Report - www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html

Report Overview

Submitted URL
www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html
IP
104.21.75.148
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-15 09:30:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ffafb23ea4.bf34686748.com	unknown	2022-11-14T10:55:44Z	2023-01-15T03:07:00Z	1.5 kB	320 B	45.133.44.24
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	686 B	1.4 kB	142.250.74.35
js.wpadmngr.com	25762	2021-06-02T16:43:46Z	2023-03-10T00:51:04Z	1.2 kB	1.1 kB	45.133.44.24
fp.metricswpsh.com	unknown	2022-04-22T13:20:32Z	2023-03-10T00:51:05Z	959 B	790 B	157.90.84.242
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	62 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	5.1 kB	13 kB	23.36.76.226
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	374 B	21 kB	142.250.74.174
notification.tubecup.net	8210	2019-08-30T11:36:01Z	2023-03-10T00:51:05Z	443 B	309 B	159.69.161.134
static.serve-rtb.com	unknown	2022-07-04T19:27:53Z	2023-03-10T11:08:21Z	794 B	29 kB	172.64.132.15
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	1.7 kB	3.6 kB	23.36.77.32
na.nawpush.com	38563	2020-12-23T09:18:12Z	2023-03-10T10:48:59Z	407 B	1.2 kB	45.133.44.25
xml.serve-rtb.com	unknown	2022-07-03T13:14:25Z	2023-03-10T14:22:58Z	738 B	1.4 kB	172.64.132.15
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.161.6.128
www1.afilmywap.bz	unknown	2022-10-24T13:15:19Z	2023-01-25T14:12:52Z	892 B	1.5 kB	172.67.177.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
sw.swwpush.com	455649	2020-12-24T21:20:59Z	2023-03-06T16:46:00Z	376 B	73 kB	45.133.44.24
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	387 B	44 kB	142.250.74.168
static.bookmsg.com	47495	2020-11-24T15:56:32Z	2023-03-10T11:08:21Z	443 B	863 B	78.47.199.210
halltrasy.com	unknown	2021-08-30T11:08:14Z	2023-03-06T01:21:53Z	373 B	1.4 kB	172.255.6.34
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	810 B	90 kB	31.13.72.12
nereserv.com	40015	2020-12-21T12:07:56Z	2023-03-10T11:08:19Z	557 B	320 B	168.119.25.22
5ab760da26.bf34686748.com	unknown	2022-11-15T01:46:47Z	2022-11-17T01:08:28Z	4.8 kB	14 kB	168.119.25.22
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
lh.wabenaneper.com	unknown			389 B	1.4 kB	172.255.6.232
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	907 B	3.7 kB	31.13.72.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	halltrasy.com	Sinkholed

JavaScript (12)

	URL	Size	First Seen	Last Seen
	js.wpadmngr.com/npc/sdk/wp-banners.js	0 B	2023-03-07	2024-04-18
Pretty URL js.wpadmngr.com/npc/sdk/wp-banners.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 07:40:04 Times Seen36930453 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js	295 kB	2023-03-11	2023-03-11
Pretty URL sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash e102e354a9aca7018eb5d795613a30a9 516421af7d8d0af0bb7b7221417b042e25330b2a a58cb0c61518127c7fe9bb905fe7c147073d89007a3d3a8ec6c27419e9c5d9ac Loading...

	www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html	2.5 kB	2023-03-11	2023-03-11
Pretty URL www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html IP 172.67.177.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash 4e6b026006c64d833878f6b7abf35fdf 6c569c9e862ac65e679da67d628830f7797ace4f 90414928f6dc78caf3ab39ffd215e790cf19cb5011d48da97bd1d7d082eb0d84 Loading...

	www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html	1.5 kB	2023-03-11	2023-03-11
Pretty URL www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html IP 172.67.177.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash eb8d57e6348c3912492459e4522dbfe8 4c6b9fdc2823e883e4d2bb3be0d58c3c93d1965e def42c4e0839659cfebf2159c476462f9791582d983f95f4a76c515a14169f85 Loading...

	lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243	5 B	2023-03-07	2024-04-18
Pretty URL lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243 IP 172.255.6.232 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-18 01:18:03 Times Seen6253 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html	283 B	2023-03-07	2023-03-11
Pretty URL www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html IP 172.67.177.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:24 Last Seen2023-03-11 22:14:49 Times Seen1 Hash f229dcc5d6929d5aad565d4d5b78e1eb 30be649717ebfb23fc724ee8182d9afd5639a8fe 7fced57adbbc3dfa47603af411ba0949dfbc9cd151793a862a1796e233ffddfd Loading...

	www.googletagmanager.com/gtag/js?id=UA-198155354-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-198155354-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:44 Times Seen1 Hash 793dd52c0dec3034eba2e1d894d11101 413376424b73792e3028ca30eaded6308030bc70 7fe2fd3f8bfa31f07021547877046f65978695e00f2bf478aeab93ef06bacd1d Loading...

	js.wpadmngr.com/static/adManager.js	1.3 kB	2023-03-07	2023-03-17
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2023-03-17 12:41:09 Times Seen1 Hash d17122a2baaec1b2ce4e62776349bb2b a732dd7dcf6b3af05e416510b77640dfdb27307f 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e Loading...

