www.filmesonlinehdgratis.com.br/the-immaculate-room-player-1
172.67.206.135301 Moved Permanently 0 B URL HTTP/1.1 www.filmesonlinehdgratis.com.br/the-immaculate-room-player-1
IP 172.67.206.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /the-immaculate-room-player-1 HTTP/1.1
Host: www.filmesonlinehdgratis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 14:22:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 15:22:44 GMT
Location: https://www.filmesonlinehdgratis.com.br/the-immaculate-room-player-1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ketd3VUkaQMf8T6GF6qlB5L9doOuwnMK5SVaUvNjbZIQnBYKHS8VkbVuVuch1HVlHezcDym7wCCr3pFw%2FgjeezVtCJUHJdqaIBzl5rP6vKXeGyscqqgc%2Bitl4dRdzOg66mW66UaBnuziyKeysbmVxWvz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c4cc8cabfb4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13089
Expires: Sun, 05 Feb 2023 18:00:53 GMT
Date: Sun, 05 Feb 2023 14:22:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2372
Expires: Sun, 05 Feb 2023 15:02:16 GMT
Date: Sun, 05 Feb 2023 14:22:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9791
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 14:22:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 13:33:55 GMT
content-type: application/json
age: 2929
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UpLnwdH3piyR75FD/MagMYxjFVfSvj1Rq5YM1gsfqH1IXRf3Zvq1HaQcirD8khiGes9pB7yjtZ0=
x-amz-request-id: KHN5X9CYPV5ZBPEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 13:24:29 GMT
age: 3495
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8ab45224fa910e6b63ecfc2ae8ba95c5
be32f6738a12fd139dd11276b9d6e5b5652bd7fd
cd0ee65f236f852f2a7cea0ebad5184baf593eab0f0f6117429348ce679b001e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:44 GMT
Server: ECS (amb/6B7E)
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:22:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 14:07:20 GMT
age: 925
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8ab45224fa910e6b63ecfc2ae8ba95c5
be32f6738a12fd139dd11276b9d6e5b5652bd7fd
cd0ee65f236f852f2a7cea0ebad5184baf593eab0f0f6117429348ce679b001e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:45 GMT
Last-Modified: Sun, 05 Feb 2023 14:22:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 4.4 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash 8adddd36cb7bc314598aa74b13450180
79f117834e2de4cd6650d78752e3f7fcd637b6d0
4a2593812f4a6302f8f1974a0dd60b0e3b25da3a2c0a8dbca47501fac90699d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14650
Expires: Sun, 05 Feb 2023 18:26:55 GMT
Date: Sun, 05 Feb 2023 14:22:45 GMT
Connection: keep-alive
hqq.to/styles/global/embed_player.3.css?130
190.115.19.71200 OK 2.2 kB URL HTTP/2 hqq.to/styles/global/embed_player.3.css?130
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 66b9ba8745000a52a738205aa8796937
c8b16dff9d045af75985f58c0fc157d57eda7776
3c910f503a3200e2fdb6b07dd46c88b88983634a22b3ca861dbc5b3afa31fb7c
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.217.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.217.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: laiPl4UQ+7xx+MofKb1Vkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VBjZhuR5SKgPDZccAGSt5NkkzMQ=
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.125.175200 OK 31 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (32065)
Hash 7905f8cde9a60129dce90afbaa200edd
cb8f5d6dae5c54e76e57e4e25e769f69a484a468
ba8374ec28454ac587c530a158857f587ced1fafca87915c44932aa6cd0af34a
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 18650466
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794c4cd04c820b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cca235bbbe05cc0ebb9bd291f113f0c6
bdd36e0742f6fd7812e08ef8789d64507c6a82ec
28fa69fd1abd5013a545fe2a0072d1160c0be080a5596901a4b2a534153f4707
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3828
Cache-Control: max-age=136434
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:46 GMT
Etag: "63df1eb4-118"
Expires: Tue, 07 Feb 2023 04:16:40 GMT
Last-Modified: Sun, 05 Feb 2023 03:12:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.125.175200 OK 9.7 kB URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (29325)
Hash 2d7d887d9e8057e06dc05e67fc2be03d
94081984e962d7710d5f8d3125a08435f8ffb627
e119beb232ddb483a6f7b93c8abd4cdb95812b4595101cbde39fcddcd91850aa
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 24917729
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794c4cd03c710b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
commentsengine.com/js/js.load.1.js?943740624327207
188.114.96.1200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?943740624327207
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?943740624327207 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:46 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 21056291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSaNaQomoKSrmaWxFBbTlEYiVcjtMTpxyBocXf7Xn4YNju%2BKZQ2E%2B7mOJ7vHUSB0peajKE2PIlwBXNbmU%2F8iwuw0aItW83SSZJ8WL4Zy%2BxFf56PBhqio%2BtBXEeQ1dGBLCyErNW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cd22de70b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 4.9 kB IP 93.184.220.29:0
Hash 9e9401c485aed3e181b13d362c4e6e57
65b1c680443343ae9a53aa966c727a48a3c55af2
b04616ec0af1f9a99bb77ab0827963432fe510b8cc05a7d9bbdd84b2221d02d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3828
Cache-Control: max-age=136434
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:46 GMT
Etag: "63df1eb4-118"
Expires: Tue, 07 Feb 2023 04:16:40 GMT
Last-Modified: Sun, 05 Feb 2023 03:12:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
hqq.to/js/d_check.js?34
190.115.19.71200 OK 46 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 17cc8690a6074ba381e68d584d7bd9c7
800351e81399cd6065c6518817ed7d7d84762385
77c447ac2166d96861aa280fb5e227cd72cac52351b90983118e0d8fddfb691f
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hqq.to/cdn-cgi/trace
190.115.19.71404 Not Found 146 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: text/html; charset=UTF-8
content-length: 146
x-origin-location: /
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: /
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29efad1359910e1e5ace9063227fc036
3f77ac3cc4744804bb9e9320bc9fa94c69688fb9
83cced60e170950ef23f2d22e1498bccb71e3c5adeed0cf1ef59adeb79b138be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83CCED60E170950EF23F2D22E1498BCCB71E3C5ADEED0CF1EF59ADEB79B138BE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 20:22:46 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68c2685295084790c0474a0635a4722c
3fff678bf76a8ee8e83705610c171a0859625d11
ef55bf473a5eeaa1cdc1c8e735536cd02c286943f46925edbef0d1f5d93efb17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF55BF473A5EEAA1CDC1C8E735536CD02C286943F46925EDBEF0D1F5D93EFB17"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21488
Expires: Sun, 05 Feb 2023 20:20:54 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
hqq.to/js/video.jquery_plugs/modernizr.js?12
190.115.19.71200 OK 3.0 kB URL HTTP/2 hqq.to/js/video.jquery_plugs/modernizr.js?12
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 61241deac70d1d735be3d931994a130a
b983fd9ddc91cd5949cff8b80cce2b728e0dbfcd
25a3da9f97e552db0dbef31ffa0744a06f79b08877594eb17d18333949e85f45
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a1d8bf90ca7d1bab17d88920465ec06
4f12ab55caedacd22431a08b4c841d5fdc230e6c
c4f7b38a35d7bde6d578da10b6381281baf0e977c13f584daadc0ec7fcc9d106
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4F7B38A35D7BDE6D578DA10B6381281BAF0E977C13F584DAADC0EC7FCC9D106"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18509
Expires: Sun, 05 Feb 2023 19:31:15 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
xo28pclotovi.com/e59984f834732c573efad2d2b175ab5a/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 xo28pclotovi.com/e59984f834732c573efad2d2b175ab5a/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25156), with no line terminators
Hash 15962fdf2e2b8caeee447139f66a3a41
a58d19f39d3f3a23b98163aa47ad1f1b688aa1df
33cc50b5017afe89cb673630fcc68c93cb375e780d11044e99070bfba13c6d18
GET /e59984f834732c573efad2d2b175ab5a/invoke.js HTTP/1.1
Host: xo28pclotovi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 14:22:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c48fd1cdba43debc9f28bb653bd8f7a2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f4de27ae313ad545e58b316d72045552
096df1fbc8df3c185425769eb7f5ea1ace72d73f
097c78206dd22212ddcec7fe08ec8266a475aa3816e76f0c591baa958c677999
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "097C78206DD22212DDCEC7FE08EC8266A475AA3816E76F0C591BAA958C677999"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Sun, 05 Feb 2023 16:10:07 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
192.243.59.20200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32169), with no line terminators
Hash 8a3594965025ac63fdb87ac106c0637e
aa539bf5ee58550803ab58f94f086281418f94ea
04288ed8aef02cc960b4b67ba3b5e9fcf7107a66cf632ae4bca56d83b8836c7e
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 14:22:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17dbc1d0e4e64dedc8cec0e558f50f55
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13314
Expires: Sun, 05 Feb 2023 18:04:40 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.125.175200 OK 22 kB URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.125.175:0
Hash d10fc49793e0059c444b335d3ab6e567
73b374a5fa2c8fff1f303007f168d8bb71c7d5c4
e4b33a033bb128f4c4d84214855f7070d8678d651d55f0b015c14f1a82c3f76b
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 18650466
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794c4cd04c7b0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 14:22:46 GMT
Last-Modified: Sun, 05 Feb 2023 13:39:12 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z-MNNekpzljBLFRKiD20UMzAR134i2tTiDmJCtqDgsu3QFvioodvkg==
Age: 2615
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 2698f04416f6b58c864f49f521140afd
7efdc8f3b9bbd92f8041d2c91d82393d749c58fe
90e4ffc7d04ba548003103a8f2bacbe8eee9f77492582ff4ab49efa6ff2929bd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.filmesonlinehdgratis.com.br
access-control-allow-credentials: true
set-cookie: uid_id2=ef32ece8-aadf-4f9a-a827-b739d1cfc562:1:1; expires=Wed, 02 Feb 2033 14:22:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87864
Date: Sun, 05 Feb 2023 14:22:46 GMT
Etag: "63de5e16-1d7"
Expires: Mon, 06 Feb 2023 14:47:10 GMT
Last-Modified: Sat, 04 Feb 2023 13:31:02 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bLh29NKqpG3kcJKhpsI-lwrZr6y-Dr94I5LS9KkTmMLU6QN7oIhBWg==
Age: 4568
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 64f14214af642297daa6f1459f5c3ded
aad7e8a05379708fe7d896e4293289160f975f9f
1ea08e22f55bcc5b305ca1a86514d4fad2953119c259be298f6da0eaf9f2f94c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
set-cookie: uid_id2=caaea8b1-7677-4eab-83cb-40ba30682df5:2:1; expires=Wed, 02 Feb 2033 14:22:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13314
Expires: Sun, 05 Feb 2023 18:04:40 GMT
Date: Sun, 05 Feb 2023 14:22:46 GMT
Connection: keep-alive
inc.freefind.com/inc/ffse-overlay.min.js
63.249.66.205200 OK 3.2 kB URL HTTP/1.1 inc.freefind.com/inc/ffse-overlay.min.js
IP 63.249.66.205:0
File type ASCII text, with very long lines (550)
Hash cc8a1c1b25e5d9ee12ebb83456f963d5
1991ea10a2ca8ef70e1b4832676e55689ad34fc8
0f0cd34e731649dd70e867568ac4bc363cbfd8125750cb7526fafcdb1cf56bbc
GET /inc/ffse-overlay.min.js HTTP/1.1
Host: inc.freefind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 10 Apr 2018 20:55:47 GMT
Expires: Sun, 05 Feb 2023 14:27:46 GMT
Cache-control: max-age=300
content-encoding: gzip
Server: unknown
Content-Type: text/javascript; charset=utf-8
Content-Length: 3202
Date: Sun, 05 Feb 2023 14:22:46 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fb1495442167a14a49ba788fefe4ce9
a16c69f4c65a9cd5749f26493d440b5dc32be878
2bff389795848a07abc28a725001d87aab31efde2356ed22ce132c9808602cea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BFF389795848A07ABC28A725001D87AAB31EFDE2356ED22CE132C9808602CEA"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7106
Expires: Sun, 05 Feb 2023 16:21:13 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 476fae8e072cf4accca276dd765d3f93
19ae6c04ecf983a2ef09667cb4d351fab09dea9c
2db7f94c24df57cfe44bb16f1c2ea830d87052616a8621decf716c9c17241978
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DB7F94C24DF57CFE44BB16F1C2EA830D87052616A8621DECF716C9C17241978"
Last-Modified: Fri, 03 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2747
Expires: Sun, 05 Feb 2023 15:08:34 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
172.64.203.23200 OK 32 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash fa51894daf2ee24dbe122d04b7a411e2
b2e8b8be2ed2303d0692ea07f950be2f8909c4ae
ac824c604f295bc57cb9e435a931c51326dffc65bebbc5fc248328af6a9d9d98
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:46 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cc7b1d4844cfb229342b68987c03cfc1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 14:22:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwDPvTGjHu%2FHLjmrrketnj%2F%2FqEtZ6mVwecv1pW%2FPTpQwEI0j9wxiGUphEjJf5chBViD2uOMoTKY7HrGRQ5PjNY2uExvmHo85uHOiZm3BYEgFNysTQ%2BpLdjgz0WvRZ3x6oGPpXEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cd5bd054071-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 38388
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:30:31 GMT
age: 10336
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mWqq5MbsWYvQmSzPw3kTdjzTkz22mNHbOoqyiHfbxv0BhNhgFfnZGw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:44:03 GMT
age: 59924
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
Hash 2f60d0d9148ee2050b18553bf6cb44c2
875379279a768f882a9691b44a80f8f0e596df14
6682c3fcfbced9897e74f07c6c34918b3c68b87c66f7c857a7ef30c5060b0181
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 59961
