskVtmX%2BFMgce%2FzEpKFqkpQU7iVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75165d44cbd8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:39:52 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXRUeaMOvlV%2FUvhL8Zzile01QervCcAEOmdQ7UKTo0XlEaafIJtvkWRCTkXEg1jO7ru5G8LA4PGcdDLXPipLfRZz4AWGuQN9iMmJDdJy%2Fe16HqSN7Z2pLxEgU893uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165d5329370b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/5390192/?oo=1&aab=1 HTTP/1.1 
Host: moksoxos.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:52 GMT
x-trace-id: 09380ac29291a9016d7c13b99e3a277d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c920059a3e154326b72ec01e8681f510; expires=Wed, 27 Sep 2023 18:39:52 GMT; path=/; secure; SameSite=None oaidts=1664303992; expires=Wed, 27 Sep 2023 18:39:52 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=5406917&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.gomovies.cyou%2Fmovie%2F-the-lord-of-the-rings-the-two-towers-2002%2Fwatching.html%3Fep%3D1%26sv%3D9&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=c920059a3e154326b72ec01e8681f510 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 324
Origin: https://www1.gomovies.cyou
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Cookie: scm=1; OAID=cf8a25c759ab4c059f9bdc40b1a8e6b9; oaidts=1664303992
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www1.gomovies.cyou
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 0ccbdea67d3278dcd832a70002393f0c
access-control-expose-headers: X-Sc
set-cookie: OAID=c920059a3e154326b72ec01e8681f510; expires=Wed, 27 Sep 2023 18:39:53 GMT; secure; SameSite=None oaidts=1664303992; expires=Wed, 27 Sep 2023 18:39:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 18:39:54 GMT
date: Tue, 27 Sep 2022 18:39:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.gomovies.cyou/
Cookie: scm=1; OAID=cf8a25c759ab4c059f9bdc40b1a8e6b9; oaidts=1664303992
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 18:39:53 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---