	connect.facebook.net/en_GB/all.js#xfbml=1	3.1 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/en_GB/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash e327e6d4b83839f726c7aa6103c7df88 e70979aa5a49cf9e7064b1a8c2ee7d9d97c1ca17 bd7ff0518f54bb1ff84c042b8ebee788f599b874949cd479c0a1c0d5640746ef Loading...

	www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html	155 B	2023-03-07	2024-01-04
Pretty URL www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html IP 172.67.177.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:29 Last Seen2024-01-04 16:40:51 Times Seen11 Hash 28cc698f9c96c63529d901b20711dc1c 74611846cf20c6c0ef63584f85bf887c894d079c 9c47bace85188f2c333540cb4670abff0f0ba560c5c54ec8de3ce81490909167 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124	309 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:22:44 Last Seen2023-03-11 12:22:46 Times Seen1 Hash 6461dc09fc66862591e393e371d95831 1ad959aea16a5f4653ba6117773f8f99488f120e aab6b106c31d7dbd09a2cf1086dee7d81ccaa7ca952b9ebb02d9ca7bb1594482 Loading...

HTTP Transactions (65)

URL IP Response Size

www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html

172.67.177.227

301 Moved Permanently

0 B

URL HTTP/1.1
www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html
IP
172.67.177.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /movie/6411/cocktail-(2012)-hindi-full-movie.html HTTP/1.1
Host: www1.afilmywap.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 09:30:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 15 Nov 2022 10:30:17 GMT
Location: https://www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYuMwq6mH3q9%2Fd%2FR9KsyjYa8FX%2F7KSKqAO4gikzCOeSZgOhZuS8P9sx6d6iPBU1vtpSK%2Bd5%2BliI%2Fjb2vhNcA%2Fy1XCfwrG2IUlDnI1p%2BRmNCyd1EdcQg6tog4P0oBksMh4WktEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a6f7a37802b524-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Tue, 15 Nov 2022 13:24:04 GMT
Date: Tue, 15 Nov 2022 09:30:17 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1998
Cache-Control: max-age=92058
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:17 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:04:35 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2810
Expires: Tue, 15 Nov 2022 10:17:07 GMT
Date: Tue, 15 Nov 2022 09:30:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 08:44:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2740
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6pnFGKfCQJBgK+NLY3oVp41vuKTqrrQ6NXFMPjMpK/h+Qe/4goOtd2ulnch9qdHyxZzn+BnUYqY=
x-amz-request-id: SDYRWT7EVQSZYGR3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 08:51:29 GMT
age: 2328
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
70a57d09882a08686935b6447ebebc89
19caa0c7a571a222ca5065e5a21eaa9385a6cdf4
7d6cd4ae2c406f20ca4aac84977dec3636b18ecb39747beeced3be9799b2e963

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7D6CD4AE2C406F20CA4AAC84977DEC3636B18ECB39747BEECED3BE9799B2E963"
Last-Modified: Sun, 13 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11895
Expires: Tue, 15 Nov 2022 12:48:32 GMT
Date: Tue, 15 Nov 2022 09:30:17 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 09:30:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
70a57d09882a08686935b6447ebebc89
19caa0c7a571a222ca5065e5a21eaa9385a6cdf4
7d6cd4ae2c406f20ca4aac84977dec3636b18ecb39747beeced3be9799b2e963

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7D6CD4AE2C406F20CA4AAC84977DEC3636B18ECB39747BEECED3BE9799B2E963"
Last-Modified: Sun, 13 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11894
Expires: Tue, 15 Nov 2022 12:48:32 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-198155354-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-198155354-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43618 bytes)
Hash
6ad6e5e83a5dcf92a9c6484c9c81200f
923bc7122accd1048e57d956122bb5ef5a48f8a4
858f18b078a1ca08f4f6ceea3cc9ae54e0abc7febc8c10520756ead2ccb5bfa0

HTTP Headers

GET /gtag/js?id=UA-198155354-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 09:30:18 GMT
expires: Tue, 15 Nov 2022 09:30:18 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: max-age=90788
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:18 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:43:26 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15af6df9e8dec447de802161befd312f
a67ec7ed4f57bd905a4395565f80ec7a5074c9bb
6cb39b52d0ef47c71dccd7d65ee899e82e8feabca91a1b996aa7854e2fb83bb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CB39B52D0EF47C71DCCD7D65EE899E82E8FEABCA91A1B996AA7854E2FB83BB1"
Last-Modified: Sun, 13 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16869
Expires: Tue, 15 Nov 2022 14:11:27 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74fcdf483831b1365d22787311766b41
9973f138e47d10dbf0e90cbea3a12009708a8566
6a4b400001c11ab92d0f28c765622aaf047ded8c7f6bb9d6288827a1d0c45c64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A4B400001C11AB92D0F28C765622AAF047DED8C7F6BB9D6288827A1D0C45C64"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10862
Expires: Tue, 15 Nov 2022 12:31:20 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f496b7240cd9b3a234cb057d2a7290f
e068d582227248dcb7d4883766a90483a8c6263c
5cdcc0ec79ccbe0ac9558c1fba3527325b176cb9f436120a72e185e70c464632