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 58622
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
subscribestormyapprobation.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 subscribestormyapprobation.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 49fa587b4984107b18a28786b62d3590
ac56d5aacef5a867f60101895698e81d2bb374ff
ae079eadd1850fea0a62cd03c594b4778cecd7bef8dbae91dfe466766069bb63
Analyzer Verdict Alert quad9 Sinkholed
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48f73c24db2f3b2b12da0fb60305d27d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
subscribestormyapprobation.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1
173.233.137.36200 OK 4.1 kB URL HTTP/1.1 subscribestormyapprobation.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (5649), with no line terminators
Hash 5de56a5ec66cdb48bc1433652b0cf5e6
201e41df6accb1ed0969e66460baffdb45d9c9a7
61f3b8c0c3f7dde29f51474bd7cca536cc062ea84d914e8003d51f7550dd3870
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://hqq.to
Access-Control-Allow-Origin: https://hqq.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334947; expires=Mon, 06 Feb 2023 14:22:47 GMT; secure; SameSite=None
uid_id2=caaea8b1-7677-4eab-83cb-40ba30682df5:2:1; expires=Sun, 12 Feb 2023 14:22:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 14:22:47 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 14:22:47 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 14:22:47 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 14:22:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25b1e017f4e8cdaa07331342cb05f4f3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hqq.to/player/get_player_image.php
190.115.19.71200 OK 32 kB URL HTTP/2 hqq.to/player/get_player_image.php
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 0be32e0980a7ab516b1c34bbafbb44e7
22b7dc0e105754aa650e79bba9e1803e975fdee4
22077a6a33d4abdf48f451d6a6151c77dfdadc3a20c77b5880f784c1a33af179
POST /player/get_player_image.php HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-file-located: temp, filename:../files/temp/video_images/x/l/1660950858qmclx-1.jpg
x-clickarr-add-e: 1
x-image-size: 41094
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
server: Google Frontend
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 226b4b7ed001c83c6cd0f214b4ce3282
968f8f13cdcc73a0c3216ceb0f6728ecd08d6320
820fec9c323efab8c1e1278b833149872fd9cb8a1cb6c6c836fce48f172b9178
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3871
Cache-Control: max-age=104815
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:47 GMT
Etag: "63dea307-118"
Expires: Mon, 06 Feb 2023 19:29:42 GMT
Last-Modified: Sat, 04 Feb 2023 18:25:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
subscribestormyapprobation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqbzqrv6y1mIcYwEx0yYD4ILF%2B%2BrOs%2B8rlfzXlVXJ6swAzLL1pXLyul8oA7irFzIgHTcyKymXUhAI%2FgvCK5cSHcaWu%2Fi3XvueYtzz72fHuTnhCJnZ5sf2j1tDFtpVGnltS2dSFv4ysbtSkir9GplSyfN6GplMH1c%2F62QNqr09cr7SuzYlRoNKQ1pWFnTTsV2sDJjodOHnbDaodWoVg0bEQbuv9jnATwLIPvn5AVoOfn%2F9k%2BPoMUYSe%2Fba8rvZDZ9871eblhmHfry5E6yk9giQW9Rxi5AnJzMf8P6CSFfXIJNTuYTwPYPpxOA6wkJfgnBk5O5TPD%2B0YVSbqAScPkciv4Yyoyh2RjC3oeWTwkgJDZuIOkdb1hXsN0Llk3ZCVn660%2FoYkKWfnsRSe%2BbVaMHlVvW5Jm2iccgLqEHY%2BjuGGl%2BimwvgC5OIbJ70JIg6ZXQ8uwVwZhibR4ut5qt1nKkGF9u1wVfjihnddps12TcmFmj9Rg6HsOoIZi%2FhNwHyHWAPA6QpwF68qzCGp2Y0lbM43q9HQkh6nUhGu2mbMh61I4pcjHVPkSWDiHMEMLtI3X72NFDuPwH%2BO0SXgbwGUFfligUQeEJCkZQaIIiIyj65ZE0vubLY2l8zsN5rs1zvRzZrHvAjmzWVQk5SM%2FJ81PDgmfvjbCjziqMU65qLIp4S4m4E3LJZUPIepPKdtSpt%2BB1Ce0vgfkAe3pCXnr8BlI9Ic98%2FCs4O4U3pxD6VbD8ZbBi1KpRsO1R1KbYS463796tZhbSlkizJWS7wYE5J1dmK6s1%2F4YST8g8IFyJ1JX4RP9I0DUPRjdtQQ5v2sKTRzfSTPf0Hpuu81bGMnX5qw%2FUbmGdXL%2Fmh1%2B%2BI6bEtHx4W%2FnsOkukTrqefL2qpVRuzTqhyON1v6X4Zu63V3OX5On1zXfX1nupU95rm4zB9NOPPofQE3KZ3Zkd6pXJH9BuDJeX6OULpdqOIdJ9%2BHTR85bAmQXmaYAiL0euxhdNowmMWmDGS%2Fh%2FYb6oD%2FwDdF0Alt2fnWffleibEswM4fP%2FjbLUPXn75%2FoswE0w4sYFh9w489mFtV6fVVQjprGiNcXjDo9bjMpOHHU464SqxRssROYn4vfvv%2FsHAAD%2F%2FwEAAP%2F%2Fl5C3SIAEAAA%3D
173.233.137.36200 OK 1.0 kB URL HTTP/1.1 subscribestormyapprobation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqbzqrv6y1mIcYwEx0yYD4ILF%2B%2BrOs%2B8rlfzXlVXJ6swAzLL1pXLyul8oA7irFzIgHTcyKymXUhAI%2FgvCK5cSHcaWu%2Fi3XvueYtzz72fHuTnhCJnZ5sf2j1tDFtpVGnltS2dSFv4ysbtSkir9GplSyfN6GplMH1c%2F62QNqr09cr7SuzYlRoNKQ1pWFnTTsV2sDJjodOHnbDaodWoVg0bEQbuv9jnATwLIPvn5AVoOfn%2F9k%2BPoMUYSe%2Fba8rvZDZ9871eblhmHfry5E6yk9giQW9Rxi5AnJzMf8P6CSFfXIJNTuYTwPYPpxOA6wkJfgnBk5O5TPD%2B0YVSbqAScPkciv4Yyoyh2RjC3oeWTwkgJDZuIOkdb1hXsN0Llk3ZCVn660%2FoYkKWfnsRSe%2BbVaMHlVvW5Jm2iccgLqEHY%2BjuGGl%2BimwvgC5OIbJ70JIg6ZXQ8uwVwZhibR4ut5qt1nKkGF9u1wVfjihnddps12TcmFmj9Rg6HsOoIZi%2FhNwHyHWAPA6QpwF68qzCGp2Y0lbM43q9HQkh6nUhGu2mbMh61I4pcjHVPkSWDiHMEMLtI3X72NFDuPwH%2BO0SXgbwGUFfligUQeEJCkZQaIIiIyj65ZE0vubLY2l8zsN5rs1zvRzZrHvAjmzWVQk5SM%2FJ81PDgmfvjbCjziqMU65qLIp4S4m4E3LJZUPIepPKdtSpt%2BB1Ce0vgfkAe3pCXnr8BlI9Ic98%2FCs4O4U3pxD6VbD8ZbBi1KpRsO1R1KbYS463796tZhbSlkizJWS7wYE5J1dmK6s1%2F4YST8g8IFyJ1JX4RP9I0DUPRjdtQQ5v2sKTRzfSTPf0Hpuu81bGMnX5qw%2FUbmGdXL%2Fmh1%2B%2BI6bEtHx4W%2FnsOkukTrqefL2qpVRuzTqhyON1v6X4Zu63V3OX5On1zXfX1nupU95rm4zB9NOPPofQE3KZ3Zkd6pXJH9BuDJeX6OULpdqOIdJ9%2BHTR85bAmQXmaYAiL0euxhdNowmMWmDGS%2Fh%2FYb6oD%2FwDdF0Alt2fnWffleibEswM4fP%2FjbLUPXn75%2FoswE0w4sYFh9w489mFtV6fVVQjprGiNcXjDo9bjMpOHHU464SqxRssROYn4vfvv%2FsHAAD%2F%2FwEAAP%2F%2Fl5C3SIAEAAA%3D
IP 173.233.137.36:0
Hash 3b7d0ae23ac276f4cbe01a386a316094
26e53d7da3f4342d35be371fd8ec2220a13923fe
3ac596f1e43baceb029c457db0ae73f174b4ff3b0324503cab0fcb3a4d1b749c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqbzqrv6y1mIcYwEx0yYD4ILF%2B%2BrOs%2B8rlfzXlVXJ6swAzLL1pXLyul8oA7irFzIgHTcyKymXUhAI%2FgvCK5cSHcaWu%2Fi3XvueYtzz72fHuTnhCJnZ5sf2j1tDFtpVGnltS2dSFv4ysbtSkir9GplSyfN6GplMH1c%2F62QNqr09cr7SuzYlRoNKQ1pWFnTTsV2sDJjodOHnbDaodWoVg0bEQbuv9jnATwLIPvn5AVoOfn%2F9k%2BPoMUYSe%2Fba8rvZDZ9871eblhmHfry5E6yk9giQW9Rxi5AnJzMf8P6CSFfXIJNTuYTwPYPpxOA6wkJfgnBk5O5TPD%2B0YVSbqAScPkciv4Yyoyh2RjC3oeWTwkgJDZuIOkdb1hXsN0Llk3ZCVn660%2FoYkKWfnsRSe%2BbVaMHlVvW5Jm2iccgLqEHY%2BjuGGl%2BimwvgC5OIbJ70JIg6ZXQ8uwVwZhibR4ut5qt1nKkGF9u1wVfjihnddps12TcmFmj9Rg6HsOoIZi%2FhNwHyHWAPA6QpwF68qzCGp2Y0lbM43q9HQkh6nUhGu2mbMh61I4pcjHVPkSWDiHMEMLtI3X72NFDuPwH%2BO0SXgbwGUFfligUQeEJCkZQaIIiIyj65ZE0vubLY2l8zsN5rs1zvRzZrHvAjmzWVQk5SM%2FJ81PDgmfvjbCjziqMU65qLIp4S4m4E3LJZUPIepPKdtSpt%2BB1Ce0vgfkAe3pCXnr8BlI9Ic98%2FCs4O4U3pxD6VbD8ZbBi1KpRsO1R1KbYS463796tZhbSlkizJWS7wYE5J1dmK6s1%2F4YST8g8IFyJ1JX4RP9I0DUPRjdtQQ5v2sKTRzfSTPf0Hpuu81bGMnX5qw%2FUbmGdXL%2Fmh1%2B%2BI6bEtHx4W%2FnsOkukTrqefL2qpVRuzTqhyON1v6X4Zu63V3OX5On1zXfX1nupU95rm4zB9NOPPofQE3KZ3Zkd6pXJH9BuDJeX6OULpdqOIdJ9%2BHTR85bAmQXmaYAiL0euxhdNowmMWmDGS%2Fh%2FYb6oD%2FwDdF0Alt2fnWffleibEswM4fP%2FjbLUPXn75%2FoswE0w4sYFh9w489mFtV6fVVQjprGiNcXjDo9bjMpOHHU464SqxRssROYn4vfvv%2FsHAAD%2F%2FwEAAP%2F%2Fl5C3SIAEAAA%3D HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334947; uid_id2=caaea8b1-7677-4eab-83cb-40ba30682df5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d6190c9c5032b150bd868f2b090b71e
Strict-Transport-Security: max-age=0; includeSubdomains
disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuDhNBPRlFEDzMSRRk0j0zvTNjhGCMkcW4uyaRPddfz5Rb3dVUdU%2FP7mkxILkIA3pQT73f7GZRgyQXPQRBZr2EnLZBZA%2Bu4EEEDx4C4lFmMjD6oOq97311%2BL5X76O9%2FJT4yOnJxrtmR2lNz4cNv%2F7ypkqEKVx97UY98Bv%2BhfqmSlbaF%2Bqj2WWHrwV%2B2PBfqb8t%2BZY53%2FQD3w%2F8oH5FWRmZ0fk5C5Xe6QWNnt9oNxtB2MbI%2Fh%2B73IOjHsTwlJyDEtXZwYN7UHyKJL57WbqtzKSvvhXnmmbGYigO30%2B2ElMkiJdlZD1EyeHiNYyrCPnsDExyuHAAM9yfOQBTFfF%2BDsCSw4VMsOHBY6VMQyZg4mkUwymknkLRKbi5CSWOCcAF1taRxLfXjC3o9mOWztiK1P5%2BBFVUpPbLc0jiby5pNapfNzrPlEkcRlEJNZpC9adI8yNkOx5UcQSefQglCJK4hBLl3LVSU6hoCi3HoM5DPjvKQx55yFMPsTip07AX%2BX4nYlGr1W1zzlstzsPuighFq92NfOR8JmuMLB2D6zG43UVqd7GlPjkOzx37rCLk0W%2Bw%2BQ9wgxJOeHBZRbz3djEUJQpJUDiCghIUiqDICIpheSC0a7ryttAuZ8EiNxe5VU5M1t%2BjBybry4Tspafkmflo%2Fnx%2BBVvypC7DXq%2FbjrqtdqfV5GGnJSMqmqLJgk5IWUjhVAnlzsxd76iKPPvXAKmqyJnfj8DoEZw%2BAlceaB6AFpNO0wcdTNpdHzvJ%2FUjpWDqTaJXIgehbminX4CZuMAthSqRZDdm2t6dPyQtzWStnP4bkD8kiwG2J1Jb4QP1I0Ne3JtdMQfavmcKRe%2BtppmK1Q2e%2FeT2jmXziq3fkdmGsWL3sxl%2B%2BwWfErLxzQ7rsKk2ESvqOfH1JCSHtFWO5JN%2Bvuk3JNnI3uJTbJE%2Bvbrx5ZTVOrXROmWQKqo7X%2FwFXFXky%2FWO%2Bpy%2BuB1B2CpuXiPOlUmWm4OkuXLrsOUNg9RKz1EORlxPbZMumVgRaLjFlJdx%2FMFvWe%2B4W%2BrYGmt2cb%2BfQlhjqElSP4fKnJllqH1588PksvgDTtQnTtrbPtNWfzkdbkdcv3q3IS9%2F%2BVJGVfQGnZgsQ%2BZH0m5JFPRZ1qC96UbvHaC%2BQHRbSAJmr%2BK%2F3v%2FsXAAD%2F%2FwEAAP%2F%2FHbH3wY4EAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuDhNBPRlFEDzMSRRk0j0zvTNjhGCMkcW4uyaRPddfz5Rb3dVUdU%2FP7mkxILkIA3pQT73f7GZRgyQXPQRBZr2EnLZBZA%2Bu4EEEDx4C4lFmMjD6oOq97311%2BL5X76O9%2FJT4yOnJxrtmR2lNz4cNv%2F7ypkqEKVx97UY98Bv%2BhfqmSlbaF%2Bqj2WWHrwV%2B2PBfqb8t%2BZY53%2FQD3w%2F8oH5FWRmZ0fk5C5Xe6QWNnt9oNxtB2MbI%2Fh%2B73IOjHsTwlJyDEtXZwYN7UHyKJL57WbqtzKSvvhXnmmbGYigO30%2B2ElMkiJdlZD1EyeHiNYyrCPnsDExyuHAAM9yfOQBTFfF%2BDsCSw4VMsOHBY6VMQyZg4mkUwymknkLRKbi5CSWOCcAF1taRxLfXjC3o9mOWztiK1P5%2BBFVUpPbLc0jiby5pNapfNzrPlEkcRlEJNZpC9adI8yNkOx5UcQSefQglCJK4hBLl3LVSU6hoCi3HoM5DPjvKQx55yFMPsTip07AX%2BX4nYlGr1W1zzlstzsPuighFq92NfOR8JmuMLB2D6zG43UVqd7GlPjkOzx37rCLk0W%2Bw%2BQ9wgxJOeHBZRbz3djEUJQpJUDiCghIUiqDICIpheSC0a7ryttAuZ8EiNxe5VU5M1t%2BjBybry4Tspafkmflo%2Fnx%2BBVvypC7DXq%2FbjrqtdqfV5GGnJSMqmqLJgk5IWUjhVAnlzsxd76iKPPvXAKmqyJnfj8DoEZw%2BAlceaB6AFpNO0wcdTNpdHzvJ%2FUjpWDqTaJXIgehbminX4CZuMAthSqRZDdm2t6dPyQtzWStnP4bkD8kiwG2J1Jb4QP1I0Ne3JtdMQfavmcKRe%2BtppmK1Q2e%2FeT2jmXziq3fkdmGsWL3sxl%2B%2BwWfErLxzQ7rsKk2ESvqOfH1JCSHtFWO5JN%2Bvuk3JNnI3uJTbJE%2Bvbrx5ZTVOrXROmWQKqo7X%2FwFXFXky%2FWO%2Bpy%2BuB1B2CpuXiPOlUmWm4OkuXLrsOUNg9RKz1EORlxPbZMumVgRaLjFlJdx%2FMFvWe%2B4W%2BrYGmt2cb%2BfQlhjqElSP4fKnJllqH1588PksvgDTtQnTtrbPtNWfzkdbkdcv3q3IS9%2F%2BVJGVfQGnZgsQ%2BZH0m5JFPRZ1qC96UbvHaC%2BQHRbSAJmr%2BK%2F3v%2FsXAAD%2F%2FwEAAP%2F%2FHbH3wY4EAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuDhNBPRlFEDzMSRRk0j0zvTNjhGCMkcW4uyaRPddfz5Rb3dVUdU%2FP7mkxILkIA3pQT73f7GZRgyQXPQRBZr2EnLZBZA%2Bu4EEEDx4C4lFmMjD6oOq97311%2BL5X76O9%2FJT4yOnJxrtmR2lNz4cNv%2F7ypkqEKVx97UY98Bv%2BhfqmSlbaF%2Bqj2WWHrwV%2B2PBfqb8t%2BZY53%2FQD3w%2F8oH5FWRmZ0fk5C5Xe6QWNnt9oNxtB2MbI%2Fh%2B73IOjHsTwlJyDEtXZwYN7UHyKJL57WbqtzKSvvhXnmmbGYigO30%2B2ElMkiJdlZD1EyeHiNYyrCPnsDExyuHAAM9yfOQBTFfF%2BDsCSw4VMsOHBY6VMQyZg4mkUwymknkLRKbi5CSWOCcAF1taRxLfXjC3o9mOWztiK1P5%2BBFVUpPbLc0jiby5pNapfNzrPlEkcRlEJNZpC9adI8yNkOx5UcQSefQglCJK4hBLl3LVSU6hoCi3HoM5DPjvKQx55yFMPsTip07AX%2BX4nYlGr1W1zzlstzsPuighFq92NfOR8JmuMLB2D6zG43UVqd7GlPjkOzx37rCLk0W%2Bw%2BQ9wgxJOeHBZRbz3djEUJQpJUDiCghIUiqDICIpheSC0a7ryttAuZ8EiNxe5VU5M1t%2BjBybry4Tspafkmflo%2Fnx%2BBVvypC7DXq%2FbjrqtdqfV5GGnJSMqmqLJgk5IWUjhVAnlzsxd76iKPPvXAKmqyJnfj8DoEZw%2BAlceaB6AFpNO0wcdTNpdHzvJ%2FUjpWDqTaJXIgehbminX4CZuMAthSqRZDdm2t6dPyQtzWStnP4bkD8kiwG2J1Jb4QP1I0Ne3JtdMQfavmcKRe%2BtppmK1Q2e%2FeT2jmXziq3fkdmGsWL3sxl%2B%2BwWfErLxzQ7rsKk2ESvqOfH1JCSHtFWO5JN%2Bvuk3JNnI3uJTbJE%2Bvbrx5ZTVOrXROmWQKqo7X%2FwFXFXky%2FWO%2Bpy%2BuB1B2CpuXiPOlUmWm4OkuXLrsOUNg9RKz1EORlxPbZMumVgRaLjFlJdx%2FMFvWe%2B4W%2BrYGmt2cb%2BfQlhjqElSP4fKnJllqH1588PksvgDTtQnTtrbPtNWfzkdbkdcv3q3IS9%2F%2BVJGVfQGnZgsQ%2BZH0m5JFPRZ1qC96UbvHaC%2BQHRbSAJmr%2BK%2F3v%2FsXAAD%2F%2FwEAAP%2F%2FHbH3wY4EAAA%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21494fad449560b07b04c39143727f8c
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7681
Expires: Sun, 05 Feb 2023 16:30:48 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10774
Expires: Sun, 05 Feb 2023 17:22:21 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e4acd46b234f93b8f66bddfb049e7f1
f606219397d2684ccb9fe3daa394b00145d9ac6b
4cf65578835d4adc49e92099f07b3566d6e5f8a8406acfe7dd1fa4fc45df1033
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CF65578835D4ADC49E92099F07B3566D6E5F8A8406ACFE7DD1FA4FC45DF1033"
Last-Modified: Fri, 03 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18534
Expires: Sun, 05 Feb 2023 19:31:41 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6803
Expires: Sun, 05 Feb 2023 16:16:10 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/75/7b/81/757b81113c578a86c692d060de67f4e2/1657625054.jpg
45.133.44.9200 OK 14 kB URL HTTP/2 cdn.cloudimagesb.com/cti/75/7b/81/757b81113c578a86c692d060de67f4e2/1657625054.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 39a1dc690c140a8b861fb5732b248177
f129767ad0460a3f7d840bc67529a71b518b0875
86f0569d7298c72bc2a774e99bdb737ae3b7ff7f194c2c5fd73bba56f89f0e7a
GET /cti/75/7b/81/757b81113c578a86c692d060de67f4e2/1657625054.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/jpeg
content-length: 13652
server: nginx/1.17.6
last-modified: Tue, 12 Jul 2022 11:24:22 GMT
etag: "62cd59e6-3554"