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CDCC0EC79CCBE0AC9558C1FBA3527325B176CB9F436120A72E185E70C464632"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8305
Expires: Tue, 15 Nov 2022 11:48:43 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

halltrasy.com/gqAKupXAAyO9OdQg/33550

172.255.6.34

200 OK

26 B

URL HTTP/1.1
halltrasy.com/gqAKupXAAyO9OdQg/33550
IP
172.255.6.34:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /gqAKupXAAyO9OdQg/33550 HTTP/1.1
Host: halltrasy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:30:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 16-Nov-2022 09:30:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 16-Nov-2022 09:30:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243

172.255.6.232

200 OK

25 B

URL HTTP/1.1
lh.wabenaneper.com/r63726337a7ab263726337a7ab3/34243
IP
172.255.6.232:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /r63726337a7ab263726337a7ab3/34243 HTTP/1.1
Host: lh.wabenaneper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:30:18 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 16-Nov-2022 09:30:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 16-Nov-2022 09:30:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 09:25:01 GMT
cache-control: public,max-age=3600
age: 317
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39ed54d118ae43c615b5efd6cf46ac6f
05484ec9c0b28f3f662897b85f5a0d61ae0387f3
81f3958a1abfdd416fe8d78ab4b377d680aa9c957e1435a1f8b481883bad7f96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6449
Cache-Control: max-age=161650
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:18 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 06:24:28 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_GB/all.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_GB/all.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
f82ad51ea0bc2cd9380609bfdbe860b6
824309a9638fd39597980f50b161cb36dd92a35c
1b0a2481241a5a098d48955752f893b40486201f507e16dfc562842139349bef

HTTP Headers

GET /en_GB/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e327e6d4b83839f726c7aa6103c7df88
etag: "5f896f6a0c8d3414fc1b4ad6493a8f6f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 15 Nov 2022 09:40:44 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: +CrVHqC8LNk4Bgm/2+hgtg==
x-fb-debug: aotSXF7u9nqxU2/Jn0qWWp6ycUoiDWhrVgUsuqkqm/x1aURe1KBEiZCN7iNl0oQWxKHQqlxDR7JtFu6uccl5sw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 09:30:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
39ed54d118ae43c615b5efd6cf46ac6f
05484ec9c0b28f3f662897b85f5a0d61ae0387f3
81f3958a1abfdd416fe8d78ab4b377d680aa9c957e1435a1f8b481883bad7f96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6449
Cache-Control: max-age=161650
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:30:18 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 06:24:28 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.24

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 15 Nov 2022 09:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 08:41:09 GMT
expires: Tue, 15 Nov 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 2949
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18734)
Size
87 kB (86738 bytes)
Hash
918f30f09b722b129644020d28d4b2e9
713047a6b63c9c7bfbc6b6b0bb00e3d6a9a4ef2e
b0bad5118e63b4c974c63850e469a626547b486c54554b410017663003791753

HTTP Headers

GET /en_GB/all.js?hash=4b7d309a3fb1bf1b5b41d2e64255f124 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6461dc09fc66862591e393e371d95831
etag: "5a9aeb4921ce312e473e6644b5241011"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 15 Nov 2023 09:00:44 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: kY8w8JtyKxKWRAINKNSy6Q==
x-fb-debug: +YaLC+u7zYtFOhNNr7ItuKOXLRV/Nq8iNjSTAOb6RRw0wOyFdz45HlRWj2RTVYpD2t6gnWxthKqzZOsrs99z2A==
content-length: 86738
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 09:30:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JnW16zKvovp73r7DaUxtEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GmEcttQfMSnZ1V9yfScVtjO0YpQ=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2664d438bd28083756dbcdab36b3037
4a3ad4287e1f07a7e3aa9944aa76b360315c7946
c4fe64c23cb354bc2d012f5cd7edb7708b234b972f508d0510f264b684b41ebb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4FE64C23CB354BC2D012F5CD7EDB7708B234B972F508D0510F264B684B41EBB"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7135
Expires: Tue, 15 Nov 2022 11:29:13 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

na.nawpush.com/tags/5970?version_name=b

45.133.44.25

200 OK

995 B

URL HTTP/2
na.nawpush.com/tags/5970?version_name=b
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (995), with no line terminators
Size
995 B (995 bytes)
Hash
3c99ad15455f5237f094a7fc4a2bbe22
6582db1e57f9abf50e23df218d0f2cef0658c4a3
c601c2c3073861cee0ed37c19f13607d579fcfd5fbeaceba9d592711e6b721c4

HTTP Headers

GET /tags/5970?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:18 GMT
content-type: application/json
content-length: 995
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df403af9acc9426%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff1b8c70def42308%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F6411%2Fcocktail-(2012)-hindi-full-movie.html&locale=en_GB&sdk=joey&width=470

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df403af9acc9426%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff1b8c70def42308%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F6411%2Fcocktail-(2012)-hindi-full-movie.html&locale=en_GB&sdk=joey&width=470
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df403af9acc9426%26domain%3Dwww1.afilmywap.bz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252Ff1b8c70def42308%26relation%3Dparent.parent&container_width=1268&height=100&href=https%3A%2F%2Fwww1.afilmywap.bz%2Fmovie%2F6411%2Fcocktail-(2012)-hindi-full-movie.html&locale=en_GB&sdk=joey&width=470 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: NbDveC1wujxyP14bvlJUiCXixVw6+HnpQj/hsTCTBUR3jO2WF/KGb9iE3RT6ES/c6P5TWzSb8Y59yCK2XJJj+g==
content-length: 0
date: Tue, 15 Nov 2022 09:30:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282abd1972ae8537918dfe28f188e391
26ab3ad99ced3c58d8030bbb7547d837f7e2cbc4
06835156204c31c9d176f4eb1e2cc232130b99a391130c27a71378cf95cab616

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06835156204C31C9D176F4EB1E2CC232130B99A391130C27A71378CF95CAB616"
Last-Modified: Mon, 14 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9075
Expires: Tue, 15 Nov 2022 12:01:33 GMT
Date: Tue, 15 Nov 2022 09:30:18 GMT
Connection: keep-alive

notification.tubecup.net/tags?tag_id=5970&timezone_olson=UTC&version_name=b

159.69.161.134

204 No Content

0 B

URL HTTP/2
notification.tubecup.net/tags?tag_id=5970&timezone_olson=UTC&version_name=b
IP
159.69.161.134:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tags?tag_id=5970&timezone_olson=UTC&version_name=b HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:18 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=5970

157.90.84.242

204 No Content

0 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=5970
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=5970 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.afilmywap.bz/
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 09:30:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
513caaf19286a3d95f60c4a117768930
0c784d1f2daa6a2db592f2871efe63432638c181
f4eac994becb1a6b1ae98c85d3ee9d76033ed9e6b960b876d85525575fafc4d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4EAC994BECB1A6B1AE98C85D3EE9D76033ED9E6B960B876D85525575FAFC4D5"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5041
Expires: Tue, 15 Nov 2022 10:54:20 GMT
Date: Tue, 15 Nov 2022 09:30:19 GMT
Connection: keep-alive

ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MDE3MzczMDgzODE0MDkzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTUuMSIsInRhZ19pZCI6NTk3MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJDb2NrdGFpbCUyQygyMDEyKSUyQ0JsdVJheSUyQ0hpbmRpJTJDNDgwcCUyQ0hEJTJDNzIwcCUyQ01vdmllcyUyQ0JsdVJheSUyQ2FGaWxteXdhcCUyQ2ZyZWUlMkNkb3dubG9hZCUyQ21vYmlsZSUyQ21vdmllcyUyQ2NvY2t0YWlsJTJDKDIwMTIpJTJDaGluZGklMkNmdWxsJTJDbW92aWUlMkNjb2NrdGFpbCUyQygyMDEyKSUyQ2JsdXJheSUyQ2hpbmRpJTJDNDgwcCUyQ2hkJTJDNzIwcCUyQ21vdmllcyUyQ2JsdXJheSUyQ2FmaWxteXdhcCUyQ0NvY2t0YWlsJTJDKDIwMTIpJTJDSGluZGklMkNGdWxsJTJDTW92aWUlMkNGdWxsJTJDTW92aWUlMkNBRmlsbXl3YXAlMkNEb3dubG9hZCUyQ2Rvd25sb2FkJTJDQ29ja3RhaWwlMkMoMjAxMiklMkNIaW5kaSUyQ0Z1bGwlMkNNb3ZpZSUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ==