expires: Tue, 07 Feb 2023 14:22:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXib%2F4ffkKoLgYU6iIJPumenMjCssxjUSXLNxdyV4rK6qnilT3dVUdU9PcjG4IHsRBvWgnjrfJBvURXZB9LAI0vGy7CkNIjkYwYMXDx4WPMtMBkYfVL33va8O3%2FfqfbifnREXGT3dfEvvSqXost9w6y9syZjr3NY3btY9t%2BFeqm%2FJeKV9qT6aXmb4suf6DffF%2BhuCbevlpuu5rud69TVpRKhHyzMWMrnb8xo9t9FuNjy%2FjZH5L7aZA0sd8OEZuQjJq6XBw%2FuQrEQc3bsi7Haqk5dejzJFU20w5EfvxNuxzmNEizI0DsL4aP4a2laEfHYBOj6aO4AeHkwdIJAVcX7xEMRHc5kIhofnSgMFESPgTyAflhCqhKQlmL4FyU8IwDg2riGO7mxok9Odc5ZO2YrU%2Fn4MmVek9uvTiKNvVpUc1W9olaVSxxajsIAclZD9Ekl2jHTXgcyPwdIPIDlBHBWQvJi5lrKEDEsoMQa1DrLpkQ6y0EGWOIj4aZ36vdB1O2EQtlrdNmOs1WLM765wn7fa3dBFxqayxkiTMZgag5k9JGYP2%2FKTE%2F%2FiiRtUhDz%2BHSb7EXZQwHIHNq2I8%2FYehrxALghyS5BTglwS5ClBPiwOubJNW9zhymaBN8%2FNeW4VE5329%2BmhTvsiJvvJGXlyNpo%2Fn1nBtjitC7%2FX67bDbqvdaTWZ32mJkPImbwZex6eBT2FlAWkvzFzvyoo89dcAiazIhT%2BOEdBjWHUMJh3QzAPNJ52mCzqYtLsuduMHoVSRsDpWMhYD3jc0lbbBdNQIDLgukKQ1pDvOvjojz85krRxwCPaIzAPMFEhMgffkTwR9dXtyXefk4LrOLbl%2FLUllJHfp9DdvpDQV%2F%2FvqTbGTa8PXr9jxl6%2ByKTEt794UNr1KYy7jviVfr0rOhVnThgnyw7rdEsFmZgermYmz5Orma2vrUWKEtVLHJag8efdjMFmRJfH%2BbE%2Bf%2BzaHNCVMViDKFkqlLsGSPdhk0bOawKgFDpIa8qyYmGawaCpJoMQC06CA%2FRcOFvW%2BvY2%2BqYGmt2bbOTQFhqoAVWPY7P%2BTNDGPLj%2F8fBpfIFC1SaBM7SBQRn1akZWljyryyuV7FXn%2Bu5%2FPJ23lad332qIbdDuM80Aw7nWarW7LdZuctzs94fWQ2or99uD7fwAAAP%2F%2FAQAA%2F%2F%2BVfJgkjgQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXib%2F4ffkKoLgYU6iIJPumenMjCssxjUSXLNxdyV4rK6qnilT3dVUdU9PcjG4IHsRBvWgnjrfJBvURXZB9LAI0vGy7CkNIjkYwYMXDx4WPMtMBkYfVL33va8O3%2FfqfbifnREXGT3dfEvvSqXost9w6y9syZjr3NY3btY9t%2BFeqm%2FJeKV9qT6aXmb4suf6DffF%2BhuCbevlpuu5rud69TVpRKhHyzMWMrnb8xo9t9FuNjy%2FjZH5L7aZA0sd8OEZuQjJq6XBw%2FuQrEQc3bsi7Haqk5dejzJFU20w5EfvxNuxzmNEizI0DsL4aP4a2laEfHYBOj6aO4AeHkwdIJAVcX7xEMRHc5kIhofnSgMFESPgTyAflhCqhKQlmL4FyU8IwDg2riGO7mxok9Odc5ZO2YrU%2Fn4MmVek9uvTiKNvVpUc1W9olaVSxxajsIAclZD9Ekl2jHTXgcyPwdIPIDlBHBWQvJi5lrKEDEsoMQa1DrLpkQ6y0EGWOIj4aZ36vdB1O2EQtlrdNmOs1WLM765wn7fa3dBFxqayxkiTMZgag5k9JGYP2%2FKTE%2F%2FiiRtUhDz%2BHSb7EXZQwHIHNq2I8%2FYehrxALghyS5BTglwS5ClBPiwOubJNW9zhymaBN8%2FNeW4VE5329%2BmhTvsiJvvJGXlyNpo%2Fn1nBtjitC7%2FX67bDbqvdaTWZ32mJkPImbwZex6eBT2FlAWkvzFzvyoo89dcAiazIhT%2BOEdBjWHUMJh3QzAPNJ52mCzqYtLsuduMHoVSRsDpWMhYD3jc0lbbBdNQIDLgukKQ1pDvOvjojz85krRxwCPaIzAPMFEhMgffkTwR9dXtyXefk4LrOLbl%2FLUllJHfp9DdvpDQV%2F%2FvqTbGTa8PXr9jxl6%2ByKTEt794UNr1KYy7jviVfr0rOhVnThgnyw7rdEsFmZgermYmz5Orma2vrUWKEtVLHJag8efdjMFmRJfH%2BbE%2Bf%2BzaHNCVMViDKFkqlLsGSPdhk0bOawKgFDpIa8qyYmGawaCpJoMQC06CA%2FRcOFvW%2BvY2%2BqYGmt2bbOTQFhqoAVWPY7P%2BTNDGPLj%2F8fBpfIFC1SaBM7SBQRn1akZWljyryyuV7FXn%2Bu5%2FPJ23lad332qIbdDuM80Aw7nWarW7LdZuctzs94fWQ2or99uD7fwAAAP%2F%2FAQAA%2F%2F%2BVfJgkjgQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXib%2F4ffkKoLgYU6iIJPumenMjCssxjUSXLNxdyV4rK6qnilT3dVUdU9PcjG4IHsRBvWgnjrfJBvURXZB9LAI0vGy7CkNIjkYwYMXDx4WPMtMBkYfVL33va8O3%2FfqfbifnREXGT3dfEvvSqXost9w6y9syZjr3NY3btY9t%2BFeqm%2FJeKV9qT6aXmb4suf6DffF%2BhuCbevlpuu5rud69TVpRKhHyzMWMrnb8xo9t9FuNjy%2FjZH5L7aZA0sd8OEZuQjJq6XBw%2FuQrEQc3bsi7Haqk5dejzJFU20w5EfvxNuxzmNEizI0DsL4aP4a2laEfHYBOj6aO4AeHkwdIJAVcX7xEMRHc5kIhofnSgMFESPgTyAflhCqhKQlmL4FyU8IwDg2riGO7mxok9Odc5ZO2YrU%2Fn4MmVek9uvTiKNvVpUc1W9olaVSxxajsIAclZD9Ekl2jHTXgcyPwdIPIDlBHBWQvJi5lrKEDEsoMQa1DrLpkQ6y0EGWOIj4aZ36vdB1O2EQtlrdNmOs1WLM765wn7fa3dBFxqayxkiTMZgag5k9JGYP2%2FKTE%2F%2FiiRtUhDz%2BHSb7EXZQwHIHNq2I8%2FYehrxALghyS5BTglwS5ClBPiwOubJNW9zhymaBN8%2FNeW4VE5329%2BmhTvsiJvvJGXlyNpo%2Fn1nBtjitC7%2FX67bDbqvdaTWZ32mJkPImbwZex6eBT2FlAWkvzFzvyoo89dcAiazIhT%2BOEdBjWHUMJh3QzAPNJ52mCzqYtLsuduMHoVSRsDpWMhYD3jc0lbbBdNQIDLgukKQ1pDvOvjojz85krRxwCPaIzAPMFEhMgffkTwR9dXtyXefk4LrOLbl%2FLUllJHfp9DdvpDQV%2F%2FvqTbGTa8PXr9jxl6%2ByKTEt794UNr1KYy7jviVfr0rOhVnThgnyw7rdEsFmZgermYmz5Orma2vrUWKEtVLHJag8efdjMFmRJfH%2BbE%2Bf%2BzaHNCVMViDKFkqlLsGSPdhk0bOawKgFDpIa8qyYmGawaCpJoMQC06CA%2FRcOFvW%2BvY2%2BqYGmt2bbOTQFhqoAVWPY7P%2BTNDGPLj%2F8fBpfIFC1SaBM7SBQRn1akZWljyryyuV7FXn%2Bu5%2FPJ23lad332qIbdDuM80Aw7nWarW7LdZuctzs94fWQ2or99uD7fwAAAP%2F%2FAQAA%2F%2F%2BVfJgkjgQAAA%3D%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52daec1d45567d9afba86f43fc9526ae
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/26/83/1f/26831faf673a59aad2173b9ebf54296a/1606977809.jpg
45.133.44.9200 OK 40 kB URL HTTP/2 cdn.cloudimagesb.com/cti/26/83/1f/26831faf673a59aad2173b9ebf54296a/1606977809.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 93b5da77111b770708bad916fe407694
f24828d49232c999615ce4d6d82a1ffc30db0e7b
39bcd696e693e86eecf1ab18f41de665180e79fa9eb535a2d4cb0bc4d11db955
GET /cti/26/83/1f/26831faf673a59aad2173b9ebf54296a/1606977809.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/jpeg
content-length: 39806
server: nginx/1.17.6
last-modified: Thu, 03 Dec 2020 06:43:37 GMT
etag: "5fc88919-9b7e"
expires: Tue, 07 Feb 2023 14:22:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/close.png
172.64.166.9200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/close.png
IP 172.64.166.9:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7086557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yk2X0Ih9he6YELSLCxt%2FQIJMjNisnXq4lolg8B%2FiG5zC6ZUCOEwg0MqOvSbHf34rfuqk5selCmvkyycjmxoqb3G1IBziyS5ZvONJZ5BiWUKYCePKhzHTE8ePz9PGBT7gu1v4zf1WG6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdcafb388b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/number.png
172.64.166.9200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/number.png
IP 172.64.166.9:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7086557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBvdlwjfwNdG1maaB%2FgLAWgN5XUN9IndKqhCYqBNUm%2B%2BKLEp1kS%2Bgb6KTN4RATHUBJGWEyohxBoucugEWkbb%2BgcLFqvwV0aMF8wgzODV1ZzCY4skL0zzkvxY236xr9Fq%2BkFz5DYrCBen"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdcafbc88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/bi/c1/34/ef/c134ef7eb4cfdad84dbd5f6e2c5e4dbd/1659457183.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/bi/c1/34/ef/c134ef7eb4cfdad84dbd5f6e2c5e4dbd/1659457183.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash aef93c8d4390cfe7e9aba9ebf165e0cd
bbfc84b58897a6a19a98195f5772cb8e1b0ac7f2
e967872731cc8fe8c7f505ea9c71e38a4a7256c9b0f58e7821765ba77e36cbc4
GET /bi/c1/34/ef/c134ef7eb4cfdad84dbd5f6e2c5e4dbd/1659457183.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/jpeg
content-length: 23174
server: nginx/1.17.6
last-modified: Tue, 02 Aug 2022 16:19:51 GMT
etag: "62e94ea7-5a86"
expires: Tue, 07 Feb 2023 14:22:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/icon.png
172.64.166.9200 OK 56 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/icon.png
IP 172.64.166.9:0
File type PNG image data, 340 x 340, 8-bit colormap, non-interlaced\012- data
Hash 2f9cbc0690886126afa8409cb5514b34
d1494e35ee7d5143e5af13113b45acfa7e10a27e
f4b116eb961e342bbcd5561060263b0c936eb34f09867665dfba7d40efce2aaa
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/png
content-length: 56465
last-modified: Mon, 08 Aug 2022 13:49:47 GMT
etag: "62f1147b-dc91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7086557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw7nLytUbYqKCIfSLbysHl%2BQ7uLYFXcGXJN%2BTcFH9WiXA4CRHz4MlrLfO2hYpRlFbur7iaoSS8rUzsEdBvUlIAdAwhWCZG850tcR5KUaUg%2B2xBTM9RJmiONhxfHiYsoWQk1KB1LfEYKQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdcafbf88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/arrow.png
172.64.166.9200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/arrow.png
IP 172.64.166.9:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/img/arrow.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7086557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HG6D639LP6M7SmzZcHGYgAC5XHoYY1f1N%2BN8djefvnym7OKYJwC0TQ0PY9pBNECh8tp%2FKqjhGlziHuAKkso9VbktJ2aQz14JBgBd%2FKBoILmd9G13fq5ICqClsBqpkgGs6XZFfXUm4hv2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdcafb988b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
45.133.44.9200 OK 108 kB URL HTTP/2 cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108061 bytes)
Hash f25a89906f49b309b04a788657e63775
fafed8a699a3942ca5d277b5f329e1e2377d3747
05d3612dca9ad5a805bd967d52285f06a4e8f028a3e94f4cef6031b985b9796d
GET /si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: image/png
content-length: 108061
server: nginx/1.17.6
last-modified: Fri, 20 Jan 2023 10:18:12 GMT
etag: "63ca6a64-1a61d"
expires: Tue, 07 Feb 2023 14:22:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6803
Expires: Sun, 05 Feb 2023 16:16:10 GMT
Date: Sun, 05 Feb 2023 14:22:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDpPf4efJKILgYU6iIJPumemdGSMEY4wsxs2aRBaP9a9nyq3uaqq6p2f34mJAchEG9aCeer%2FZzaIGSUD0EASZ9RJy2gaRPbiCBy8ePAQ8y8wOjD6oeu97Xx2%2B79X7cDc%2FIT5yerz%2BltlWWtPzYcOvv7ChEmEKV1%2B7WQ%2F8hn%2BhvqGSlfaF%2Bmh22eHLgR82%2FBfrb0i%2Bac43%2FcD3Az%2BoX1FWRmZ0fs5CpXd7QaPnN9rNRhC2MbL%2FxS734KgHMTwh56BEdXbw8D4UnyKJ712WbjMz6Uuvx7mmmbEYioN3ks3EFAniZRlZD1FysHgN4ypCPjsDkxwsHMAM92YOwFRFvF8CsORgIRNsuH%2BqlGnIBEw8gWI4hdRTKDoFN7egxBEBuMDaNSTxnTVjC7p1ytIZW5Ha34%2BhiorUfn0aSfzNJa1G9RtG55kyicMoKqFGU6j%2BFGl%2BiGzbgyoOwbMPoARBEpdQopy7VmoKFU2h5RjUechnR3nIIw956iEWx3Ua9iLf70QsarW6bc55q8V52F0RoWi1u5GPnM9kjZGlY3A9Brc7SO0ONtUnR%2BG5I59VhDz%2BHTb%2FEW5QwgkPLquI9%2FYOhqJEIQkKR1BQgkIRFBlBMSz3hXZNV94R2uUsWOTmIrfKicn6u3TfZH2ZkN30hDw5H82fz6xgUx7XZdjrddtRt9XutJo87LRkREVTNFnQCSkLKZwqodyZuettVZGn%2FhogVRU588chGD2E04fgygPNA9Bi0mn6oINJu%2BtjO3kQKR1LZxKtEjkQfUsz5RrcxA1mIUyJNKsh2%2FJ29Ql5di5rZU9A8kdkEeC2RGpLvKd%2BIujr25PrpiB7103hyP1raaZitU1nv3kjo5n831dvyq3CWLF62Y2%2FfJXPiFl596Z02VWaCJX0Hfn6khJC2ivGckl%2BWHUbkq3nbnApt0meXl1%2F7cpqnFrpnDLJFFQdvfsxuKrIWfn%2BfE%2Bf%2B7aAslPYvEScL5UqMwVPd%2BDSZc8ZAquXmKU1FHk5sU22bGpFoOUSU1bC%2FQuzZb3rbqNva6DZrfl2Dm2JoS5B9Rgu%2F%2F8kS%2B2jiw8%2Fn8UXYLo2YdrW9pi2%2BtOKrJz9qCKvXLxXkee%2F%2B%2Fl00k7NFiDyI%2Bk3JYt6LOpQX%2FSido%2FRXiA7LKQBMlfx3x58%2Fw8AAAD%2F%2FwEAAP%2F%2FgXQWwo4EAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDpPf4efJKILgYU6iIJPumemdGSMEY4wsxs2aRBaP9a9nyq3uaqq6p2f34mJAchEG9aCeer%2FZzaIGSUD0EASZ9RJy2gaRPbiCBy8ePAQ8y8wOjD6oeu97Xx2%2B79X7cDc%2FIT5yerz%2BltlWWtPzYcOvv7ChEmEKV1%2B7WQ%2F8hn%2BhvqGSlfaF%2Bmh22eHLgR82%2FBfrb0i%2Bac43%2FcD3Az%2BoX1FWRmZ0fs5CpXd7QaPnN9rNRhC2MbL%2FxS734KgHMTwh56BEdXbw8D4UnyKJ712WbjMz6Uuvx7mmmbEYioN3ks3EFAniZRlZD1FysHgN4ypCPjsDkxwsHMAM92YOwFRFvF8CsORgIRNsuH%2BqlGnIBEw8gWI4hdRTKDoFN7egxBEBuMDaNSTxnTVjC7p1ytIZW5Ha34%2BhiorUfn0aSfzNJa1G9RtG55kyicMoKqFGU6j%2BFGl%2BiGzbgyoOwbMPoARBEpdQopy7VmoKFU2h5RjUechnR3nIIw956iEWx3Ua9iLf70QsarW6bc55q8V52F0RoWi1u5GPnM9kjZGlY3A9Brc7SO0ONtUnR%2BG5I59VhDz%2BHTb%2FEW5QwgkPLquI9%2FYOhqJEIQkKR1BQgkIRFBlBMSz3hXZNV94R2uUsWOTmIrfKicn6u3TfZH2ZkN30hDw5H82fz6xgUx7XZdjrddtRt9XutJo87LRkREVTNFnQCSkLKZwqodyZuettVZGn%2FhogVRU588chGD2E04fgygPNA9Bi0mn6oINJu%2BtjO3kQKR1LZxKtEjkQfUsz5RrcxA1mIUyJNKsh2%2FJ29Ql5di5rZU9A8kdkEeC2RGpLvKd%2BIujr25PrpiB7103hyP1raaZitU1nv3kjo5n831dvyq3CWLF62Y2%2FfJXPiFl596Z02VWaCJX0Hfn6khJC2ivGckl%2BWHUbkq3nbnApt0meXl1%2F7cpqnFrpnDLJFFQdvfsxuKrIWfn%2BfE%2Bf%2B7aAslPYvEScL5UqMwVPd%2BDSZc8ZAquXmKU1FHk5sU22bGpFoOUSU1bC%2FQuzZb3rbqNva6DZrfl2Dm2JoS5B9Rgu%2F%2F8kS%2B2jiw8%2Fn8UXYLo2YdrW9pi2%2BtOKrJz9qCKvXLxXkee%2F%2B%2Fl00k7NFiDyI%2Bk3JYt6LOpQX%2FSido%2FRXiA7LKQBMlfx3x58%2Fw8AAAD%2F%2FwEAAP%2F%2FgXQWwo4EAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDpPf4efJKILgYU6iIJPumemdGSMEY4wsxs2aRBaP9a9nyq3uaqq6p2f34mJAchEG9aCeer%2FZzaIGSUD0EASZ9RJy2gaRPbiCBy8ePAQ8y8wOjD6oeu97Xx2%2B79X7cDc%2FIT5yerz%2BltlWWtPzYcOvv7ChEmEKV1%2B7WQ%2F8hn%2BhvqGSlfaF%2Bmh22eHLgR82%2FBfrb0i%2Bac43%2FcD3Az%2BoX1FWRmZ0fs5CpXd7QaPnN9rNRhC2MbL%2FxS734KgHMTwh56BEdXbw8D4UnyKJ712WbjMz6Uuvx7mmmbEYioN3ks3EFAniZRlZD1FysHgN4ypCPjsDkxwsHMAM92YOwFRFvF8CsORgIRNsuH%2BqlGnIBEw8gWI4hdRTKDoFN7egxBEBuMDaNSTxnTVjC7p1ytIZW5Ha34%2BhiorUfn0aSfzNJa1G9RtG55kyicMoKqFGU6j%2BFGl%2BiGzbgyoOwbMPoARBEpdQopy7VmoKFU2h5RjUechnR3nIIw956iEWx3Ua9iLf70QsarW6bc55q8V52F0RoWi1u5GPnM9kjZGlY3A9Brc7SO0ONtUnR%2BG5I59VhDz%2BHTb%2FEW5QwgkPLquI9%2FYOhqJEIQkKR1BQgkIRFBlBMSz3hXZNV94R2uUsWOTmIrfKicn6u3TfZH2ZkN30hDw5H82fz6xgUx7XZdjrddtRt9XutJo87LRkREVTNFnQCSkLKZwqodyZuettVZGn%2FhogVRU588chGD2E04fgygPNA9Bi0mn6oINJu%2BtjO3kQKR1LZxKtEjkQfUsz5RrcxA1mIUyJNKsh2%2FJ29Ql5di5rZU9A8kdkEeC2RGpLvKd%2BIujr25PrpiB7103hyP1raaZitU1nv3kjo5n831dvyq3CWLF62Y2%2FfJXPiFl596Z02VWaCJX0Hfn6khJC2ivGckl%2BWHUbkq3nbnApt0meXl1%2F7cpqnFrpnDLJFFQdvfsxuKrIWfn%2BfE%2Bf%2B7aAslPYvEScL5UqMwVPd%2BDSZc8ZAquXmKU1FHk5sU22bGpFoOUSU1bC%2FQuzZb3rbqNva6DZrfl2Dm2JoS5B9Rgu%2F%2F8kS%2B2jiw8%2Fn8UXYLo2YdrW9pi2%2BtOKrJz9qCKvXLxXkee%2F%2B%2Fl00k7NFiDyI%2Bk3JYt6LOpQX%2FSido%2FRXiA7LKQBMlfx3x58%2Fw8AAAD%2F%2FwEAAP%2F%2FgXQWwo4EAAA%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bca59d5838663a2c49e8f1e42abb0815
Strict-Transport-Security: max-age=0; includeSubdomains
disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwJjGJ5FzVVT1TbnVXU9U9PdnTYkByEQb04J9L75v9gxpkc9FDEGU2l7AgbIPIHlzBgxcPBgIeRXp2YPCD7u%2FPq8N73%2Fc%2B3MyPiYecHl1%2FR69LpejZoOm5L92WCdeFda%2Fecn2v6Z1zb8tktXPOHdc%2FM3rV94Km97L7lgjX9NmW53ue7%2FnuJWlEpMdn5yhker%2FvN%2Ftes9Nq%2BkEHY%2FPf3uYOLHXAR8fkDCSvTg0fP4AMZ0jivYvCrmU6feXNOFc00wYjvvtespboIkG8LCPjIEp2F6%2BhbUXIpyvQye5CAfRoq1YAJivi%2FOKDJbsLmmCj7ROmTEEkYPx%2FKEYzCDWDpDOE%2Bi4kPyRAyHH1GpJ456o2Bb1zgtIarUjj76eQRUUavz6LJP7mgpJj96ZWeSZ1YjGOSsjxDHIwQ5rvI1t3IIt9hNkHkJwgiUtIXs5VSzmDjGZQYgJqHeT1Jx3kkYM8dRDzI5cG%2FcjzuhGL2u1eJwzDdjsMg94qD3i704s85GFNa4IsnSBUE4RmA6nZwJr8%2BDA4c%2BixipCnv8PkP8IOS1juwGYVcd7dwIiXKARBYQkKSlBIgiIjKEblNle2ZcsdrmzO%2FEVuLXK7nOpssEm3dTYQCdlMj8n%2F56v587lVrIkjVwT9fq8T9dqdbrsVBt22iChv8RbzuwFlAYWVJaRdmatelxV55q8hUlmRlT%2F2weg%2BrNpHKB3Q3Actpt2WBzqcdnoe1pOHkVSxsDpRMhFDPjA0k7YZ6rjJDLgukWYNZHecTXVMnp%2FTeu38HkR4cP6J2XMffbGD0JRITYn35SOCgbo3vaELsnVDF5Y8uJZmMpbrtL7mzYxmovHV2%2BJOoQ2%2FfNFOvnw9rIG6vH9L2OwKTbhMBpZ8fUFyLswlbUJBvr9sbwt2PbfDC7lJ8vTK9TcuXY5TI6yVOpmB1s6sTyUrcvqfF%2BZOdeOfIM0MJi8R5wdkEZB6hjDdgE2XM6sJjFr2LF1BkZdT02LLoZIESix7ykpYsVwCEwc%2FPDnBNu09DEwDNLs79%2BfIlBipElRNYPPT0yw1B%2Bcff1bH52CqMWXKNLaYMuqTiqye%2Bmi%2B4Yq8%2BO3PFVnd4rCytkDkRcJrCRb1WdSlHu9HnT6jfV90WUB9ZLYKf3v43b8AAAD%2F%2FwEAAP%2F%2F1%2BMwQ5AEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwJjGJ5FzVVT1TbnVXU9U9PdnTYkByEQb04J9L75v9gxpkc9FDEGU2l7AgbIPIHlzBgxcPBgIeRXp2YPCD7u%2FPq8N73%2Fc%2B3MyPiYecHl1%2FR69LpejZoOm5L92WCdeFda%2Fecn2v6Z1zb8tktXPOHdc%2FM3rV94Km97L7lgjX9NmW53ue7%2FnuJWlEpMdn5yhker%2FvN%2Ftes9Nq%2BkEHY%2FPf3uYOLHXAR8fkDCSvTg0fP4AMZ0jivYvCrmU6feXNOFc00wYjvvtespboIkG8LCPjIEp2F6%2BhbUXIpyvQye5CAfRoq1YAJivi%2FOKDJbsLmmCj7ROmTEEkYPx%2FKEYzCDWDpDOE%2Bi4kPyRAyHH1GpJ456o2Bb1zgtIarUjj76eQRUUavz6LJP7mgpJj96ZWeSZ1YjGOSsjxDHIwQ5rvI1t3IIt9hNkHkJwgiUtIXs5VSzmDjGZQYgJqHeT1Jx3kkYM8dRDzI5cG%2FcjzuhGL2u1eJwzDdjsMg94qD3i704s85GFNa4IsnSBUE4RmA6nZwJr8%2BDA4c%2BixipCnv8PkP8IOS1juwGYVcd7dwIiXKARBYQkKSlBIgiIjKEblNle2ZcsdrmzO%2FEVuLXK7nOpssEm3dTYQCdlMj8n%2F56v587lVrIkjVwT9fq8T9dqdbrsVBt22iChv8RbzuwFlAYWVJaRdmatelxV55q8hUlmRlT%2F2weg%2BrNpHKB3Q3Actpt2WBzqcdnoe1pOHkVSxsDpRMhFDPjA0k7YZ6rjJDLgukWYNZHecTXVMnp%2FTeu38HkR4cP6J2XMffbGD0JRITYn35SOCgbo3vaELsnVDF5Y8uJZmMpbrtL7mzYxmovHV2%2BJOoQ2%2FfNFOvnw9rIG6vH9L2OwKTbhMBpZ8fUFyLswlbUJBvr9sbwt2PbfDC7lJ8vTK9TcuXY5TI6yVOpmB1s6sTyUrcvqfF%2BZOdeOfIM0MJi8R5wdkEZB6hjDdgE2XM6sJjFr2LF1BkZdT02LLoZIESix7ykpYsVwCEwc%2FPDnBNu09DEwDNLs79%2BfIlBipElRNYPPT0yw1B%2Bcff1bH52CqMWXKNLaYMuqTiqye%2Bmi%2B4Yq8%2BO3PFVnd4rCytkDkRcJrCRb1WdSlHu9HnT6jfV90WUB9ZLYKf3v43b8AAAD%2F%2FwEAAP%2F%2F1%2BMwQ5AEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwJjGJ5FzVVT1TbnVXU9U9PdnTYkByEQb04J9L75v9gxpkc9FDEGU2l7AgbIPIHlzBgxcPBgIeRXp2YPCD7u%2FPq8N73%2Fc%2B3MyPiYecHl1%2FR69LpejZoOm5L92WCdeFda%2Fecn2v6Z1zb8tktXPOHdc%2FM3rV94Km97L7lgjX9NmW53ue7%2FnuJWlEpMdn5yhker%2FvN%2Ftes9Nq%2BkEHY%2FPf3uYOLHXAR8fkDCSvTg0fP4AMZ0jivYvCrmU6feXNOFc00wYjvvtespboIkG8LCPjIEp2F6%2BhbUXIpyvQye5CAfRoq1YAJivi%2FOKDJbsLmmCj7ROmTEEkYPx%2FKEYzCDWDpDOE%2Bi4kPyRAyHH1GpJ456o2Bb1zgtIarUjj76eQRUUavz6LJP7mgpJj96ZWeSZ1YjGOSsjxDHIwQ5rvI1t3IIt9hNkHkJwgiUtIXs5VSzmDjGZQYgJqHeT1Jx3kkYM8dRDzI5cG%2FcjzuhGL2u1eJwzDdjsMg94qD3i704s85GFNa4IsnSBUE4RmA6nZwJr8%2BDA4c%2BixipCnv8PkP8IOS1juwGYVcd7dwIiXKARBYQkKSlBIgiIjKEblNle2ZcsdrmzO%2FEVuLXK7nOpssEm3dTYQCdlMj8n%2F56v587lVrIkjVwT9fq8T9dqdbrsVBt22iChv8RbzuwFlAYWVJaRdmatelxV55q8hUlmRlT%2F2weg%2BrNpHKB3Q3Actpt2WBzqcdnoe1pOHkVSxsDpRMhFDPjA0k7YZ6rjJDLgukWYNZHecTXVMnp%2FTeu38HkR4cP6J2XMffbGD0JRITYn35SOCgbo3vaELsnVDF5Y8uJZmMpbrtL7mzYxmovHV2%2BJOoQ2%2FfNFOvnw9rIG6vH9L2OwKTbhMBpZ8fUFyLswlbUJBvr9sbwt2PbfDC7lJ8vTK9TcuXY5TI6yVOpmB1s6sTyUrcvqfF%2BZOdeOfIM0MJi8R5wdkEZB6hjDdgE2XM6sJjFr2LF1BkZdT02LLoZIESix7ykpYsVwCEwc%2FPDnBNu09DEwDNLs79%2BfIlBipElRNYPPT0yw1B%2Bcff1bH52CqMWXKNLaYMuqTiqye%2Bmi%2B4Yq8%2BO3PFVnd4rCytkDkRcJrCRb1WdSlHu9HnT6jfV90WUB9ZLYKf3v43b8AAAD%2F%2FwEAAP%2F%2F1%2BMwQ5AEAAA%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a23685cabb3963d914bbbee8438c598b