45.133.44.24

200 OK

0 B

URL HTTP/2
ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MDE3MzczMDgzODE0MDkzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTUuMSIsInRhZ19pZCI6NTk3MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJDb2NrdGFpbCUyQygyMDEyKSUyQ0JsdVJheSUyQ0hpbmRpJTJDNDgwcCUyQ0hEJTJDNzIwcCUyQ01vdmllcyUyQ0JsdVJheSUyQ2FGaWxteXdhcCUyQ2ZyZWUlMkNkb3dubG9hZCUyQ21vYmlsZSUyQ21vdmllcyUyQ2NvY2t0YWlsJTJDKDIwMTIpJTJDaGluZGklMkNmdWxsJTJDbW92aWUlMkNjb2NrdGFpbCUyQygyMDEyKSUyQ2JsdXJheSUyQ2hpbmRpJTJDNDgwcCUyQ2hkJTJDNzIwcCUyQ21vdmllcyUyQ2JsdXJheSUyQ2FmaWxteXdhcCUyQ0NvY2t0YWlsJTJDKDIwMTIpJTJDSGluZGklMkNGdWxsJTJDTW92aWUlMkNGdWxsJTJDTW92aWUlMkNBRmlsbXl3YXAlMkNEb3dubG9hZCUyQ2Rvd25sb2FkJTJDQ29ja3RhaWwlMkMoMjAxMiklMkNIaW5kaSUyQ0Z1bGwlMkNNb3ZpZSUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ==
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2MDE3MzczMDgzODE0MDkzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTUuMSIsInRhZ19pZCI6NTk3MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJDb2NrdGFpbCUyQygyMDEyKSUyQ0JsdVJheSUyQ0hpbmRpJTJDNDgwcCUyQ0hEJTJDNzIwcCUyQ01vdmllcyUyQ0JsdVJheSUyQ2FGaWxteXdhcCUyQ2ZyZWUlMkNkb3dubG9hZCUyQ21vYmlsZSUyQ21vdmllcyUyQ2NvY2t0YWlsJTJDKDIwMTIpJTJDaGluZGklMkNmdWxsJTJDbW92aWUlMkNjb2NrdGFpbCUyQygyMDEyKSUyQ2JsdXJheSUyQ2hpbmRpJTJDNDgwcCUyQ2hkJTJDNzIwcCUyQ21vdmllcyUyQ2JsdXJheSUyQ2FmaWxteXdhcCUyQ0NvY2t0YWlsJTJDKDIwMTIpJTJDSGluZGklMkNGdWxsJTJDTW92aWUlMkNGdWxsJTJDTW92aWUlMkNBRmlsbXl3YXAlMkNEb3dubG9hZCUyQ2Rvd25sb2FkJTJDQ29ja3RhaWwlMkMoMjAxMiklMkNIaW5kaSUyQ0Z1bGwlMkNNb3ZpZSUyQ2luJTJDSEQlMkNNcDQlMkNGcmVlJTJDRG93bmxvYWQlMkNGaWxteXdhcCUyQzQ4MHAlMkM3MjBwJTJDbXA0bW92aWV6JTJDOXhtb3ZpZXMlMkNGaWxteVppbGxhJTJDYm9sbHk0dSUyQ2toYXRyaW1hemElMkNNb3ZpZXMlMkNhZmlsbXl3YXAlMjAifQ== HTTP/1.1
Host: ffafb23ea4.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:19 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=5970

157.90.84.242

200 OK

28 B

URL HTTP/1.1
fp.metricswpsh.com/fp?tag_id=5970
IP
157.90.84.242:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text
Size
28 B (28 bytes)
Hash
e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a

HTTP Headers

POST /fp?tag_id=5970 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22288
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 09:30:19 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.afilmywap.bz
Set-Cookie: id=6710622435501716777; Expires=Wed, 15 Nov 2023 09:30:19 GMT; Secure; SameSite=None
Vary: Origin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22276390c991f320e1e07693f4b8d2ed
b2c5b5489ae6f2450d22c954ccb3c27530a13541
c9b3be9b794b5c27a40157db3faf707885d993ae2edc708e14eb50cccf3cfad2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9B3BE9B794B5C27A40157DB3FAF707885D993AE2EDC708E14EB50CCCF3CFAD2"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7899
Expires: Tue, 15 Nov 2022 11:41:58 GMT
Date: Tue, 15 Nov 2022 09:30:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
39a4203bdbb9872ddbfd3b3722235e6c
d99036d5aae7db9ae2a0a261a98253a6b5c28e79
6f3e83322f7e7fabad1bbeb4b4fa84be48b377e1d2a29e58e941900333799404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F3E83322F7E7FABAD1BBEB4B4FA84BE48B377E1D2A29E58E941900333799404"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16277
Expires: Tue, 15 Nov 2022 14:01:36 GMT
Date: Tue, 15 Nov 2022 09:30:19 GMT
Connection: keep-alive

sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js

45.133.44.24

200 OK

73 kB

URL HTTP/2
sw.swwpush.com/npc/sdk/wpu/ipnpush.m.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
73 kB (72951 bytes)
Hash
d2496540eb6d05da8f03e89a70df221d
5a88a33d880fe91ba907f15aac061040884ce0bc
2c47960370105c827ffcae37c86191694d94823758840f9439f45a35e7cd6dc4

HTTP Headers

GET /npc/sdk/wpu/ipnpush.m.js HTTP/1.1
Host: sw.swwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 09:04:51 GMT
etag: W/"63735633-480a4"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:35:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=0&event_id=adee0c6a-5695-4f7b-a6d1-91d778bba274&subid=1410812804&sid=3937712413&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1

168.119.25.22

200 OK

0 B

URL HTTP/2
nereserv.com/in/dip?site=native-push&wl=0&event_id=adee0c6a-5695-4f7b-a6d1-91d778bba274&subid=1410812804&sid=3937712413&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=0&event_id=adee0c6a-5695-4f7b-a6d1-91d778bba274&subid=1410812804&sid=3937712413&spot_id=5874&created_at=2022-11-15&timezone=0&ver=7.8.2-b&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/multy

168.119.25.22

204 No Content

0 B

URL HTTP/2
5ab760da26.bf34686748.com/in/multy
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.afilmywap.bz/
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:19 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5856 bytes)
Hash
b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: 5261109d-ca5e-4b77-b0a2-17b634a51fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtpFvRoAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff0-570bdfbd329fe34b47d8c7a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8XeCtd88wwfynTV2w67E7r__KCAAIAsfv7sg67o_HSehIsIBae_SkQ==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:01:21 GMT
age: 19739
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9446 bytes)
Hash
fcd8c821cc1f76bbeb3535701b0385e5
398ee550da0a20bd7acf15287ef478fcf08f4738
6b55b0f3a025cf90ac05ae6f5689349ce2eb32d067498de7301ec5a307247a0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9446
x-amzn-requestid: a8e15861-ac8b-4b6a-b1a7-235fcae0c124
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blF8lHfjIAMFqpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e9e9-42c44c247dd4e04d292eb953;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: O-q5RI1NQrxVuEdLNyLnsdxqnFbyn9okLo3Xi8S5wHCfhD4wUP3RMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 07:45:45 GMT
age: 6275
etag: "398ee550da0a20bd7acf15287ef478fcf08f4738"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9311 bytes)
Hash
c5f45accbd2d3551103631fa77deee8f
7295ef4c52bcea1be24b963d7ff170ef5bacf713
495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: 32874a50-bbc5-4246-a819-cd65fe918bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuFsG5IIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d57-64c21f6448b29b4710c8c638;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:08:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wLkQgLmUk7U5jQPXEljFQpuwHVgHUKHHA63UwzEicdLPMMo1decu3g==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 05:54:08 GMT
age: 12972
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 00:41:48 GMT
age: 31712
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11290 bytes)
Hash
49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:13:35 GMT
age: 19005
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7982 bytes)
Hash
508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:48 GMT
age: 42152
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/multy

168.119.25.22

200 OK

12 kB

URL HTTP/2
5ab760da26.bf34686748.com/in/multy
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12478), with no line terminators
Size
12 kB (12490 bytes)
Hash
a191e28abf578fc4992b442586096c69
7724e0647dc5a759c8d58b381ebbcf615d7f415c
091fb859fd62015ba19373d33bb1f90d7facb96e4eed54070ccde20310c6c197

HTTP Headers

POST /in/multy HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1206
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:20 GMT
content-type: application/json
content-length: 12490
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=13625&price=0.001032&is_cpm=0&cpm=0&ecpm=0.016264574522746135&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=2&auction_queue=0&burl=qe9opwgd1UEWkZJnGhrdt0Gl2TOVNYTj7FtC-D_kSFSsghXKmN535Q&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=a3cdd534052d3b14fa7ec4fbe0d4e4dc&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.001032&user_fp=0&v2_track=0&url=afGq0JSdHC335jCABnruFP-t78mXcqvgWgurY_NnhO80A8npGLsUJXKuyVc_rxr19meW7JsL9IEd6zTlnr6Oa5pYbzF4bFAB2LMdHaRO3_y2u3a_Ges0xTOY0jMuE54U_ZsGWN4d4T4RIsJ2WQhvDDbFs2_xZUMwg2ot2qlVigAEjP2BRw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.001032&pr=&user_keywords=&auc_type=1&aid=200&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=338b461c-2579-4925-8f80-a321996f6e6f

168.119.25.22

302 Found

0 B

URL HTTP/2
5ab760da26.bf34686748.com/in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=13625&price=0.001032&is_cpm=0&cpm=0&ecpm=0.016264574522746135&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=2&auction_queue=0&burl=qe9opwgd1UEWkZJnGhrdt0Gl2TOVNYTj7FtC-D_kSFSsghXKmN535Q&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=a3cdd534052d3b14fa7ec4fbe0d4e4dc&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.001032&user_fp=0&v2_track=0&url=afGq0JSdHC335jCABnruFP-t78mXcqvgWgurY_NnhO80A8npGLsUJXKuyVc_rxr19meW7JsL9IEd6zTlnr6Oa5pYbzF4bFAB2LMdHaRO3_y2u3a_Ges0xTOY0jMuE54U_ZsGWN4d4T4RIsJ2WQhvDDbFs2_xZUMwg2ot2qlVigAEjP2BRw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.001032&pr=&user_keywords=&auc_type=1&aid=200&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=338b461c-2579-4925-8f80-a321996f6e6f
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=13625&price=0.001032&is_cpm=0&cpm=0&ecpm=0.016264574522746135&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=2&auction_queue=0&burl=qe9opwgd1UEWkZJnGhrdt0Gl2TOVNYTj7FtC-D_kSFSsghXKmN535Q&pop_winurl=&ip=91.90.42.154&testab=1&px_id=535874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0011292334912651673&placement_type_id=&skin_test=0&verify_hash=a3cdd534052d3b14fa7ec4fbe0d4e4dc&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.001032&user_fp=0&v2_track=0&url=afGq0JSdHC335jCABnruFP-t78mXcqvgWgurY_NnhO80A8npGLsUJXKuyVc_rxr19meW7JsL9IEd6zTlnr6Oa5pYbzF4bFAB2LMdHaRO3_y2u3a_Ges0xTOY0jMuE54U_ZsGWN4d4T4RIsJ2WQhvDDbFs2_xZUMwg2ot2qlVigAEjP2BRw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=1&vertical_id=0&real_bid=0.001032&pr=&user_keywords=&auc_type=1&aid=200&ext_cid=0&device_theme=light&keywords=&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=338b461c-2579-4925-8f80-a321996f6e6f HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2