Strict-Transport-Security: max-age=0; includeSubdomains
disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjhMPejIRwdscRBRktntmemfGCME1rizG3TWJ7Lm6qnqm3Oqupqp7enZPiwHJRRjUg3rqfbObRQ2SXPQQBOn1EnLaBpE9uIIHLx48BMSDB5nJwOiHqv%2Fff3V479f%2FcD87Iy4yerr5jt6VStElv%2BHWX9qSMde5ra%2FfqHtuw71U35LxcvtSfTS9zPBVz%2FUb7sv1twTb1ktN13Ndz%2FXqq9KIUI%2BWZixkcqfnNXpuo91seH4bI%2FN%2FbDMHljrgwzNyAZJX5wcP7kGyEnF094qw26lOXnkzyhRNtcGQH70Xb8c6jxEtytA4COOj%2BWtoWxHy2Tno%2BGjuAHp4MHWAQFbE%2BdlDEB%2FNZSIYHj5WGiiIGAF%2FGvmwhFAlJC3B9E1IfkIAxrG%2BgTi6va5NTnces3TKVqT21yPIvCK1X55FHH2zouSofl2rLJU6thiFBeSohOyXSLJjpLsOZH4Mln4AyQniqIDkxcy1lCVkWEKJMah1kE2PdJCFDrLEQcRP69Tvha7bCYOw1eq2GWOtFmN%2Bd5n7vNXuhi4yNpU1RpqMwdQYzOwhMXvYlp%2Bc%2BBdO3KAi5NFvMNkPsIMCljuwaUWcd%2Fcw5AVyQZBbgpwS5JIgTwnyYXHIlW3a4jZXNgu8eW7Oc6uY6LS%2FTw912hcx2U%2FOyDOz0fzx3DK2xWld%2BL1etx12W%2B1Oq8n8TkuElDd5M%2FA6Pg18CisLSHtu5npXVuTinwMksiLnfj9GQI9h1TGYdEAzDzSfdJou6GDS7rrYje%2BHUkXC6ljJWAx439BU2gbTUSMw4LpAktaQ7jj76ow8P5P14rc%2FQbCHZB5gpkBiCrwvfyToq1uTazonB9d0bsm9jSSVkdyl09%2B8ntJUPPnV22In14avXbHjL19nU2Ja3rkhbHqVxlzGfUu%2BXpGcC7OqDRPk%2BzW7JYLNzA5WMhNnydXNN1bXosQIa6WOS1B5svE3mKzI%2BX8%2Bnu3pxY0XIE0JkxWIsoVSqUuwZA82WfSsJjBqgYPkCeRZMTHNYNFUkkCJBaZBAfsfHCzqfXsLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0gUEZ9WpHl8x9V5LXLd2dDrsjyAYeVp3Xfa4tu0O0wzgPBuNdptrot121y3u70hNdDaiv26%2F3v%2FgUAAP%2F%2FAQAA%2F%2F9rwLvDjgQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjhMPejIRwdscRBRktntmemfGCME1rizG3TWJ7Lm6qnqm3Oqupqp7enZPiwHJRRjUg3rqfbObRQ2SXPQQBOn1EnLaBpE9uIIHLx48BMSDB5nJwOiHqv%2Fff3V479f%2FcD87Iy4yerr5jt6VStElv%2BHWX9qSMde5ra%2FfqHtuw71U35LxcvtSfTS9zPBVz%2FUb7sv1twTb1ktN13Ndz%2FXqq9KIUI%2BWZixkcqfnNXpuo91seH4bI%2FN%2FbDMHljrgwzNyAZJX5wcP7kGyEnF094qw26lOXnkzyhRNtcGQH70Xb8c6jxEtytA4COOj%2BWtoWxHy2Tno%2BGjuAHp4MHWAQFbE%2BdlDEB%2FNZSIYHj5WGiiIGAF%2FGvmwhFAlJC3B9E1IfkIAxrG%2BgTi6va5NTnces3TKVqT21yPIvCK1X55FHH2zouSofl2rLJU6thiFBeSohOyXSLJjpLsOZH4Mln4AyQniqIDkxcy1lCVkWEKJMah1kE2PdJCFDrLEQcRP69Tvha7bCYOw1eq2GWOtFmN%2Bd5n7vNXuhi4yNpU1RpqMwdQYzOwhMXvYlp%2Bc%2BBdO3KAi5NFvMNkPsIMCljuwaUWcd%2Fcw5AVyQZBbgpwS5JIgTwnyYXHIlW3a4jZXNgu8eW7Oc6uY6LS%2FTw912hcx2U%2FOyDOz0fzx3DK2xWld%2BL1etx12W%2B1Oq8n8TkuElDd5M%2FA6Pg18CisLSHtu5npXVuTinwMksiLnfj9GQI9h1TGYdEAzDzSfdJou6GDS7rrYje%2BHUkXC6ljJWAx439BU2gbTUSMw4LpAktaQ7jj76ow8P5P14rc%2FQbCHZB5gpkBiCrwvfyToq1uTazonB9d0bsm9jSSVkdyl09%2B8ntJUPPnV22In14avXbHjL19nU2Ja3rkhbHqVxlzGfUu%2BXpGcC7OqDRPk%2BzW7JYLNzA5WMhNnydXNN1bXosQIa6WOS1B5svE3mKzI%2BX8%2Bnu3pxY0XIE0JkxWIsoVSqUuwZA82WfSsJjBqgYPkCeRZMTHNYNFUkkCJBaZBAfsfHCzqfXsLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0gUEZ9WpHl8x9V5LXLd2dDrsjyAYeVp3Xfa4tu0O0wzgPBuNdptrot121y3u70hNdDaiv26%2F3v%2FgUAAP%2F%2FAQAA%2F%2F9rwLvDjgQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjhMPejIRwdscRBRktntmemfGCME1rizG3TWJ7Lm6qnqm3Oqupqp7enZPiwHJRRjUg3rqfbObRQ2SXPQQBOn1EnLaBpE9uIIHLx48BMSDB5nJwOiHqv%2Fff3V479f%2FcD87Iy4yerr5jt6VStElv%2BHWX9qSMde5ra%2FfqHtuw71U35LxcvtSfTS9zPBVz%2FUb7sv1twTb1ktN13Ndz%2FXqq9KIUI%2BWZixkcqfnNXpuo91seH4bI%2FN%2FbDMHljrgwzNyAZJX5wcP7kGyEnF094qw26lOXnkzyhRNtcGQH70Xb8c6jxEtytA4COOj%2BWtoWxHy2Tno%2BGjuAHp4MHWAQFbE%2BdlDEB%2FNZSIYHj5WGiiIGAF%2FGvmwhFAlJC3B9E1IfkIAxrG%2BgTi6va5NTnces3TKVqT21yPIvCK1X55FHH2zouSofl2rLJU6thiFBeSohOyXSLJjpLsOZH4Mln4AyQniqIDkxcy1lCVkWEKJMah1kE2PdJCFDrLEQcRP69Tvha7bCYOw1eq2GWOtFmN%2Bd5n7vNXuhi4yNpU1RpqMwdQYzOwhMXvYlp%2Bc%2BBdO3KAi5NFvMNkPsIMCljuwaUWcd%2Fcw5AVyQZBbgpwS5JIgTwnyYXHIlW3a4jZXNgu8eW7Oc6uY6LS%2FTw912hcx2U%2FOyDOz0fzx3DK2xWld%2BL1etx12W%2B1Oq8n8TkuElDd5M%2FA6Pg18CisLSHtu5npXVuTinwMksiLnfj9GQI9h1TGYdEAzDzSfdJou6GDS7rrYje%2BHUkXC6ljJWAx439BU2gbTUSMw4LpAktaQ7jj76ow8P5P14rc%2FQbCHZB5gpkBiCrwvfyToq1uTazonB9d0bsm9jSSVkdyl09%2B8ntJUPPnV22In14avXbHjL19nU2Ja3rkhbHqVxlzGfUu%2BXpGcC7OqDRPk%2BzW7JYLNzA5WMhNnydXNN1bXosQIa6WOS1B5svE3mKzI%2BX8%2Bnu3pxY0XIE0JkxWIsoVSqUuwZA82WfSsJjBqgYPkCeRZMTHNYNFUkkCJBaZBAfsfHCzqfXsLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0gUEZ9WpHl8x9V5LXLd2dDrsjyAYeVp3Xfa4tu0O0wzgPBuNdptrot121y3u70hNdDaiv26%2F3v%2FgUAAP%2F%2FAQAA%2F%2F9rwLvDjgQAAA%3D%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 24275b32a45f085ae5bca9ec5678c50c
Strict-Transport-Security: max-age=0; includeSubdomains
disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhMPejIRwdscRBRk0j0zvTNjhGCMkWDcXZPInuuvZ8qt7mqquqdn97QYkFyEQT2op95vdrOoQZKLHoIgs15CTtsgsgdX8ODFg4eAePAgMxkYfVD13ve%2BOnzfq%2Ffhbn5CfOT0eP0ds620pufChl9%2FaUMlwhSuvnqjHvgN%2F3x9QyUr7fP10eyyw1cDP2z4L9ffknzTnGv6ge8HflC%2FrKyMzOjcnIVK7%2FSCRs9vtJuNIGxjZP%2BPXe7BUQ9ieELOQInq9ODBPSg%2BRRLfvSTdZmbSV96Mc00zYzEUB%2B8lm4kpEsTLMrIeouRg8RrGVYR8dgomOVg4gBnuzRyAqYp4PwdgycFCJthw%2F7FSpiETMPE0iuEUUk%2Bh6BTc3IQSRwTgAqtrSOLbq8YWdOsxS2dsRWp%2FPYIqKlL75Vkk8TcXtRrVrxudZ8okDqOohBpNofpTpPkhsm0PqjgEzz6AEgRJXEKJcu5aqSlUNIWWY1DnIZ8d5SGPPOSph1gc12nYi3y%2FE7Go1eq2OeetFudhd0WEotXuRj5yPpM1RpaOwfUY3O4gtTvYVJ8chWeOfFYR8ug32PwHuEEJJzy4rCLeuzsYihKFJCgcQUEJCkVQZATFsNwX2jVdeVtol7NgkZuL3ConJuvv0n2T9WVCdtMT8sx8NH88t4JNeVyXYa%2FXbUfdVrvTavKw05IRFU3RZEEnpCykcKqEcqfmrrdVRc7%2BOUCqKnLq90MweginD8GVB5oHoMWk0%2FRBB5N218d2cj9SOpbOJFolciD6lmbKNbiJG8xCmBJpVkO25e3qE%2FL8XNaL3%2F4EyR%2BSRYDbEqkt8b76kaCvb02umYLsXTOFI%2FfW0kzFapvOfvN6RjP55Fdvy63CWHHlkht%2F%2BTqfEbPyzg3psqs0ESrpO%2FL1RSWEtJeN5ZJ8f8VtSLaeu8HF3CZ5enX9jctX4tRK55RJpqDqaO1vcFWR0%2F98PN%2FTs2svQNkpbF4izpdKlZmCpztw6bLnDIHVS8zSJ1Dk5cQ22bKpFYGWS0xZCfcfzJb1rruFvq2BZjfn2zm0JYa6BNVjuPypSZbahxcefD6LL8B0bcK0re0xbfWnFVk5%2FVFFXrtwdz7kiqzsCTg1W4DIj6TflCzqsahDfdGL2j1Ge4HssJAGyFzFf73%2F3b8AAAD%2F%2FwEAAP%2F%2Ff8g1JY4EAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhMPejIRwdscRBRk0j0zvTNjhGCMkWDcXZPInuuvZ8qt7mqquqdn97QYkFyEQT2op95vdrOoQZKLHoIgs15CTtsgsgdX8ODFg4eAePAgMxkYfVD13ve%2BOnzfq%2Ffhbn5CfOT0eP0ds620pufChl9%2FaUMlwhSuvnqjHvgN%2F3x9QyUr7fP10eyyw1cDP2z4L9ffknzTnGv6ge8HflC%2FrKyMzOjcnIVK7%2FSCRs9vtJuNIGxjZP%2BPXe7BUQ9ieELOQInq9ODBPSg%2BRRLfvSTdZmbSV96Mc00zYzEUB%2B8lm4kpEsTLMrIeouRg8RrGVYR8dgomOVg4gBnuzRyAqYp4PwdgycFCJthw%2F7FSpiETMPE0iuEUUk%2Bh6BTc3IQSRwTgAqtrSOLbq8YWdOsxS2dsRWp%2FPYIqKlL75Vkk8TcXtRrVrxudZ8okDqOohBpNofpTpPkhsm0PqjgEzz6AEgRJXEKJcu5aqSlUNIWWY1DnIZ8d5SGPPOSph1gc12nYi3y%2FE7Go1eq2OeetFudhd0WEotXuRj5yPpM1RpaOwfUY3O4gtTvYVJ8chWeOfFYR8ug32PwHuEEJJzy4rCLeuzsYihKFJCgcQUEJCkVQZATFsNwX2jVdeVtol7NgkZuL3ConJuvv0n2T9WVCdtMT8sx8NH88t4JNeVyXYa%2FXbUfdVrvTavKw05IRFU3RZEEnpCykcKqEcqfmrrdVRc7%2BOUCqKnLq90MweginD8GVB5oHoMWk0%2FRBB5N218d2cj9SOpbOJFolciD6lmbKNbiJG8xCmBJpVkO25e3qE%2FL8XNaL3%2F4EyR%2BSRYDbEqkt8b76kaCvb02umYLsXTOFI%2FfW0kzFapvOfvN6RjP55Fdvy63CWHHlkht%2F%2BTqfEbPyzg3psqs0ESrpO%2FL1RSWEtJeN5ZJ8f8VtSLaeu8HF3CZ5enX9jctX4tRK55RJpqDqaO1vcFWR0%2F98PN%2FTs2svQNkpbF4izpdKlZmCpztw6bLnDIHVS8zSJ1Dk5cQ22bKpFYGWS0xZCfcfzJb1rruFvq2BZjfn2zm0JYa6BNVjuPypSZbahxcefD6LL8B0bcK0re0xbfWnFVk5%2FVFFXrtwdz7kiqzsCTg1W4DIj6TflCzqsahDfdGL2j1Ge4HssJAGyFzFf73%2F3b8AAAD%2F%2FwEAAP%2F%2Ff8g1JY4EAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhMPejIRwdscRBRk0j0zvTNjhGCMkWDcXZPInuuvZ8qt7mqquqdn97QYkFyEQT2op95vdrOoQZKLHoIgs15CTtsgsgdX8ODFg4eAePAgMxkYfVD13ve%2BOnzfq%2Ffhbn5CfOT0eP0ds620pufChl9%2FaUMlwhSuvnqjHvgN%2F3x9QyUr7fP10eyyw1cDP2z4L9ffknzTnGv6ge8HflC%2FrKyMzOjcnIVK7%2FSCRs9vtJuNIGxjZP%2BPXe7BUQ9ieELOQInq9ODBPSg%2BRRLfvSTdZmbSV96Mc00zYzEUB%2B8lm4kpEsTLMrIeouRg8RrGVYR8dgomOVg4gBnuzRyAqYp4PwdgycFCJthw%2F7FSpiETMPE0iuEUUk%2Bh6BTc3IQSRwTgAqtrSOLbq8YWdOsxS2dsRWp%2FPYIqKlL75Vkk8TcXtRrVrxudZ8okDqOohBpNofpTpPkhsm0PqjgEzz6AEgRJXEKJcu5aqSlUNIWWY1DnIZ8d5SGPPOSph1gc12nYi3y%2FE7Go1eq2OeetFudhd0WEotXuRj5yPpM1RpaOwfUY3O4gtTvYVJ8chWeOfFYR8ug32PwHuEEJJzy4rCLeuzsYihKFJCgcQUEJCkVQZATFsNwX2jVdeVtol7NgkZuL3ConJuvv0n2T9WVCdtMT8sx8NH88t4JNeVyXYa%2FXbUfdVrvTavKw05IRFU3RZEEnpCykcKqEcqfmrrdVRc7%2BOUCqKnLq90MweginD8GVB5oHoMWk0%2FRBB5N218d2cj9SOpbOJFolciD6lmbKNbiJG8xCmBJpVkO25e3qE%2FL8XNaL3%2F4EyR%2BSRYDbEqkt8b76kaCvb02umYLsXTOFI%2FfW0kzFapvOfvN6RjP55Fdvy63CWHHlkht%2F%2BTqfEbPyzg3psqs0ESrpO%2FL1RSWEtJeN5ZJ8f8VtSLaeu8HF3CZ5enX9jctX4tRK55RJpqDqaO1vcFWR0%2F98PN%2FTs2svQNkpbF4izpdKlZmCpztw6bLnDIHVS8zSJ1Dk5cQ22bKpFYGWS0xZCfcfzJb1rruFvq2BZjfn2zm0JYa6BNVjuPypSZbahxcefD6LL8B0bcK0re0xbfWnFVk5%2FVFFXrtwdz7kiqzsCTg1W4DIj6TflCzqsahDfdGL2j1Ge4HssJAGyFzFf73%2F3b8AAAD%2F%2FwEAAP%2F%2Ff8g1JY4EAAA%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25168033a43dc549b8beebb7c71f0b57
Strict-Transport-Security: max-age=0; includeSubdomains
outdilateinterrupt.com/pixel/purst?dl=0&th=0&sc=0&rs=1862&rd=1862&fd=713&bv=22.10.v.10&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 outdilateinterrupt.com/pixel/purst?dl=0&th=0&sc=0&rs=1862&rd=1862&fd=713&bv=22.10.v.10&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1862&rd=1862&fd=713&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=37674186
190.115.19.71200 OK 2 B URL HTTP/2 hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=37674186
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=37674186 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug; dom3ic8zudi28v8lr6fgphwffqoz0j6c=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1; sb_main_ab0be2a44b7ecf91bdbd5cd360d84937=1; sb_count_ab0be2a44b7ecf91bdbd5cd360d84937=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=subscribestormyapprobation.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStDrOCenIVQfAwJ1GQSffMdGbGFRbjGgmuSdxdybm6qnqmTHVXU9U9PckpuCB7EQb0oJ46b5IN6iK7Fz0sgnS8LHtKg0gORvAgggcPC%2BJRZnZg9EPV%2F%2B%2B%2FOrz36390kJ0TFxk923pX70ml6LLfcOsvb8uY69zWN27UPbfhXqpvy3ilfak%2Bml5m%2BJrn%2Bg33lfrbgu3o5abrua7nevU1aUSoR8szFjK50%2FMaPbfRbjY8v42R%2BT%2B2mQNLHfDhObkIyasLgwf3IFmJOLp7RdidVCevvhVliqbaYMiP3493Yp3HiBZlaByE8fH8NbStCPlsCTo%2BnjuAHh5OHSCQFXF%2B9hDEx3OZCIZHj5UGCiJGwJ9GPiwhVAlJSzB9E5KfEoBxbGwijm5vaJPT3ccsnbIVqf39CDKvSO2X5xBH36wqOapf1ypLpY4tRmEBOSoh%2ByWS7ATpngOZn4ClH0JygjgqIHkxcy1lCRmWUGIMah1k0yMdZKGDLHEQ8bM69Xuh63bCIGy1um3GWKvFmN9d4T5vtbuhi4xNZY2RJmMwNQYz%2B0jMPnbkJ6f%2BxVM3qAh59BtM9gPsoIDlDmxaEee9fQx5gVwQ5JYgpwS5JMhTgnxYHHFlm7a4zZXNAm%2Bem%2FPcKiY67R%2FQI532RUwOknPyzGw0fz6%2Fgh1xVhd%2Br9dth91Wu9NqMr%2FTEiHlTd4MvI5PA5%2FCygLSLs1c78mKPPvXAImsyNLvJwjoCaw6AZMOaOaB5pNO0wUdTNpdF3vx%2FVCqSFgdKxmLAe8bmkrbYDpqBAZcF0jSGtJd50CdkxdmslYufAzBHpJ5gJkCiSnwgfyRoK9uTa7pnBxe07kl9zaTVEZyj05%2F83pKU%2FHEV%2B%2BI3Vwbvn7Fjr98g02JaXnnhrDpVRpzGfct%2BXpVci7MmjZMkO%2FX7bYItjI7WM1MnCVXt95cW48SI6yVOi5B5enmP2CyIk8mf8z29MVND9KUMFmBKFsolboES%2FZhk0XPagKjFjhIHORZMTHNYNFUkkCJBaZBAfsfHCzqA3sLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0wUEZ9OhttRV6%2FfLciL337U0VWDjmsPKv7Xlt0g26HcR4Ixr1Os9VtuW6T83anJ7weUluxX%2B9%2F9y8AAAD%2F%2FwEAAP%2F%2FCbl5J44EAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStDrOCenIVQfAwJ1GQSffMdGbGFRbjGgmuSdxdybm6qnqmTHVXU9U9PckpuCB7EQb0oJ46b5IN6iK7Fz0sgnS8LHtKg0gORvAgggcPC%2BJRZnZg9EPV%2F%2B%2B%2FOrz36390kJ0TFxk923pX70ml6LLfcOsvb8uY69zWN27UPbfhXqpvy3ilfak%2Bml5m%2BJrn%2Bg33lfrbgu3o5abrua7nevU1aUSoR8szFjK50%2FMaPbfRbjY8v42R%2BT%2B2mQNLHfDhObkIyasLgwf3IFmJOLp7RdidVCevvhVliqbaYMiP3493Yp3HiBZlaByE8fH8NbStCPlsCTo%2BnjuAHh5OHSCQFXF%2B9hDEx3OZCIZHj5UGCiJGwJ9GPiwhVAlJSzB9E5KfEoBxbGwijm5vaJPT3ccsnbIVqf39CDKvSO2X5xBH36wqOapf1ypLpY4tRmEBOSoh%2ByWS7ATpngOZn4ClH0JygjgqIHkxcy1lCRmWUGIMah1k0yMdZKGDLHEQ8bM69Xuh63bCIGy1um3GWKvFmN9d4T5vtbuhi4xNZY2RJmMwNQYz%2B0jMPnbkJ6f%2BxVM3qAh59BtM9gPsoIDlDmxaEee9fQx5gVwQ5JYgpwS5JMhTgnxYHHFlm7a4zZXNAm%2Bem%2FPcKiY67R%2FQI532RUwOknPyzGw0fz6%2Fgh1xVhd%2Br9dth91Wu9NqMr%2FTEiHlTd4MvI5PA5%2FCygLSLs1c78mKPPvXAImsyNLvJwjoCaw6AZMOaOaB5pNO0wUdTNpdF3vx%2FVCqSFgdKxmLAe8bmkrbYDpqBAZcF0jSGtJd50CdkxdmslYufAzBHpJ5gJkCiSnwgfyRoK9uTa7pnBxe07kl9zaTVEZyj05%2F83pKU%2FHEV%2B%2BI3Vwbvn7Fjr98g02JaXnnhrDpVRpzGfct%2BXpVci7MmjZMkO%2FX7bYItjI7WM1MnCVXt95cW48SI6yVOi5B5enmP2CyIk8mf8z29MVND9KUMFmBKFsolboES%2FZhk0XPagKjFjhIHORZMTHNYNFUkkCJBaZBAfsfHCzqA3sLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0wUEZ9OhttRV6%2FfLciL337U0VWDjmsPKv7Xlt0g26HcR4Ixr1Os9VtuW6T83anJ7weUluxX%2B9%2F9y8AAAD%2F%2FwEAAP%2F%2FCbl5J44EAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStDrOCenIVQfAwJ1GQSffMdGbGFRbjGgmuSdxdybm6qnqmTHVXU9U9PckpuCB7EQb0oJ46b5IN6iK7Fz0sgnS8LHtKg0gORvAgggcPC%2BJRZnZg9EPV%2F%2B%2B%2FOrz36390kJ0TFxk923pX70ml6LLfcOsvb8uY69zWN27UPbfhXqpvy3ilfak%2Bml5m%2BJrn%2Bg33lfrbgu3o5abrua7nevU1aUSoR8szFjK50%2FMaPbfRbjY8v42R%2BT%2B2mQNLHfDhObkIyasLgwf3IFmJOLp7RdidVCevvhVliqbaYMiP3493Yp3HiBZlaByE8fH8NbStCPlsCTo%2BnjuAHh5OHSCQFXF%2B9hDEx3OZCIZHj5UGCiJGwJ9GPiwhVAlJSzB9E5KfEoBxbGwijm5vaJPT3ccsnbIVqf39CDKvSO2X5xBH36wqOapf1ypLpY4tRmEBOSoh%2ByWS7ATpngOZn4ClH0JygjgqIHkxcy1lCRmWUGIMah1k0yMdZKGDLHEQ8bM69Xuh63bCIGy1um3GWKvFmN9d4T5vtbuhi4xNZY2RJmMwNQYz%2B0jMPnbkJ6f%2BxVM3qAh59BtM9gPsoIDlDmxaEee9fQx5gVwQ5JYgpwS5JMhTgnxYHHFlm7a4zZXNAm%2Bem%2FPcKiY67R%2FQI532RUwOknPyzGw0fz6%2Fgh1xVhd%2Br9dth91Wu9NqMr%2FTEiHlTd4MvI5PA5%2FCygLSLs1c78mKPPvXAImsyNLvJwjoCaw6AZMOaOaB5pNO0wUdTNpdF3vx%2FVCqSFgdKxmLAe8bmkrbYDpqBAZcF0jSGtJd50CdkxdmslYufAzBHpJ5gJkCiSnwgfyRoK9uTa7pnBxe07kl9zaTVEZyj05%2F83pKU%2FHEV%2B%2BI3Vwbvn7Fjr98g02JaXnnhrDpVRpzGfct%2BXpVci7MmjZMkO%2FX7bYItjI7WM1MnCVXt95cW48SI6yVOi5B5enmP2CyIk8mf8z29MVND9KUMFmBKFsolboES%2FZhk0XPagKjFjhIHORZMTHNYNFUkkCJBaZBAfsfHCzqA3sLfVMDTW%2FOtnNoCgxVAarGsNlTkzQxDy8%2F%2BHwaXyBQtUmgTO0wUEZ9OhttRV6%2FfLciL337U0VWDjmsPKv7Xlt0g26HcR4Ixr1Os9VtuW6T83anJ7weUluxX%2B9%2F9y8AAAD%2F%2FwEAAP%2F%2FCbl5J44EAAA%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea9e349e4b55f5e5f7ba83d7e23bdd34
Strict-Transport-Security: max-age=0; includeSubdomains
disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwbtYksufqquqZcqu7mqru6dk9LQYkF2FAD%2F659L7ZP6hBNhc9BFFmcwkLwjaI7MEVPHjxYCDgUWRmBwY%2F6P7%2BvDq8933vw%2B38lHjI6cnqO3pTKkUvBnXPfWlNJlwX1l254%2Fpe3bvkrslkuXXJHU5%2FZvCq7wV172X3LcHW9cWG53ue7%2FnuNWlEpIcXZyhker%2Fr17tevdWo%2B0ELQ%2FPf3uYOLHXAB6fkAiSvzvUfP4BkEyTxwVVh1zOdvvJmnCuaaYMB338vWU90kSBelJFxECX789fQtiLk0yXoZH%2BuAHqwM1WAUFbE%2BcVHmOzPaSIc7J4xDRVEgpD%2FD8VgAqEmkHQCpu9C8mMCMI6Vm0jivRVtCrpxhtIpWpHa308hi4rUfn0WSfzNFSWH7m2t8kzqxGIYlZDDCWRvgjQ%2FRLbpQBaHYNkHkJwgiUtIXs5USzmBjCZQYgRqHeTTTzrIIwd56iDmJy4NupHntaMwajY7LcZYs8lY0FnmAW%2B2OpGHnE1pjZClIzA1AjNbSM0W1uXHx8GFYy%2BsCHn6O0z%2BI2y%2FhOUObFYR590tDHiJQhAUlqCgBIUkKDKCYlDucmUbttzjyuahP8%2BNeW6WY531tumuznoiIdvpKfn%2FbDV%2FPreMdXHiiqDb7bSiTrPVbjZY0G6KiPIGb4R%2BO6BhQGFlCWmXZqo3ZUWe%2BauPVFZk6Y9DhPQQVh2CSQc090GLcbvhgfbHrY6HzeRhJFUsrE6UTESf9wzNpK0zHddDA65LpFkN2YazrU7J8zNar10%2BgGBHl5%2BYA%2FfRF3tgpkRqSrwvHxH01L3xLV2QnVu6sOTBzTSTsdyk02vezmgmal%2B9LTYKbfj1q3b05etsCkzL%2B3eEzW7QhMukZ8nXVyTnwlzThgny%2FXW7JsLV3Pav5CbJ0xurb1y7HqdGWCt1MgGdOnN6KlmR8%2F%2B8MHOqG%2F8EaSYweYk4PyLzgNQTsHQLNl3MrCYwatGH6RKKvBybRrgYKkmgxKKnYQkrFksIxdEPT86wbXsPPVMDze7O%2FDkwJQaqBFUj2Pz8OEvN0eXHn03jc4SqNg6Vqe2EyqhPKrJ87qPZhivy4rc%2FV2R5h8PKEzfwW6ITdtqM81Aw7rcbzU7T8xqct9pd4XeR2Yr99vC7fwEAAP%2F%2FAQAA%2F%2F%2FD676lkAQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 disabledincomprehensiblecitizens.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwbtYksufqquqZcqu7mqru6dk9LQYkF2FAD%2F659L7ZP6hBNhc9BFFmcwkLwjaI7MEVPHjxYCDgUWRmBwY%2F6P7%2BvDq8933vw%2B38lHjI6cnqO3pTKkUvBnXPfWlNJlwX1l254%2Fpe3bvkrslkuXXJHU5%2FZvCq7wV172X3LcHW9cWG53ue7%2FnuNWlEpIcXZyhker%2Fr17tevdWo%2B0ELQ%2FPf3uYOLHXAB6fkAiSvzvUfP4BkEyTxwVVh1zOdvvJmnCuaaYMB338vWU90kSBelJFxECX789fQtiLk0yXoZH%2BuAHqwM1WAUFbE%2BcVHmOzPaSIc7J4xDRVEgpD%2FD8VgAqEmkHQCpu9C8mMCMI6Vm0jivRVtCrpxhtIpWpHa308hi4rUfn0WSfzNFSWH7m2t8kzqxGIYlZDDCWRvgjQ%2FRLbpQBaHYNkHkJwgiUtIXs5USzmBjCZQYgRqHeTTTzrIIwd56iDmJy4NupHntaMwajY7LcZYs8lY0FnmAW%2B2OpGHnE1pjZClIzA1AjNbSM0W1uXHx8GFYy%2BsCHn6O0z%2BI2y%2FhOUObFYR590tDHiJQhAUlqCgBIUkKDKCYlDucmUbttzjyuahP8%2BNeW6WY531tumuznoiIdvpKfn%2FbDV%2FPreMdXHiiqDb7bSiTrPVbjZY0G6KiPIGb4R%2BO6BhQGFlCWmXZqo3ZUWe%2BauPVFZk6Y9DhPQQVh2CSQc090GLcbvhgfbHrY6HzeRhJFUsrE6UTESf9wzNpK0zHddDA65LpFkN2YazrU7J8zNar10%2BgGBHl5%2BYA%2FfRF3tgpkRqSrwvHxH01L3xLV2QnVu6sOTBzTSTsdyk02vezmgmal%2B9LTYKbfj1q3b05etsCkzL%2B3eEzW7QhMukZ8nXVyTnwlzThgny%2FXW7JsLV3Pav5CbJ0xurb1y7HqdGWCt1MgGdOnN6KlmR8%2F%2B8MHOqG%2F8EaSYweYk4PyLzgNQTsHQLNl3MrCYwatGH6RKKvBybRrgYKkmgxKKnYQkrFksIxdEPT86wbXsPPVMDze7O%2FDkwJQaqBFUj2Pz8OEvN0eXHn03jc4SqNg6Vqe2EyqhPKrJ87qPZhivy4rc%2FV2R5h8PKEzfwW6ITdtqM81Aw7rcbzU7T8xqct9pd4XeR2Yr99vC7fwEAAP%2F%2FAQAA%2F%2F%2FD676lkAQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutXiaX%2FE6%2FKIKe%2BiQKMumemd6ZMUIwxkgwbtYksufqquqZcqu7mqru6dk9LQYkF2FAD%2F659L7ZP6hBNhc9BFFmcwkLwjaI7MEVPHjxYCDgUWRmBwY%2F6P7%2BvDq8933vw%2B38lHjI6cnqO3pTKkUvBnXPfWlNJlwX1l254%2Fpe3bvkrslkuXXJHU5%2FZvCq7wV172X3LcHW9cWG53ue7%2FnuNWlEpIcXZyhker%2Fr17tevdWo%2B0ELQ%2FPf3uYOLHXAB6fkAiSvzvUfP4BkEyTxwVVh1zOdvvJmnCuaaYMB338vWU90kSBelJFxECX789fQtiLk0yXoZH%2BuAHqwM1WAUFbE%2BcVHmOzPaSIc7J4xDRVEgpD%2FD8VgAqEmkHQCpu9C8mMCMI6Vm0jivRVtCrpxhtIpWpHa308hi4rUfn0WSfzNFSWH7m2t8kzqxGIYlZDDCWRvgjQ%2FRLbpQBaHYNkHkJwgiUtIXs5USzmBjCZQYgRqHeTTTzrIIwd56iDmJy4NupHntaMwajY7LcZYs8lY0FnmAW%2B2OpGHnE1pjZClIzA1AjNbSM0W1uXHx8GFYy%2BsCHn6O0z%2BI2y%2FhOUObFYR590tDHiJQhAUlqCgBIUkKDKCYlDucmUbttzjyuahP8%2BNeW6WY531tumuznoiIdvpKfn%2FbDV%2FPreMdXHiiqDb7bSiTrPVbjZY0G6KiPIGb4R%2BO6BhQGFlCWmXZqo3ZUWe%2BauPVFZk6Y9DhPQQVh2CSQc090GLcbvhgfbHrY6HzeRhJFUsrE6UTESf9wzNpK0zHddDA65LpFkN2YazrU7J8zNar10%2BgGBHl5%2BYA%2FfRF3tgpkRqSrwvHxH01L3xLV2QnVu6sOTBzTSTsdyk02vezmgmal%2B9LTYKbfj1q3b05etsCkzL%2B3eEzW7QhMukZ8nXVyTnwlzThgny%2FXW7JsLV3Pav5CbJ0xurb1y7HqdGWCt1MgGdOnN6KlmR8%2F%2B8MHOqG%2F8EaSYweYk4PyLzgNQTsHQLNl3MrCYwatGH6RKKvBybRrgYKkmgxKKnYQkrFksIxdEPT86wbXsPPVMDze7O%2FDkwJQaqBFUj2Pz8OEvN0eXHn03jc4SqNg6Vqe2EyqhPKrJ87qPZhivy4rc%2FV2R5h8PKEzfwW6ITdtqM81Aw7rcbzU7T8xqct9pd4XeR2Yr99vC7fwEAAP%2F%2FAQAA%2F%2F%2FD676lkAQAAA%3D%3D HTTP/1.1
Host: disabledincomprehensiblecitizens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Cookie: u_pl=15406646; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c3da7255df3260e31e4b211c5810af4
Strict-Transport-Security: max-age=0; includeSubdomains
hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=1222925
190.115.19.71200 OK 2 B URL HTTP/2 hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=1222925
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=1222925 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug; dom3ic8zudi28v8lr6fgphwffqoz0j6c=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1; sb_main_ab0be2a44b7ecf91bdbd5cd360d84937=1; sb_count_ab0be2a44b7ecf91bdbd5cd360d84937=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=subscribestormyapprobation.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hqq.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 577248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
subscribestormyapprobation.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqZT1VX95SzEOEaCYybMB8GFi%2FdVnWde16t5r6qrk1WYAZll68pl5XQ%2BUAdxVi5kQCpuZFbTLiSgEfwXBFcupDsNrXfx7j33vMW5595PD%2FJz4iOnZ5sfmj2lNV1p1v3aa1sqEaZwtY3btcCv%2B1drWyppRVdrw%2BljB28FfrPuv157X%2FIds9LwA98P%2FKC2pqyMzXBlxkKlD7tBvevXo0Y9aEYY2v9il3tw1IMYnJMXoMTk%2F9s%2FPYLiFZL%2Bt9ek28lM%2BuZ7%2FVzTzFgMxMmdZCcxRYL%2Booythzg5mf%2BGcRNCvrgEk5zMJ4AZHE4nAFMT4v0SgCUnc5lgg6MLpUxDJmDiORSDClJXULQCN%2FehxFMCcIGNG0j6xxvGFnT3gqVTdkKW%2FvoTqpiQpd9eRNL%2FZlWrYe2W0XmmTOIwjEuoYQXVq5Dmp8j2PKjiFDy7ByUIkn4JJc5e4ZRK2mHBcrvVbi9HkrLlTsjZcuQzGvqtTkPEzZk1SlVQcQUtR6DuEnLnIVce8thDnnroi7MabXZj32%2FHLA7DTsQ5D0POm52WaIow6sQ%2Bcj7VPkKWjsD1CNzuI7X72FEj2PwHuO0STnhwGcFAlCgkQeEICkpQKIIiIygG5ZHQruHKY6FdzoJ5bsxzWI5N1jugRybryYQcpOfk%2Balh3rP3xtiRZzXKfCYbNIpYW%2FK4GzDBRJOLsOWLTtQN23CqhHKXQJ2HPTUhLz1%2BA6makGc%2B%2FhWMnsLpU3D1Kmj%2BMmgxbjd80O1x1PGxlxxv371bzwyEKZFmS8h2vQN9Tq7MVtZo%2FQ3Jn5B5gNsSqS3xifqRoKcfjG%2BaghzeNIUjj26kmeqrPTpd562MZvLyVx%2FI3cJYsX7Njb58h0%2BJafnwtnTZdZoIlfQc%2BXpVCSHtmrFcksfrbkuyzdxtr%2BY2ydPrm%2B%2BurfdTK51TJqlA1dOPPgdXE3KZ3pkd6pXJH1C2gs1L9POFUmUq8HQfLl30nCGweoFZ6qHIy7FtsEVTKwItF5iyEu5fmC3qA%2FcAPeuBZvdn5zmwJQa6BNUjuPx%2F4yy1T97%2BOZwFmPbGTFvvkGmrP7uw1qmzWjOIZId12lwIJrkI2o2wE%2Fp%2BQ4io3ZVBF5mb8N%2B%2F%2F%2B4fAAAA%2F%2F8BAAD%2F%2F4OYOa6ABAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 subscribestormyapprobation.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqZT1VX95SzEOEaCYybMB8GFi%2FdVnWde16t5r6qrk1WYAZll68pl5XQ%2BUAdxVi5kQCpuZFbTLiSgEfwXBFcupDsNrXfx7j33vMW5595PD%2FJz4iOnZ5sfmj2lNV1p1v3aa1sqEaZwtY3btcCv%2B1drWyppRVdrw%2BljB28FfrPuv157X%2FIds9LwA98P%2FKC2pqyMzXBlxkKlD7tBvevXo0Y9aEYY2v9il3tw1IMYnJMXoMTk%2F9s%2FPYLiFZL%2Bt9ek28lM%2BuZ7%2FVzTzFgMxMmdZCcxRYL%2Booythzg5mf%2BGcRNCvrgEk5zMJ4AZHE4nAFMT4v0SgCUnc5lgg6MLpUxDJmDiORSDClJXULQCN%2FehxFMCcIGNG0j6xxvGFnT3gqVTdkKW%2FvoTqpiQpd9eRNL%2FZlWrYe2W0XmmTOIwjEuoYQXVq5Dmp8j2PKjiFDy7ByUIkn4JJc5e4ZRK2mHBcrvVbi9HkrLlTsjZcuQzGvqtTkPEzZk1SlVQcQUtR6DuEnLnIVce8thDnnroi7MabXZj32%2FHLA7DTsQ5D0POm52WaIow6sQ%2Bcj7VPkKWjsD1CNzuI7X72FEj2PwHuO0STnhwGcFAlCgkQeEICkpQKIIiIygG5ZHQruHKY6FdzoJ5bsxzWI5N1jugRybryYQcpOfk%2Balh3rP3xtiRZzXKfCYbNIpYW%2FK4GzDBRJOLsOWLTtQN23CqhHKXQJ2HPTUhLz1%2BA6makGc%2B%2FhWMnsLpU3D1Kmj%2BMmgxbjd80O1x1PGxlxxv371bzwyEKZFmS8h2vQN9Tq7MVtZo%2FQ3Jn5B5gNsSqS3xifqRoKcfjG%2BaghzeNIUjj26kmeqrPTpd562MZvLyVx%2FI3cJYsX7Njb58h0%2BJafnwtnTZdZoIlfQc%2BXpVCSHtmrFcksfrbkuyzdxtr%2BY2ydPrm%2B%2BurfdTK51TJqlA1dOPPgdXE3KZ3pkd6pXJH1C2gs1L9POFUmUq8HQfLl30nCGweoFZ6qHIy7FtsEVTKwItF5iyEu5fmC3qA%2FcAPeuBZvdn5zmwJQa6BNUjuPx%2F4yy1T97%2BOZwFmPbGTFvvkGmrP7uw1qmzWjOIZId12lwIJrkI2o2wE%2Fp%2BQ4io3ZVBF5mb8N%2B%2F%2F%2B4fAAAA%2F%2F8BAAD%2F%2F4OYOa6ABAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nb%2F8RsGV4mZAoRcKiqZT1VX95SzEOEaCYybMB8GFi%2FdVnWde16t5r6qrk1WYAZll68pl5XQ%2BUAdxVi5kQCpuZFbTLiSgEfwXBFcupDsNrXfx7j33vMW5595PD%2FJz4iOnZ5sfmj2lNV1p1v3aa1sqEaZwtY3btcCv%2B1drWyppRVdrw%2BljB28FfrPuv157X%2FIds9LwA98P%2FKC2pqyMzXBlxkKlD7tBvevXo0Y9aEYY2v9il3tw1IMYnJMXoMTk%2F9s%2FPYLiFZL%2Bt9ek28lM%2BuZ7%2FVzTzFgMxMmdZCcxRYL%2Booythzg5mf%2BGcRNCvrgEk5zMJ4AZHE4nAFMT4v0SgCUnc5lgg6MLpUxDJmDiORSDClJXULQCN%2FehxFMCcIGNG0j6xxvGFnT3gqVTdkKW%2FvoTqpiQpd9eRNL%2FZlWrYe2W0XmmTOIwjEuoYQXVq5Dmp8j2PKjiFDy7ByUIkn4JJc5e4ZRK2mHBcrvVbi9HkrLlTsjZcuQzGvqtTkPEzZk1SlVQcQUtR6DuEnLnIVce8thDnnroi7MabXZj32%2FHLA7DTsQ5D0POm52WaIow6sQ%2Bcj7VPkKWjsD1CNzuI7X72FEj2PwHuO0STnhwGcFAlCgkQeEICkpQKIIiIygG5ZHQruHKY6FdzoJ5bsxzWI5N1jugRybryYQcpOfk%2Balh3rP3xtiRZzXKfCYbNIpYW%2FK4GzDBRJOLsOWLTtQN23CqhHKXQJ2HPTUhLz1%2BA6makGc%2B%2FhWMnsLpU3D1Kmj%2BMmgxbjd80O1x1PGxlxxv371bzwyEKZFmS8h2vQN9Tq7MVtZo%2FQ3Jn5B5gNsSqS3xifqRoKcfjG%2BaghzeNIUjj26kmeqrPTpd562MZvLyVx%2FI3cJYsX7Njb58h0%2BJafnwtnTZdZoIlfQc%2BXpVCSHtmrFcksfrbkuyzdxtr%2BY2ydPrm%2B%2BurfdTK51TJqlA1dOPPgdXE3KZ3pkd6pXJH1C2gs1L9POFUmUq8HQfLl30nCGweoFZ6qHIy7FtsEVTKwItF5iyEu5fmC3qA%2FcAPeuBZvdn5zmwJQa6BNUjuPx%2F4yy1T97%2BOZwFmPbGTFvvkGmrP7uw1qmzWjOIZId12lwIJrkI2o2wE%2Fp%2BQ4io3ZVBF5mb8N%2B%2F%2F%2B4fAAAA%2F%2F8BAAD%2F%2F4OYOa6ABAAA HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334947; uid_id2=caaea8b1-7677-4eab-83cb-40ba30682df5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 196b21141f1f7237cc648687d710eed7
Strict-Transport-Security: max-age=0; includeSubdomains
subscribestormyapprobation.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 subscribestormyapprobation.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334947; uid_id2=caaea8b1-7677-4eab-83cb-40ba30682df5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 14:22:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hqq.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 436422
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
inc.freefind.com/inc/ffse-overlay.min.css
63.249.66.205200 OK 591 B URL HTTP/1.1 inc.freefind.com/inc/ffse-overlay.min.css
IP 63.249.66.205:0
File type ASCII text, with very long lines (464)
Hash da4eca504c7e6f3c7df6ba07856068ad
11b3c776894df60f9ed68853cdbf72a165efc27d
92c64b65a67870ef68b2fc421c0cc4d341feb3f4c25e3dd0f4348b06d745e181
GET /inc/ffse-overlay.min.css HTTP/1.1
Host: inc.freefind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 10 Apr 2018 20:54:25 GMT
Expires: Sun, 05 Feb 2023 14:27:48 GMT
Cache-control: max-age=300
content-encoding: gzip
Server: unknown
Content-Type: text/css; charset=utf-8
Content-Length: 591
Date: Sun, 05 Feb 2023 14:22:48 GMT
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/jquery.min.js
172.64.166.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/jquery.min.js
IP 172.64.166.9:0
File type ASCII text, with very long lines (65451)
Hash bf818b5ecdb39794c854415d06ecffc3
7f9a401a2d90ae41313672ce0e72bb15e69141a3
f9fc0ec9e517de711e54cc72f2eb34db5c77f0ac0f7b7f8b589609be6f5ff43e
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7086557
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot0%2Fe0Q9TkhJxtymyHXr1JDxZc7hFw9xxjtmHJejvcoRbrsFV4MkWISgi0LcRqtXqmQ%2FCufkT%2BMpywG4x60tUA6mLuX4ACB9JndUIxs5h2m0EliIhppSQR%2BsWE5wEfhxZCc6ie1ktPfq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdcafc188b0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 13:44:08 GMT
expires: Sun, 05 Feb 2023 15:44:08 GMT
cache-control: public, max-age=7200
age: 2320
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dd1b8b25bb474958fe86b70d2c3f4f1e
5f566247079fade9c07b785c7878965f06d60f87
2562617404134600a16ab198d0f8b0be313437752ea3dd8a1c1be81fb7152dde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2562617404134600A16AB198D0F8B0BE313437752EA3DD8A1C1BE81FB7152DDE"
Last-Modified: Sun, 05 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11050
Expires: Sun, 05 Feb 2023 17:26:58 GMT
Date: Sun, 05 Feb 2023 14:22:48 GMT
Connection: keep-alive
filmes-online-hd-2.disqus.com/embed.js
199.232.192.134200 OK 26 kB URL HTTP/1.1 filmes-online-hd-2.disqus.com/embed.js
IP 199.232.192.134:0
File type ASCII text, with very long lines (32006)
Hash 32f5c8af53b7200536b25455562eb4fc
4796742acf81d3b66fdbaee44c3899a36cd8301b
bcb940807606248702a511075e23a76a1d6adb756cc40660166d1ced2647ad01
GET /embed.js HTTP/1.1
Host: filmes-online-hd-2.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25642
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 14:22:48 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32f2303686dd97bd505c717191db295e
ec7f36c2f8416458cac98eee989c51c7f880c747
8f093240519e2239d7c63c9236cb862fe2483d9f641c2beb99287b71d69c789e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F093240519E2239D7C63C9236CB862FE2483D9F641C2BEB99287B71D69C789E"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13647
Expires: Sun, 05 Feb 2023 18:10:15 GMT
Date: Sun, 05 Feb 2023 14:22:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&gjid=1526347497&_gid=277304633.1675607009&_u=YADAAUAAAAAAACAAI~&z=388638281
74.125.131.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&gjid=1526347497&_gid=277304633.1675607009&_u=YADAAUAAAAAAACAAI~&z=388638281
IP 74.125.131.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&gjid=1526347497&_gid=277304633.1675607009&_u=YADAAUAAAAAAACAAI~&z=388638281 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.filmesonlinehdgratis.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 14:22:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/script.js
172.64.166.9200 OK 7.7 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/script.js
IP 172.64.166.9:0
Hash 022ef58c856cfe8c763e1c6588aec759
142207d5f18b64978c83acf6ea4985fabb68b5bc
250f8d767fe0f20035836918fb80207c1eb1219501f77057745adf8bd628c687
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7085782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wrAVlz5OHYO8P5GP9nElUCZYbrlZBLKqYtTCkMV9%2BZiQuwPgNTbYEYVHJQG%2Fzu1WhGVGuVjUsq6oWeIP%2FZqphJhBklWzT5mvLxmGpG1hibm2SF8K3Cq3j4tMPWQX8lZZjVYcyVoGn7%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdd487388b0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/css/style.css
172.64.166.9200 OK 2.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/css/style.css
IP 172.64.166.9:0
Hash 8c5e1981725f9839a18db3d5b7efdc44