5ab760da26.bf34686748.com/in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=1&auction_queue=0&burl=CzsGWknmOpKMSK_uz9baO5ojDONMinN1XDoZ2R5FgIvp0N2xrrGZGA&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=4281ad56676bd3c1432ac7fb37163ca4&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00105&user_fp=0&v2_track=0&url=HX3ltEw4gic44eabqvb6HnQRE7Rd3CkUs08BrbpN5sxW0ZFuGQxXNbA_yvDByefC5GUuVMxip0MYqnKtB9mzO3ZxJyfr1kqw24fZXK5hwuJRWXTXDK52acgla6RmDD14cXIMGB0&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3DT1g5K81ocYI_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=09178ff1-e7d8-4bb0-b73c-8dcc9f3d79e8

168.119.25.22

302 Found

0 B

URL HTTP/2
5ab760da26.bf34686748.com/in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=1&auction_queue=0&burl=CzsGWknmOpKMSK_uz9baO5ojDONMinN1XDoZ2R5FgIvp0N2xrrGZGA&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=4281ad56676bd3c1432ac7fb37163ca4&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00105&user_fp=0&v2_track=0&url=HX3ltEw4gic44eabqvb6HnQRE7Rd3CkUs08BrbpN5sxW0ZFuGQxXNbA_yvDByefC5GUuVMxip0MYqnKtB9mzO3ZxJyfr1kqw24fZXK5hwuJRWXTXDK52acgla6RmDD14cXIMGB0&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3DT1g5K81ocYI_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=09178ff1-e7d8-4bb0-b73c-8dcc9f3d79e8
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?mid=6933983910965212837&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=1410812804&sid=3937712413&cid=12012&price=0.00105&is_cpm=0&cpm=0&ecpm=0.0007170311619837317&crid=5629322&crtid=d3e0248d78a82f78d086a00a713e151d&tcid=0&out_id=0&ver=7.8.2-b&ver_c=&refdom=www1.afilmywap.bz&hostname=auc-inpage-hz-5-a&site_id=315874&spot_id=5874&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1668591019&created_at=2022-11-15&is_native=1&auction_queue=0&burl=CzsGWknmOpKMSK_uz9baO5ojDONMinN1XDoZ2R5FgIvp0N2xrrGZGA&pop_winurl=&ip=91.90.42.154&testab=1&px_id=735874&adblock=0&auction_host=all&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=5.3276734413375095e-05&placement_type_id=&skin_test=0&verify_hash=4281ad56676bd3c1432ac7fb37163ca4&score=93.0909624728294&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1410812804%26spot_id%3D5874%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fwww1.afilmywap.bz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00105&user_fp=0&v2_track=0&url=HX3ltEw4gic44eabqvb6HnQRE7Rd3CkUs08BrbpN5sxW0ZFuGQxXNbA_yvDByefC5GUuVMxip0MYqnKtB9mzO3ZxJyfr1kqw24fZXK5hwuJRWXTXDK52acgla6RmDD14cXIMGB0&image_url=https%3A%2F%2Fxml.serve-rtb.com%2Fthumbnail%3Fi%3DT1g5K81ocYI_0&skin_id=1&vertical_id=0&real_bid=0.00096432&pr=&user_keywords=&auc_type=1&aid=185&ext_cid=0&device_theme=light&keywords=&format=compact-slide-b_r-body&cpa=09178ff1-e7d8-4bb0-b73c-8dcc9f3d79e8 HTTP/1.1
Host: 5ab760da26.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://xml.serve-rtb.com/thumbnail?i=T1g5K81ocYI_0&imgt=icon
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
08664b6d330dc1f460456674883bfcc7
c8ba528bd86743db01b0593cb692c04e76c0d893
e8ed5eeea3281ca3afa76447ae7fa6ae6ab990fb8abd02a1d941ddacbce234a4

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E8ED5EEEA3281CA3AFA76447AE7FA6AE6AB990FB8ABD02A1D941DDACBCE234A4"
Last-Modified: Sun, 13 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5525
Expires: Tue, 15 Nov 2022 11:02:25 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3071fcf7f084c149fad8e8e1fac5e244
47146509986d6f091b326db9d70b443b8e33d3fc
8124d49a22f26f7324060870d3cc002c2c51d4efcdcb0f71a1b103045c97474c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8124D49A22F26F7324060870D3CC002C2C51D4EFCDCB0F71A1B103045C97474C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7946
Expires: Tue, 15 Nov 2022 11:42:46 GMT
Date: Tue, 15 Nov 2022 09:30:20 GMT
Connection: keep-alive

static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

78.47.199.210

200 OK

590 B

URL HTTP/2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
78.47.199.210:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
590 B (590 bytes)
Hash
debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

HTTP Headers

GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 09:30:20 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

xml.serve-rtb.com/thumbnail?i=T1g5K81ocYI_0

172.64.132.15

302 Found

0 B

URL HTTP/2
xml.serve-rtb.com/thumbnail?i=T1g5K81ocYI_0
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=T1g5K81ocYI_0 HTTP/1.1
Host: xml.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 15 Nov 2022 09:30:20 GMT
content-length: 0
location: https://static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V0t19EsG1eUABXvHKd8WV7ZrQFioFKzD8KKu9w%2FU5wa00t0RI3397sX12WZu%2Fj1J8Una8GLAfuqzVpB091Mn%2FzZHxjFj8E8eWVuLp2hauasv8bx7aiOo6a2NyXxqEUSU5HXLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f7b88f197698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xml.serve-rtb.com/thumbnail?i=T1g5K81ocYI_0&imgt=icon