7aad43163a0c1f66f09f71e1ee3fb794c64185e2
4b3831e0ae76d609c256c2edac5ba86e7f06371e9964ca55dd3481cd3712385c
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7085787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT8Zz9XVqUUqMPzccmv3ma8UIU1vyI%2FwJTkqJ0LYoNc08AsRD58weib2RwjDfM7X09XoYh3ccVeRz02y%2BN4x5JkYNSM1b10DW218xzoNrCyWQGV5J5PWMsCROv74Y4PD5TcNUB9CBIGp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdc8f9988b0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/index.html
172.67.74.218200 OK 5.4 kB URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/index.html
IP 172.67.74.218:0
File type HTML document, ASCII text
Hash 8d304721fb292f2acd0f6581a1b3f08a
b205b82831614e19786cdc0b0cb3b8dfc04e59a8
7379182851e370a450e6bc1b5aafc1f3c4e3eeda2d560de3ebae7bb2bba563ad
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/mar22/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:47 GMT
content-type: text/html
last-modified: Fri, 11 Mar 2022 11:31:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 265122
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YcbWQFLF7nIwFWt4XuAkca0FPWFVkKOVF6bfMBd4RDVwB0LLueVZ1Z3tlje%2BWWvRXibrGv3aeK4ujcScDsrX59AR2C3uRFNPw1RLyCOn37aIp4HNrE8W%2B89JVA1%2BrSDMaMsPQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c4cdb6ee1b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 14:22:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-108373166-6&cid=1206375308.1675607009&jid=1670064448&_u=YADAAUAAAAAAACAAI~&z=586465837 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 14:22:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
filmes-online-hd-2.disqus.com/recommendations.js
199.232.192.134200 OK 21 kB URL HTTP/1.1 filmes-online-hd-2.disqus.com/recommendations.js
IP 199.232.192.134:0
File type ASCII text, with very long lines (32056)
Hash feae9f6c61982bd57088019f9d206304
fb200368633c07767de08d0ebdcad722ee0c90b4
2f76c3252a2f32d37bd7f742c8a34157f39ddb9f72cdc69062e0ae1f91c27841
GET /recommendations.js HTTP/1.1
Host: filmes-online-hd-2.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 21350
Server: openresty
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 14:22:48 GMT
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
151.101.0.134200 OK 3.0 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
IP 151.101.0.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3382)
Hash f70dd13e27eaebc22199e316e4cf5fe1
804147caa22d1c66fc79611d9e1ae5b69817e8c0
94f952501c94c1b2fec516ba30df8b065446673d130b8de4579a25dd97a30f00
GET /embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2995
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 21 Aug 2022 22:30:37 GMT
ETag: W/"lounge:view:9318433015.b9461d10ae541303da58872aec511fa1.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 14:22:48 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/lounge.load.535e02cb37c76499f9768559d5c40585.js
143.204.55.37200 OK 495 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.535e02cb37c76499f9768559d5c40585.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (958), with no line terminators
Hash 90b558c469f01fa3f04733343025a4eb
9fdb1c98238433e2c7585324ad031ea541d6f8bb
c50fcca76fcbccbf8c1ef3be13aaa931872b5cee3ab69b74078a82dc93e3f548
GET /next/embed/lounge.load.535e02cb37c76499f9768559d5c40585.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 495
date: Thu, 02 Feb 2023 18:14:22 GMT
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:56 GMT
etag: "63dbf9a4-1ef"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 18:14:22 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JxexYctcfm2lfQKEOYBOFOjTYKTCam2ThoZwlkWixtA34R-1vCdscQ==
age: 245306
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-YKDQFT58L2>m=45je3210&_p=697661218&cid=1206375308.1675607009&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675607008&sct=1&seg=0&dl=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&dt=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YKDQFT58L2>m=45je3210&_p=697661218&cid=1206375308.1675607009&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675607008&sct=1&seg=0&dl=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&dt=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YKDQFT58L2>m=45je3210&_p=697661218&cid=1206375308.1675607009&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675607008&sct=1&seg=0&dl=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&dt=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.filmesonlinehdgratis.com.br
date: Sun, 05 Feb 2023 14:22:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
143.204.55.37200 OK 94 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (32023)
Hash bf4a0b5b88f74f7ef0476bf5f18d26b6
7f5b902779d8379c2790a6d07c49c7c25d30f1d5
05ff45a6562c6c33d76dd0c58498dcf5dba43d6e2240b94b05091d3e47c2d635
GET /next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94186
date: Wed, 18 Jan 2023 17:45:34 GMT
server: nginx
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
etag: "63c82f23-16fea"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 17:45:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xiNIwGh2ZYjRmnGHX-dSdNSujOOV71cl_1faefxcUiSFUCLdTekNsQ==
age: 1543034
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
143.204.55.37200 OK 33 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
IP 143.204.55.37:0
File type ASCII text, with very long lines (65469)
Hash 9cb2d1b45c71c205af971a7db6a97a5b
1a9b37ab5199e8675de34690e73fa43de566350b
3be3d2719385c270fd6e2b28ce51cf3442b913699a6d7e1e3ac1417b9e455458
GET /next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 33302
date: Thu, 02 Feb 2023 18:14:20 GMT
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
etag: "63dbf9a5-8216"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 18:14:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qwX_rlGRTRN7W09JdF5idLIgzSqnrpXEFTzXO7k9_ElzLzqr_qLPWw==
age: 245309
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js
143.204.55.37200 OK 130 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (32018)
Size 130 kB (129580 bytes)
Hash f53c48d7de63f855a51090483b230e21
183508bba75e95fd74d28fd61d98a88ccdb7be30
4c02b35a7d3242d50a86d0b9bc919cc96b2e6f5897f113b0e33decdd1e70cb47
GET /next/embed/lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 129580
date: Thu, 02 Feb 2023 18:14:21 GMT
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
etag: "63dbf9a5-1fa2c"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 18:14:21 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LzCilHPdb7YgfhTAMJFaFcH5dL4naoo57koxSm0Fh8tE8J2sqHLntw==
age: 245308
X-Firefox-Spdy: h2
disqus.com/recommendations/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD
151.101.0.134200 OK 2.5 kB URL HTTP/1.1 disqus.com/recommendations/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD
IP 151.101.0.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3318)
Hash e732fb127a218f7d2d816e4b34ecbd0e
541cd66050f82276d87b76f41fb537cd19f9779e
5b995003d382acbac481363284e7fdb3ce1a4e9534f9d5110dfca82df30e2645
GET /recommendations/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2501
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Thu, 22 Jul 2021 14:54:36 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
disqus.com/next/config.js
151.101.0.134200 OK 17 kB URL HTTP/1.1 disqus.com/next/config.js
IP 151.101.0.134:0
File type ASCII text, with very long lines (17077), with no line terminators
Hash 3de9ae3bfa9312728931e3576f14a2e1
fb316e359f87107a5206725279db69581aaf5068
263b09281522ea09ca51070c7f42e99c083094c81ed30a6e77a1abc55511d44c
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17077
Server: nginx
Content-Type: application/javascript; charset=UTF-8
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 20
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/recommendations/recommendations.load.6198324358ffdf521018b41ad5f57e72.js
143.204.55.37200 OK 447 B URL HTTP/2 c.disquscdn.com/next/recommendations/recommendations.load.6198324358ffdf521018b41ad5f57e72.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (923), with no line terminators
Hash 602983e01381e96e9abecb45a8ff1f94
4ec204119f13550278b48334d7e31cbf810f4b99
fe8fd8c90ff6240ef21a19e5365f75e39f0c4ae9e704624e80486867a7ec6737
GET /next/recommendations/recommendations.load.6198324358ffdf521018b41ad5f57e72.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 447
date: Mon, 09 Jan 2023 12:55:42 GMT
server: nginx
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
etag: "63b87143-1bf"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 09 Jan 2024 12:55:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YeGPs8DUM0P_tf6R2qHbQwLieCsKKAUW4F3-jX0lqkfkHJis-0cjzQ==
age: 2338027
X-Firefox-Spdy: h2
c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js
143.204.55.37200 OK 89 kB URL HTTP/2 c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (32023)
Hash ff1ac82265ea5b905f3bf3ec5b5c69d0
177b91ea3e9577a3e55bb05061e06fe25c4a0b5b
f37f7a146f9815317003eb2a0cbe3fe0a5e5c50ee7e35e5e87252a245bb383fa
GET /next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 88876
date: Sun, 08 Jan 2023 01:25:31 GMT
server: nginx
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
etag: "63b87143-15b2c"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2024 01:25:31 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OYacWL_RXzzqc0mVYCtjvI2DcWAnnTwLuHB-Y7ZNFI8xrcXTi3kejg==
age: 2465838
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/embed/lang/pt_BR.js
143.204.55.37200 OK 5.4 kB URL HTTP/2 c.disquscdn.com/next/current/embed/lang/pt_BR.js
IP 143.204.55.37:0
File type Unicode text, UTF-8 text, with very long lines (14161), with no line terminators
Hash d5477ab125a269e5f16513540a124e89
4129bf8dba80599f061a8733636e83d3e674fc1e
6c7839e24e1830f334836329385f234ba0940fbe4145fbf1747cd9b0b78aca84
GET /next/current/embed/lang/pt_BR.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 5428
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 05 Feb 2023 14:20:44 GMT
expires: Sun, 05 Feb 2023 14:25:44 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-1534"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BmORRJTt3iK_zn9ueRrAXmDOxsA2jW_fdm7bIhwb9j7f4LfLrumlZQ==
age: 125
X-Firefox-Spdy: h2
c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
143.204.55.37200 OK 3.0 kB URL HTTP/2 c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
IP 143.204.55.37:0
File type ASCII text, with very long lines (14131), with no line terminators
Hash e469e3b929d327230768372d944c950f
a153a1db31549e58f4fb957c38f7e737075cec28
92ad1ac4b05d52f039295fc4b974be49f3ef60b8eb951bf0d2c9b87ae1898289
GET /next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 2978
date: Fri, 13 Jan 2023 01:08:23 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-ba2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 01:08:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 60RD9-jodWevl4MCdQhNCemLtSp8MbgK3UT-YIgGYGvF0zFhwJTkwg==
age: 2034866
X-Firefox-Spdy: h2
c.disquscdn.com/next/recommendations/recommendations.bundle.2502c0f5aa4270464aad7e38352f9a52.js
143.204.55.37200 OK 20 kB URL HTTP/2 c.disquscdn.com/next/recommendations/recommendations.bundle.2502c0f5aa4270464aad7e38352f9a52.js
IP 143.204.55.37:0
File type Unicode text, UTF-8 text, with very long lines (32129)
Hash b056485ba2419d59d38a6da33188ec13
6fff4769b5150f6363b570d0e2eb72e9fce12550
ef7291a5da46d6ebf78d4ff6b19f5e36d880decdd876907aa1b16f66e3a4cbfe
GET /next/recommendations/recommendations.bundle.2502c0f5aa4270464aad7e38352f9a52.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 20321
date: Fri, 13 Jan 2023 01:20:14 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-4f61"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 01:20:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CtxQCVREdNzmxn7UNZzqEl16xeKHmbUElW5vWRGsh-yibyC00TQq3Q==
age: 2034155
X-Firefox-Spdy: h2
c.disquscdn.com/uploads/forums/546/9845/avatar92.jpg?1523664986
143.204.55.37200 OK 5.2 kB URL HTTP/2 c.disquscdn.com/uploads/forums/546/9845/avatar92.jpg?1523664986
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash c3fa15130d0d3bc5699705483294d694
b08ca3df93513379303980cb038f61967296c58f
39e8efb482454b7b399dbc922ac1d91844d1def6955f2c87e4911476bdcb31ab
GET /uploads/forums/546/9845/avatar92.jpg?1523664986 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5160
date: Thu, 12 Jan 2023 01:38:55 GMT
server: nginx
last-modified: Sat, 14 Apr 2018 00:16:27 GMT
etag: "c3fa15130d0d3bc5699705483294d694"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 01:38:55 GMT
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vFErgL4CaGnHxo-KqtpxB5s_-t2NS0neD9cDe7r0USAZ9IMeLNK4_w==
age: 2119434
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
143.204.55.37200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP 143.204.55.37:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Sun, 15 Jan 2023 02:16:14 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 02:16:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NsIPKBkffzbjwZG1FBIKO09vaKpWeAhGbN1a6ITIFS7fckVcLQDk2g==
age: 1857994
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg
143.204.55.37200 OK 279 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg
IP 143.204.55.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash db918335ef853b5fb09a9c6bb933ac5b
18f65ddc4dcfa6e45c927a7e7f7bcdad04b5cbb1
3ef55a2dfb1f5a96fc821ab726854564a8106c4e503b71b1744aea108d31b54e
GET /next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 279
date: Wed, 11 Jan 2023 08:50:11 GMT
server: nginx
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
etag: "63b87143-117"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 08:50:11 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4EGdWAhKF2EvE_uJ-X5SNMju6BjB2FCKt_SPZVbEwhMm9w_olXZ9lQ==
age: 2179958
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
143.204.55.37200 OK 3.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
IP 143.204.55.37:0
File type gzip compressed data, max compression\012- data
Hash 8436de66f7a5e4e0bc1601b0331c40b8
e6b200c7ada75a0d11c72d895a6093de5c30f7f3
6aea32d9301da4ff07921987cc9b1d95ac7052033fdadee94086273bea2ccea2
GET /next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2971
date: Thu, 12 Jan 2023 03:03:01 GMT
server: nginx
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
etag: "63b87143-b9b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 03:03:01 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jyTgkrB74Y7Wk-YPmM-zZ4NqEb3AEA4ko0nsQ-SBdQ7ab1WZPIciAA==
age: 2114388
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
143.204.55.37200 OK 840 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
IP 143.204.55.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (736)
Hash 727e30eb9b6c1e85cb010b9c8eb04c7e
5b7ed3f88c4d25d1d9e15bbd15af68daf5c573b4
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
GET /next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 840
date: Wed, 28 Dec 2022 03:03:26 GMT
server: nginx
last-modified: Thu, 22 Dec 2022 23:22:39 GMT
etag: "63a4e6bf-348"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 28 Dec 2023 03:03:26 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7aI-3l-6bX_LUTG-K6tWrF--VtSfRLMbD3v5FCVMjzpUskmQ-HJt-A==
age: 3410363
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
143.204.55.37200 OK 891 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
IP 143.204.55.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (787)
Hash 8c96be6b50de1c3fab838c5f050e0be5
d0eb4a80710c083c77020cc3b6cd6756cf0bca60
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
GET /next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 891
date: Wed, 28 Dec 2022 03:03:26 GMT
server: nginx
last-modified: Thu, 22 Dec 2022 23:22:39 GMT
etag: "63a4e6bf-37b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 28 Dec 2023 03:03:26 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YOiL5v6uEVkXVYJW1lIcWyIM3ZSQ-xJSLij8q6SvFcWG4izUAm5AdQ==
age: 3410363
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
143.204.55.37200 OK 605 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
IP 143.204.55.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (503)
Hash 3bc0b4bff6c268a4ceaf404014b9be42
d8f61dc82cbbd889b66505bb3e9c7711b9bb8cb5
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
GET /next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 605
date: Tue, 17 Jan 2023 07:05:35 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-25d"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 17 Jan 2024 07:05:35 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3R_f7v12APGS87id0DoVEARcMRRXSWQywI9x7zpNwKaB1z7igaS15w==
age: 1667834
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
143.204.55.37200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP 143.204.55.37:0
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Tue, 17 Jan 2023 06:16:10 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 17 Jan 2024 06:16:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GUPo8JqiAyt7U8V_w_dKrXwSRdtYO5yiMmkFV_8KyjHcAH-HbTgwzA==
age: 1670799
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.0.134200 OK 3.6 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.0.134:0
File type JSON data\012- , ASCII text, with very long lines (3570), with no line terminators
Hash f4a96b8192be65b00645f3e377be9256
86ced5b14db2c2d4cb6b40309f637fcde265f296
ffd12387e51d80bd6c9fa1f8f3aa409446c13d1dfdee8871f955c70b7b78e248
GET /api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3570
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
143.204.55.37200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP 143.204.55.37:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Wed, 18 Jan 2023 06:17:27 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 06:17:27 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5BZPRCkUj-aZUpHTMohAdK5L9rZ1y--fx06v_-1eSfrVyTF-DiRYwA==
age: 1584322
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
143.204.55.37200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP 143.204.55.37:0
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Sat, 14 Jan 2023 00:30:51 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-67d2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 00:30:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3OAtw8hsN0fTtwo_vwrHeVwXnsYqeJaaqkGDidwlEJRA714Fr3qy9Q==
age: 1950718
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/recommendations/lang/pt_BR.js
143.204.55.37200 OK 5.4 kB URL HTTP/2 c.disquscdn.com/next/current/recommendations/lang/pt_BR.js
IP 143.204.55.37:0
File type Unicode text, UTF-8 text, with very long lines (14161), with no line terminators
Hash d5477ab125a269e5f16513540a124e89
4129bf8dba80599f061a8733636e83d3e674fc1e
6c7839e24e1830f334836329385f234ba0940fbe4145fbf1747cd9b0b78aca84
GET /next/current/recommendations/lang/pt_BR.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 5428
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 05 Feb 2023 14:22:49 GMT
expires: Sun, 05 Feb 2023 14:24:36 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-1534"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T9svymEH8IGkS66kZIS5k5aLLRHsDUca3qiLNZj2KQmonxUPmpsV5Q==
age: 193
X-Firefox-Spdy: h2
disqus.com/api/3.0/threadReactions/loadReactions?thread=9318433015&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.0.134200 OK 1.3 kB URL HTTP/1.1 disqus.com/api/3.0/threadReactions/loadReactions?thread=9318433015&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.0.134:0
File type JSON data\012- , ASCII text, with very long lines (1267), with no line terminators
Hash cb75179b00e0221dd4157aa3b9f4ac60
aea1c3b2cc9d975a879e2f4f04a7c13fa88843b2
baebfece8e79de248617ff059ec08c95404ab3abbb3a9f0108548f4d4e6ac9b0
GET /api/3.0/threadReactions/loadReactions?thread=9318433015&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1267
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=30, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 369050
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 12:49:39 GMT
expires: Sun, 04 Feb 2024 12:49:39 GMT
cache-control: public, max-age=31536000
age: 91990
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:13:36 GMT
expires: Fri, 02 Feb 2024 00:13:36 GMT
cache-control: public, max-age=31536000
age: 310153
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.0.134200 OK 3.6 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.0.134:0
File type JSON data\012- , ASCII text, with very long lines (3570), with no line terminators
Hash f4a96b8192be65b00645f3e377be9256
86ced5b14db2c2d4cb6b40309f637fcde265f296
ffd12387e51d80bd6c9fa1f8f3aa409446c13d1dfdee8871f955c70b7b78e248
GET /api/3.0/forums/details?forum=filmes-online-hd-2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3570
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
143.204.55.37200 OK 8.2 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Hash 89ff513465e139d86c4a052f02d6dccf
781461f90f66ca20682e27f9062eabb4acfac039
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
GET /next/current/publisher-admin/assets/img/emoji/upvote-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8170
date: Sun, 05 Feb 2023 14:19:11 GMT
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
etag: "63dbf9a5-1fea"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Feb 2023 14:24:11 GMT
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ImgHjQCnn2r1FG_fkbxBgtLHczMsiE-ARRiPWnD2Rrvsg8_UsLxXoQ==
age: 218
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
143.204.55.37200 OK 8.9 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 80ec843281e6130a88e665c83c2c12d5
9c5f6596db508919719447b155b2483acf455918
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
GET /next/current/publisher-admin/assets/img/emoji/funny-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8883
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:21:46 GMT
expires: Sun, 05 Feb 2023 14:26:44 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-22b3"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5wXjnN_pElrN3QznF4lpg30imcyUknfGvuXfColOzx126onm4Zorg==
age: 65
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
143.204.55.37200 OK 12 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 11d71f65e58bb5c9afb8534ba31c6f75
f6eda383c77467a03c7d8420e632f1a52840323d
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
GET /next/current/publisher-admin/assets/img/emoji/love-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11910
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:20:21 GMT
expires: Sun, 05 Feb 2023 14:25:17 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-2e86"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9WSzzICCgVnw2Yb8FHKC1gxSfMp7dRqFE8GQ5nZ7zikSJKtoVitb7w==
age: 152
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
143.204.55.37200 OK 7.3 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 13431b9bca0ec3070b4277d7162d0755
7b2f254ac0fdf367c35f4c8dd4b14de44aedde52
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
GET /next/current/publisher-admin/assets/img/emoji/surprised-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7308
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:21:46 GMT
expires: Sun, 05 Feb 2023 14:26:22 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-1c8c"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qrZczo9y2wVwXmQfGg_oRmE2wUuEGqM5ofxKhSNhq3E54gxm-xTj7A==
age: 87
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
143.204.55.37200 OK 21 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash b45cab9606431ca5a8bf31869d1a6961
6e8a52f738ef316270abc1a3ee10be6531432d62
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
GET /next/current/publisher-admin/assets/img/emoji/angry-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20675
date: Sun, 05 Feb 2023 14:19:24 GMT
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
etag: "63dbf9a5-50c3"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Feb 2023 14:24:24 GMT
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RYdl3borGmS2UIFFOSGCn8PaCil9IDbBxWcye0bVljI0NlEg24SbWA==
age: 205
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
143.204.55.37200 OK 9.0 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
IP 143.204.55.37:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash e84a77b79c9a1423d57ef6cf7f6bb2d9
5877e999ab7ac53cce47c2de47311cb203834a0c
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
GET /next/current/publisher-admin/assets/img/emoji/sad-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8986
server: nginx
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:22:31 GMT
expires: Sun, 05 Feb 2023 14:27:31 GMT
cache-control: max-age=300, public
etag: "63dbf9a5-231a"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V1rJgox1TqidFn-k-w_X1YTc2lTx0Y4kT6F7KyJTKWtMH8TXRCUpHA==
age: 18
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=9.621254012524915
54.230.111.39200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=2&rn=9.621254012524915
IP 54.230.111.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=9.621254012524915 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 Feb 2023 14:22:47 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PwuUzlip6O2tz65OoFwdTfNHGNkqg7yA85coCZDXJnfen_2oB61a8Q==
age: 2
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=1&rn=9.621254012524915
54.230.111.39200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=1&rn=9.621254012524915
IP 54.230.111.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=9.621254012524915 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 Feb 2023 14:22:47 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jpMptmVrZaawxpcasVO57blx1qcUY8iiEplCR3nKP-QkBRDTIOTfwQ==
age: 2
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=270&event=init_embed&thread=9318433015&forum=filmes-online-hd-2&forum_id=5469845&imp=564lrc623rpgt3&thread_slug=assistir_the_immaculate_room_dublado_e_legendado_online_gratis_filmes_online_hd_58&user_type=anon&referrer=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
199.232.196.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=270&event=init_embed&thread=9318433015&forum=filmes-online-hd-2&forum_id=5469845&imp=564lrc623rpgt3&thread_slug=assistir_the_immaculate_room_dublado_e_legendado_online_gratis_filmes_online_hd_58&user_type=anon&referrer=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
IP 199.232.196.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=270&event=init_embed&thread=9318433015&forum=filmes-online-hd-2&forum_id=5469845&imp=564lrc623rpgt3&thread_slug=assistir_the_immaculate_room_dublado_e_legendado_online_gratis_filmes_online_hd_58&user_type=anon&referrer=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Cross-Origin-Resource-Policy: cross-origin
disqus.com/api/3.0/discovery/listRecommendations.json?forum=filmes-online-hd-2&thread=url%3Ahttps%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.0.134200 OK 5.4 kB URL HTTP/1.1 disqus.com/api/3.0/discovery/listRecommendations.json?forum=filmes-online-hd-2&thread=url%3Ahttps%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.0.134:0
File type JSON data\012- , ASCII text, with very long lines (5443), with no line terminators
Hash 16faf657a312dcdb5e49fe0efa0eb0f4
77fd5d38f2937789493cbcef0e64932cf24b071c
bc2bf8b729d2e640df9a06448206b41219a1b9bc3fcfdddcc7c42c08e3602749
GET /api/3.0/discovery/listRecommendations.json?forum=filmes-online-hd-2&thread=url%3Ahttps%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://disqus.com/recommendations/?base=default&f=filmes-online-hd-2&t_u=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2Fthe-immaculate-room-player-1&t_d=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD&t_t=Assistir%20The%20Immaculate%20Room%20Dublado%20e%20Legendado%20Online%20Gr%C3%A1tis%20-%20Filmes%20Online%20HD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 5443
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 05 Feb 2023 14:22:49 GMT
Age: 0
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-assassino-perfeito.jpg&key=2AfrA4YxMFQozXVbRjmoNQ&h=200
143.204.55.37200 OK 7.3 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-assassino-perfeito.jpg&key=2AfrA4YxMFQozXVbRjmoNQ&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 133x200, components 3\012- data
Hash ed0c63212554479b8f261ae8bafb7b61
2bf84c31f7526eb276504561a41d2c8a168e0e72
2d88e2dfa182e4ff210bf9f16f55c84d919f2e82fee9eb33c41f857d897f1b39
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-assassino-perfeito.jpg&key=2AfrA4YxMFQozXVbRjmoNQ&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7285
date: Thu, 26 Jan 2023 04:15:03 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqI8gL%2Fi8bMMdMBiVLSoE20ARnVF0xSOFjJi7vdFymDXQs7iMqIDlXAcKy991j4V%2BFH3xbEO%2Ba570pfzb4tiPRfXrJ5yebu72KPF96kUeiuamTW2gQEtnzlWyw0SbZY%2FJhA07N6Q1gXrActRPGvrLFtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 25 Feb 2023 04:15:03 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lWq341sUPnsY1SLugNVfPEkc_a57PwxBEUPsX_cvAHlVw6UVA6Qlhw==
age: 900586
X-Firefox-Spdy: h2
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-predador-a-cacada.jpg&key=DkKRrtzrvZ8beSwLaM38VA&h=200
143.204.55.37200 OK 5.6 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-predador-a-cacada.jpg&key=DkKRrtzrvZ8beSwLaM38VA&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 136x200, components 3\012- data
Hash 33832ff12fa6311a118b67fa0739730f
72ef0cbf0e0b0dfb7ae0a314ae5df50a44369741
30df550aed4c26bb7e50d17b121113ef75e8caa7d752eba8d67f18787f072a7f
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fo-predador-a-cacada.jpg&key=DkKRrtzrvZ8beSwLaM38VA&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5617
date: Sun, 15 Jan 2023 00:38:46 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6EI06fQD%2B9Ospa5CL3htAv04QACZx5rAwO5Ve7IJ45xJOTYM%2Fyfszj1nkCdfuATAUhHmDz5UwgMa50MyhFi%2F6NQL5aXUYfEJuWAHL7jvy3uOThF8AKsXcgFcb5JxDc8AGL3oJSZVliRIYYm0YpUMh7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Tue, 14 Feb 2023 00:38:46 GMT
cache-control: max-age=2592000
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZAu3LbZ0QfSG_dwNwN2IBlsKV6Skj8VPMzyYb49KGqSiHyekA_qOyw==
age: 1863843
X-Firefox-Spdy: h2
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fa-fera-2022.jpg&key=WoC1NMW_FcVu2fcOgSpOrQ&h=200
143.204.55.37200 OK 5.8 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fa-fera-2022.jpg&key=WoC1NMW_FcVu2fcOgSpOrQ&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 133x200, components 3\012- data
Hash 8a2dd779c5c4a184ed3f06aaca1ba678
eebc65860f0b800f9364d6861b9c85dbb05691b1
70cd61d84a9655fff8e8f21a8a1576784d96f4f52735a1ca0b139ba14d0ed0b4
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fa-fera-2022.jpg&key=WoC1NMW_FcVu2fcOgSpOrQ&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5791
date: Wed, 25 Jan 2023 08:34:07 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyehh9kThmHz93O%2BqHwVylLIntylcMrgRTNZup7XszFxllDs5uQtZ2iwYT%2B8K2yva9qTAD4cJEo%2BD%2F%2BHa0qAD8skBR4kc1DaanK7aw6%2B7btYt1rBKNIM0UDBkLyDYk8K5aYcJF%2FWzK3rizfNooBzmLig"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 24 Feb 2023 08:34:07 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UAeDmGh4YahyYNA0dZ4faj3P1374Pu7nZNdiYxQKdcDlYlRh6rnZyQ==
age: 971322
X-Firefox-Spdy: h2
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fjurassic-world-dominio.jpg&key=S2TGEYbEu49H5sjimWdJVw&h=200
143.204.55.37200 OK 8.3 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fjurassic-world-dominio.jpg&key=S2TGEYbEu49H5sjimWdJVw&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 138x200, components 3\012- data
Hash 03357b9745b492391edb786f423f9959
43e71f8ef482b7c91f38260760fe4ad7fdecd013
d9859e14a7ffc210a11812a701782011e1693b06eead11804c70e72731db7fc5
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fjurassic-world-dominio.jpg&key=S2TGEYbEu49H5sjimWdJVw&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8273
date: Thu, 02 Feb 2023 02:09:00 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrjPF%2Fto0uNHGuQbpAtkjLNwpKpCLNfmmGVzkAiHNEoE2cPSicqOfayUGQorDpUuzsdTWmzo2o35XPDDCt0jaAWaxCI1EqmXxdeU19xmuuvXawUgu8sBcoufHz8EAevH32dvWQL%2BZXdCzypmvv87HExT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 04 Mar 2023 02:09:00 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QDGwp5Z4Pwi92P-Ggby0kAZEkjzLH3gtJYM5DqycFg25xaOCCBxycw==
age: 303229
X-Firefox-Spdy: h2
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fsnatch-porcos-e-diamantes.jpg&key=2a-BrpirRRDf1ShGqX560A&h=200
143.204.55.37200 OK 9.2 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fsnatch-porcos-e-diamantes.jpg&key=2a-BrpirRRDf1ShGqX560A&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 137x200, components 3\012- data
Hash 44982bb9c1897773591fe293974d823e
77136e394b46982c94cea3af85109fe88f6b821c
5eafe12e619d7be7d1dc2210518957d49dce8292253783785fac2608bf7dc620
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Fsnatch-porcos-e-diamantes.jpg&key=2a-BrpirRRDf1ShGqX560A&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9201
date: Tue, 17 Jan 2023 00:23:51 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IUs9WSwVDd7KuAAKKnfJpa6GgWCX5mJGAuvieUcIM7M93CquG%2FVfKyZT%2BDTM6QQPZeRaIh0yUsiX0NhiJu1ENLMhS8pFClH1190Y0zQ8mztl9bzwz3wACGcqS4AW4dI6md3eCvI%2BPdiRiODBdGchQnb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 16 Feb 2023 00:23:51 GMT
cache-control: max-age=2592000
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jz5hL0Iwc17r69KOc-u4VFrgXjvN2QX-ABRfg1k8YO-EnIPk86T-ig==
age: 1691938
X-Firefox-Spdy: h2
c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Ftrem-bala.jpg&key=4tYqMOkeHD-7FJVAI0tEMg&h=200
143.204.55.37200 OK 8.7 kB URL HTTP/2 c.disquscdn.com/get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Ftrem-bala.jpg&key=4tYqMOkeHD-7FJVAI0tEMg&h=200
IP 143.204.55.37:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 134x200, components 3\012- data
Hash 58784b3d8a3a88c7b0bc79c128503122
24a037fb827bee863e3f7805756f32f5d8a83f15
f2f19d68eed4421df1cdd7403e9b25eaf50b6086cd303c8fb3e1cad57f4811a6
GET /get?url=https%3A%2F%2Fwww.filmesonlinehdgratis.com.br%2F_imagens%2Ftrem-bala.jpg&key=4tYqMOkeHD-7FJVAI0tEMg&h=200 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8721
date: Mon, 23 Jan 2023 01:28:15 GMT
server: nginx
platform: hostinger
content-security-policy: upgrade-insecure-requests
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXO89Nyw5UCw%2BbsIpzGoH%2FGLIRaxkixKO8o8OljiaSwoZpUgnWKNjfOAkB5iuFjtK1WxJyTWJtfLJwIzaXTA2eZ3SRYEhYaOsxJxtIuZkkDP1AJlIvpq1JgBZoCE3OmcFRq16nXiYcNxW1pCKUCIyepn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Wed, 22 Feb 2023 01:28:15 GMT
cache-control: max-age=2592000
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eNHV_tgqEuHbkVZES5MKrAE_pPUom5ck6OjR7foO5JfWik7R94qU9A==
age: 1169674
X-Firefox-Spdy: h2
links.services.disqus.com/api/ping
199.232.196.64200 OK 299 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP 199.232.196.64:0
File type ASCII text, with no line terminators
Hash c4bc7e5af6ef1a73edac7bb5be764c16
6370af4ab2de725c2da0ed5424f6b67b7594407d
cdd733713095a9b6cbe3c3cd7ce4f405e662353efb7831f7b1278b8c94d851e2
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 175
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 299
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filmesonlinehdgratis.com.br
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sun, 05 Feb 2023 14:22:50 GMT
Set-Cookie: vglnk.Agent.p=3c7e2907e683f49dba541e2b0730aa0d; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
199.232.196.64200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP 199.232.196.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sun, 05 Feb 2023 14:22:50 GMT
Set-Cookie: vglnk.Agent.p=0adc8c004620ccc2cdc780bc2b1e7ec7; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
links.services.disqus.com/api/domains
199.232.196.64200 OK 41 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP 199.232.196.64:0
File type ASCII text, with no line terminators
Hash 8d4e640f6bcc03be1e8eea49d29d717b
2433a34533e0b80edb5de3d4bd17c1828a7f9fe9
c0b035bb5b176fad3e85a87b19d7a7075c352240450331ed43477e3c2463dd2d
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 439
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filmesonlinehdgratis.com.br
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sun, 05 Feb 2023 14:22:50 GMT
Set-Cookie: vglnk.Agent.p=5a477b8fb6151f9258ba8c0ca328844c; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
links.services.disqus.com/api/domains
199.232.196.64200 OK 42 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP 199.232.196.64:0
File type ASCII text, with no line terminators
Hash 62d59a15100cb18204fa7915d2e305f2
cf8a78ef710454b5132f7ab7acdcbaa06c77331f
d887bfa5e9d3c97f34f13832983414deeb643e953ff7ef23646ea2965e78ba4d
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 194
Origin: https://www.filmesonlinehdgratis.com.br
Connection: keep-alive
Referer: https://www.filmesonlinehdgratis.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 42
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filmesonlinehdgratis.com.br
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Sun, 05 Feb 2023 14:22:50 GMT
Set-Cookie: vglnk.Agent.p=7ead8b97945e160ee7102addff656615; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Mon, 05 Feb 2024 14:22:50 GMT; path=/
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash a57aa4850b1028b21aba75d6de765474
6a23b46c8764db53cba5d02a63cf4694bf3ffc0d
aa671b5016d7363e1f31f8474d028073ffdabe20ec7b6f45ed1d1a0e49d75e8e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:22:51 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 09 Feb 2023 10:18:16 GMT
ETag: "6a23b46c8764db53cba5d02a63cf4694bf3ffc0d"
Last-Modified: Sun, 05 Feb 2023 10:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 583
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c4cf25ad30b3d-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2850adec4b7649ba84fc5290630e272b
79bc5a6501c5f7b5f2484e8efcc3bc25ea374d52
897d93db14c2787cc9d5bf21e3caa95845b39342baed88d4dd48f6be4d2285a9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:22:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:05:59 GMT
ETag: "79bc5a6501c5f7b5f2484e8efcc3bc25ea374d52"
Last-Modified: Sun, 05 Feb 2023 11:06:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1225
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c4cf29b17b51e-OSL
counter.yadro.ru/hit?rhttps%3A//www.filmesonlinehdgratis.com.br/;s1280*1024*24;uhttps%3A//hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09;0.8388816738508934
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?rhttps%3A//www.filmesonlinehdgratis.com.br/;s1280*1024*24;uhttps%3A//hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09;0.8388816738508934
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?rhttps%3A//www.filmesonlinehdgratis.com.br/;s1280*1024*24;uhttps%3A//hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09;0.8388816738508934 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 14:22:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
hqq.to/js/video.counters.2.js?117
190.115.19.71200 OK 74 kB URL HTTP/2 hqq.to/js/video.counters.2.js?117
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash df4f09d025b094e932d719b314888864
856208c463f3c54a4d3025688001ecc6c95bcf0b
77b8d3cf67f6445c88bb9ee30e124c044f0f3a6d015ac56a995eba292b996c17
GET /js/video.counters.2.js?117 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug; dom3ic8zudi28v8lr6fgphwffqoz0j6c=caaea8b1-7677-4eab-83cb-40ba30682df5%3A2%3A1; sb_main_ab0be2a44b7ecf91bdbd5cd360d84937=1; sb_count_ab0be2a44b7ecf91bdbd5cd360d84937=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=subscribestormyapprobation.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 14:22:51 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 05 Feb 2023 15:22:51 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hqq.to/js/embed.205.js?736
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hqq.to/js/script-2.12.5.js
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Cookie: uid=ojGwgPQeO6o9N5K-vDR3Qz-S3nuOqfug
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
www.filmesonlinehdgratis.com.br/the-immaculate-room-player-1
172.67.206.135200 OK 0 B URL HTTP/2 www.filmesonlinehdgratis.com.br/the-immaculate-room-player-1
IP 172.67.206.135:0
GET /the-immaculate-room-player-1 HTTP/1.1
Host: www.filmesonlinehdgratis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: text/html
cache-control: public, max-age=86400
expires: Mon, 06 Feb 2023 14:22:45 GMT
last-modified: Sat, 20 Aug 2022 14:05:18 GMT
vary: Accept-Encoding,User-Agent
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80GMxt3sFZLdKQuBoqZq1UOm9d2bgN%2B0zcUtNxWWAKBgU9pYtqQeIQMHuNIlLWROO8DYCRSqih7y15qijMNHoWRl59i55V%2FjJXRevEZHBYAcmU%2BVo2AQXc%2BnB7uICzjjyFR4Qt%2BGzJRnlOfNOc93Il%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c4ccafbe41c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.to/js/websocket_ip.min.js
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/js/websocket_ip.min.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/websocket_ip.min.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hqq.to/js/adv/fuckadblock.js?2
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/js/adv/fuckadblock.js?2
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/YU1RcHh0MzcrY1VROFY1dmVGbmk0dz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.138:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 14:22:47 GMT
date: Sun, 05 Feb 2023 14:22:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
172.67.204.243200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 172.67.204.243:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:22:45 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJTpSbhcS19QoyONC1t493%2BrBvJNEmAM93liaAUhFEdgFSY29xAtPb73EmkWltkDMQV%2BO02fmadS65V2SnOeI9YrkXfNVTDMfO3x9c2Qo5EFWqeO51LWNu8SVbpu0vX4JPoTTGw2vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c4cd06fee1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2