172.64.132.15

302 Found

0 B

URL HTTP/2
xml.serve-rtb.com/thumbnail?i=T1g5K81ocYI_0&imgt=icon
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=T1g5K81ocYI_0&imgt=icon HTTP/1.1
Host: xml.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 15 Nov 2022 09:30:20 GMT
content-length: 0
location: https://static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv0EBy9oEzhTKlW%2F1sWhbOCxMkRP7f8ZFVVcpnFQ5Mq2k57PvyC23XmUy8h8Hp9xptiSNdWQHIrAHoib9VVciu%2FfsrgKrGBLiQ9UlonNuHX3aMXauyWWrhl0531kin%2Bryy8l6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f7b89f417698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg

172.64.132.15

200 OK

14 kB

URL HTTP/2
static.serve-rtb.com/n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13890 bytes)
Hash
9d1b26ee7c737395b9bc689126ca1963
80404743f017176fcea239a2405bbdfb96d9d4ff
ba8a5b1043b81b0f8ac325b2eb4f7407ef0f6aec29d27b280813e481a6f910f9

HTTP Headers

GET /n337/ad/300x300_X18jfE0ZunUmF4NVTOu8.jpeg HTTP/1.1
Host: static.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:21 GMT
content-type: image/jpeg
content-length: 13890
last-modified: Fri, 04 Nov 2022 11:47:13 GMT
etag: "6364fbc1-3642"
cache-control: max-age=86400
x-hw: 1667605435.cds264.lo4.h2,1667605435.cds249.lo4.c
access-control-allow-origin: *
cf-cache-status: HIT
age: 12512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TLX85k1ojf%2BcCLfi0uB0uTjGLTD24mdf16Y9HkWwxA35uRgWKce5KPqMSdYQwAYuPYlmYMu%2FoTItLECYMcj4dqYb%2BIu%2BwI3RQ1WRrjIlygUU7wNpaucrHclKW87WLekRP1%2FxxrqDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a6f7b968657698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg

172.64.132.15

200 OK

14 kB

URL HTTP/2
static.serve-rtb.com/n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
14 kB (13890 bytes)
Hash
9d1b26ee7c737395b9bc689126ca1963
80404743f017176fcea239a2405bbdfb96d9d4ff
ba8a5b1043b81b0f8ac325b2eb4f7407ef0f6aec29d27b280813e481a6f910f9

HTTP Headers

GET /n337/ad/300x300_BXb47x0iGD88NJsjLF74.jpeg HTTP/1.1
Host: static.serve-rtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:21 GMT
content-type: image/jpeg
content-length: 13890
last-modified: Fri, 04 Nov 2022 11:47:17 GMT
etag: "6364fbc5-3642"
cache-control: max-age=86400
x-hw: 1667605435.cds222.lo4.h2,1667605435.cds214.lo4.c
access-control-allow-origin: *
cf-cache-status: HIT
age: 12512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K8ib12bKpxCeqWRWUxtiVXG1udzoh9VVhIsaLOQFrvmYVx60PqP5RVjKv7CiaBd%2FvoQK5TC5iBcbRPxOPHuadsBYfIfgBnVwKm6XvCe3Y9tdIbLO%2BI8gBnUj%2Bzf%2BbWpdf%2FuO9x%2FQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a6f7b9787f7698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
3071fcf7f084c149fad8e8e1fac5e244
47146509986d6f091b326db9d70b443b8e33d3fc
8124d49a22f26f7324060870d3cc002c2c51d4efcdcb0f71a1b103045c97474c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8124D49A22F26F7324060870D3CC002C2C51D4EFCDCB0F71A1B103045C97474C"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7945
Expires: Tue, 15 Nov 2022 11:42:46 GMT
Date: Tue, 15 Nov 2022 09:30:21 GMT
Connection: keep-alive

www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html

172.67.177.227

200 OK

0 B

URL HTTP/2
www1.afilmywap.bz/movie/6411/cocktail-(2012)-hindi-full-movie.html
IP
172.67.177.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /movie/6411/cocktail-(2012)-hindi-full-movie.html HTTP/1.1
Host: www1.afilmywap.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'none'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1QF1Xm3oX%2BfjwxL3UA8RldN9R2XYlikQBPVtGfGlpjT%2Fj75v0h5QPBA4qCaPsd5EH5mIAucJdLO7CWINdHmIPQF2IICb707W2nB4z7z%2BfcHEUfboy27YiIIRWydIkRrYDuRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a6f7a55d82b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.24

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.m.js

45.133.44.24

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.afilmywap.bz
Connection: keep-alive
Referer: https://www1.afilmywap.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:30:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 01 Nov 2022 13:27:00 GMT
etag: W/"63611ea4-171bc"
content-encoding: gzip
expires: Tue, 15 Nov 2022 09:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations