oyn.at/fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy
109.71.253.25301 Moved Permanently 368 B URL HTTP/1.1 oyn.at/fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy
IP 109.71.253.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 03caaf82cb9b7ca5c12a06e4876b4577
6c30564229af26dc716e3e8d609bdfa4bd1e14af
3f9ba25ad3b3c5345dc4807c427f9c9082ac5f3f47eddc2efdd7d6341f2110a6
GET /fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy HTTP/1.1
Host: oyn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 16:22:29 GMT
Server: Apache/2.4.38 (Debian)
Location: https://oyn.at/fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy
Content-Length: 368
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6272
Expires: Sun, 02 Oct 2022 18:07:01 GMT
Date: Sun, 02 Oct 2022 16:22:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3ffc494014d1d1ba7644f6707a2cf696.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: oLBE0YDPYH6cPjbarvaX83zeHZzB8TiFKvBf_VgxuXXUUhSTauXalw==
Age: 1158
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 7309328e91f012108061822748228b68.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: x12s3ZMScZP-73AfXHUQkdE323nKAXApknxEy-pUvO4vBB7YiiUqqw==
age: 46154
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c476903d6890cda9f5627833c2af273f
f8e17ee3e41fd467283e544829c4f62c21fc04dd
32900f078930abd6581740e37fa0f50d90fffc51fc7b89e7997e7b7582594e32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32900F078930ABD6581740E37FA0F50D90FFFC51FC7B89E7997E7B7582594E32"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14776
Expires: Sun, 02 Oct 2022 20:28:46 GMT
Date: Sun, 02 Oct 2022 16:22:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Cache-Control, Alert, Last-Modified, Backoff, Retry-After, Expires, Content-Length, Pragma, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 15:32:53 GMT
Expires: Sun, 02 Oct 2022 15:32:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 507372273c5029d1ae2439349f7f1458.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: gkARYsDURCu5t64-3zjoP1iMg3POd2pbIT5JDcaqHBhjlcnEccVx1w==
Age: 2977
oyn.at/fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy
109.71.253.25302 Found 90 B URL HTTP/1.1 oyn.at/fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy
IP 109.71.253.25:0
File type HTML document, ASCII text, with no line terminators
Hash 5f9a7d5b08db237e8c50ba0848f5d8cf
6d9b6da1f4826c239ee06b8f2856aac0c088c22d
be306d6db5143502c91ddeb36fef8b1b7567dc8d8e5e070b061a1cca76871b5e
GET /fsj9?fbclid=iwar3uzuoqjpxdhdm3f414s-l1sn6thbgl14xukde5tb1kmo1nmfotq7tauvy HTTP/1.1
Host: oyn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 16:22:30 GMT
Server: Apache/2.4.38 (Debian)
X-Powered-By: Express
Location: https://daytr.us/d/45eb
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 90
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:30 GMT
Last-Modified: Sun, 02 Oct 2022 14:38:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75fe9ee83b01bb652e018c58896a3a05
2c013a8a23c1acf8ff799a7ddd4719022d821bbc
ad171d3c21f09ecd37996d0495e3599984a0c053ddc3305662d2b005fcef4368
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD171D3C21F09ECD37996D0495E3599984A0C053DDC3305662D2B005FCEF4368"
Last-Modified: Fri, 30 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sun, 02 Oct 2022 22:21:40 GMT
Date: Sun, 02 Oct 2022 16:22:30 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TH1wisau776maGJkHpq21A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qG+lVDsLKZ/aHFmIIjoKeO/4dDc=
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9763e0f48ec3a995a013b00af815e105
f662fe882c61a25936845a553afb50eaf1024864
a45536d5cb99bcdfcc178fe7cb50c444643cb849f274116ce928031e02e0e3c5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A45536D5CB99BCDFCC178FE7CB50C444643CB849F274116CE928031E02E0E3C5"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Sun, 02 Oct 2022 22:21:58 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9763e0f48ec3a995a013b00af815e105
f662fe882c61a25936845a553afb50eaf1024864
a45536d5cb99bcdfcc178fe7cb50c444643cb849f274116ce928031e02e0e3c5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A45536D5CB99BCDFCC178FE7CB50C444643CB849F274116CE928031E02E0E3C5"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Sun, 02 Oct 2022 22:21:58 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js
104.17.24.14200 OK 5.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js
IP 104.17.24.14:0
File type HTML document, ASCII text, with very long lines (14586), with no line terminators
Hash f44dd83db06c80bfde06118ae8acde77
42e5c552dc09f431aec9bc7960ffd96677332a4f
aeb59d15e7f5061f8389180bcec7bb9a48c830b1f8a7207c8bf1592be1ee9a1b
GET /ajax/libs/modernizr/2.7.1/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 5231
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-38fa"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2072941
expires: Fri, 22 Sep 2023 16:22:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7LefgAiGfbz4NaEpQOLszp9i5XyovxTAV4jAHwp%2FU3Gb0eleR%2FYT8s5XbFTMbCvvUNirnrlxaGNHKfXJlmfXUkge1tUwetIYwivmBoN69XBv4WQwo0MMznh4EegEF53j0QpaFlr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 753ec6fee836b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
i1.wp.com/image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450
192.0.77.2200 OK 30 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 422a6e30d0061f71f165a9c7629cf61d
1c22b6a9d7e4426b7ec9189ee678c0e16d3d435e
952cbd36f4cc6c7cf0cbcaa8d3b74df7ea3df71238f2487ce5156ced83e92186
GET /image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 30398
last-modified: Fri, 16 Apr 2021 21:13:21 GMT
expires: Mon, 17 Apr 2023 09:13:21 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1b3c40978f07fe83"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450
192.0.77.2200 OK 24 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d9cc67dacd0187701fd2d22f0017818
97b062b454d56c346a7a9a39532f49d1c3525cc6
4b059a798c75b1ef790cdb7912c8b8552c0d63580d6bb75e74c504f5bcba3ffd
GET /image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 23532
last-modified: Sat, 09 Jan 2021 01:02:35 GMT
expires: Mon, 09 Jan 2023 13:02:35 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88583ac70f7d7ae9"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450
192.0.77.2200 OK 10 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63af2b9b2cc410613d6eec455dedb4e3
52dc791bb3a669b62fbe273dc3e1994e1deb5cd4
90b4238b246ed28238c528776e6427a1d35db118fdf5ff6c15ad0cdf4e58885f
GET /image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 10056
last-modified: Sat, 20 Mar 2021 19:24:17 GMT
expires: Tue, 21 Mar 2023 07:24:17 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7f96c2e18a6c4ade"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450
192.0.77.2200 OK 21 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3663feb339ae0cdf7c3ddc46f3c9343f
fee86d19c2c1dfcda2b3b6042f6bcab82f27776d
b6f26e5047aefd05d5665b0abc5dc81019c81a1197483f6d009cbb53dcff5975
GET /image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 20976
last-modified: Wed, 31 Mar 2021 13:00:06 GMT
expires: Sat, 01 Apr 2023 01:00:06 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "dad619008a004313"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450
192.0.77.2200 OK 13 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05033a25184263ac705509a42cb8bf44
10d8fe575e6852c40b65ebbe18947127111eb21f
6c42e93d166cfa6cfaf33281e2b390f7b4b9f0def66170b0fb71f8122aeefa77
GET /image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 13358
last-modified: Sat, 10 Apr 2021 08:23:46 GMT
expires: Mon, 10 Apr 2023 20:23:46 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a47f197f05a08c56"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450
192.0.77.2200 OK 9.7 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a119e03763dc502493c3b1128eb3fc3
e5090c2d20f9cc7651a0e53c6310081f9c1a0e62
ee2b5f639c6f708d5d19d129e0ceff4d47d28817ef5f9aab7b7c928439c6cd12
GET /image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 9670
last-modified: Sat, 17 Apr 2021 16:24:09 GMT
expires: Tue, 18 Apr 2023 04:24:09 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "804d0c58aef9adb8"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450
192.0.77.2200 OK 22 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ca1594545d5c7f2b41ada40d30150b3
149703fe206cd56fefcebc35b67bdb8b8aa8c75d
4e2bee3ee916aeb7b8a7e3642e4797b8971af56662d0a01d7e5696e3bc1f8956
GET /image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 21508
last-modified: Wed, 03 Mar 2021 01:54:07 GMT
expires: Fri, 03 Mar 2023 13:54:07 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a908ad21415aee00"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450
192.0.77.2200 OK 6.7 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e18414f04728e6bd60af71ff67a2136c
8fa93f11505b80d469c7e8ea2cd6d2a3f3005d9f
d097fcaaa1589c3fe973e2f4120aaf0ac1050b72724f15a6135e7d02bd6b8d0b
GET /image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 6652
last-modified: Sun, 04 Apr 2021 08:45:38 GMT
expires: Tue, 04 Apr 2023 20:45:38 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8bf501776e84cda1"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450
192.0.77.2200 OK 19 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77b3a672a3b5cbf1d73b3e9f38d76845
51b7381cde2493dadbcd7c5785e29653cf1440fd
4ce9c9a06c90d58fd8b01ecd7c7f3152f59dd3a7d7dc4d7950766b4b6727fde4
GET /image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 19336
last-modified: Thu, 15 Apr 2021 14:07:51 GMT
expires: Sun, 16 Apr 2023 02:07:51 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e208b3080d0647c5"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 02:16:22 GMT
expires: Sun, 01 Oct 2023 02:16:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 137169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450
192.0.77.2200 OK 4.5 kB URL HTTP/2 i0.wp.com/image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccbf433f5c46f5d29060bff84734c9b1
9019cfa32844d6c2b622dd41e6a27bd77f3c5017
37b0164b97b83e3f7add8a68a39c0e2940deaa377e7217a0cfc1bf38d00cdce6
GET /image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 4548
last-modified: Thu, 28 Jul 2022 07:32:22 GMT
expires: Sat, 27 Jul 2024 19:32:22 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "10c9bc9ae4a8d24b"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450
192.0.77.2200 OK 9.5 kB URL HTTP/2 i0.wp.com/image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84bfa15100282b2073b83b8ed75b20c9
30d010f199b94394f8cc567e8d32d2504e0a24b2
8fe734340d1d12d1da2cd03d31e69a9acddcfafabe325476b36377f5662f3da6
GET /image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/webp
content-length: 9492
last-modified: Wed, 25 Nov 2020 19:51:03 GMT
expires: Sat, 26 Nov 2022 07:51:03 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "304533981d5d082b"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98259cd21c37a15ccaabc1f21caf5f80
481cdbdd909c61b6bfb05bc362fe4559b0394f66
081c525e5d12346442b09b59eb0d662415e2f99562c65bb39c9c35b7a598a350
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "081C525E5D12346442B09B59EB0D662415E2F99562C65BB39C9C35B7A598A350"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9603
Expires: Sun, 02 Oct 2022 19:02:34 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
image.tmdb.org/t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450
89.187.169.39200 OK 28 kB URL HTTP/2 image.tmdb.org/t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 5c7a364b643bb5638ad8bf5052239d5e
de930867123c8ebf746c118111cad5c50b019000
b545e9163a9a780c5827deff1d8d62c10a0d8ad0d754b7380a57c49b3cd17ab4
GET /t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/jpeg
content-length: 28308
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bfe7-6e94"
last-modified: Wed, 04 May 2022 18:03:19 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 302
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:32:41
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 3829cd9aeb4124ba2b37824dddc35a3c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 334103
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450
89.187.169.39200 OK 23 kB URL HTTP/2 image.tmdb.org/t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash b21a3636fd2eb3d52f870f7c3125ec6a
a2b3cb6533ec74900938b0786f14be8228c97f43
c8db8be1e1b115efa7aed7e559ca9012824ee4707b164de6369eb1c415e2d475
GET /t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/jpeg
content-length: 23106
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b626-5a42"
last-modified: Wed, 04 May 2022 17:21:42 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/17/2022 18:20:09
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 8cc35955aff146b3ab16dae99ba60e6e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/qcQ7pt0ujePYrFrm4WpeglZfjBd.jpg?resize=300,450
89.187.169.39200 OK 20 kB URL HTTP/2 image.tmdb.org/t/p/w300/qcQ7pt0ujePYrFrm4WpeglZfjBd.jpg?resize=300,450
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 2979e9e1efb40c98cc2b844bf8f36fad
c8d6e930c190ce177000ff76123baebf098e95e8
3a1308cb69fe32eeea61687f24c7dba8ac0ae8aa9ffb77bfe061be19e58d04ff
GET /t/p/w300/qcQ7pt0ujePYrFrm4WpeglZfjBd.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/jpeg
content-length: 19887
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272ef58-4daf"
last-modified: Wed, 04 May 2022 21:25:44 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 332
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:54:27
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 5ac4c6bbe2e9dd55f9fd6216e5fa7d5c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450
89.187.169.39200 OK 67 kB URL HTTP/2 image.tmdb.org/t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x900, components 3\012- data
Hash fccbc1d3d5c0110a7dc61fdcecc423be
12953617d9bf7acbbf42dd6bb8e5b8c5e6e14bcf
e587608ffb29b518c180fa16157c3768aa854ba027636f17ac6b776e6bcbe83b
GET /t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: image/jpeg
content-length: 66669
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b626-1046d"
last-modified: Wed, 04 May 2022 17:21:42 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 323
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/17/2022 18:20:09
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 14fcab71481c173dfa0019f05fd43a51
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5414
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5414
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5414
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:22:31 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:400,500,700
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700
IP 142.250.74.10:0
Hash 0d7a81c39a1a7a66e5a3cbfe6ae135e5
ef7832cccbff90fc9ad0b2a8b51cf75259789883
0d86630148e89755834a27d3e78a127cb36ac9246ab86370bf8570a74ea5b246
GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:22:31 GMT
date: Sun, 02 Oct 2022 16:22:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
Hash b4cc72e2e91301511cbf8d4a88891450
82e621ce48f60dbd105b1e67bb741eeeb5c1d7df
c80b9911715fd1a771204698bc9646487f49fea4ce941f9087f3fe5dbbf83fc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 66835
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 42091
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 66837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ss4zz6K56bzf1oFauX5_GUyy77r5gwLUcEy2GHrxSbBlwaYNjPZuYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:58:03 GMT
age: 66269
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 66835
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 64877
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdd9866b12888cb51ef4abea62c5972e
f37858f4155824035ee96529dfa82fdf0cf7d195
2a855734509898a7f55345b4e7a2587fac4c31a3d1842b4bfaffef81633176e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A855734509898A7F55345B4E7A2587FAC4C31A3D1842B4BFAFFEF81633176E5"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7746
Expires: Sun, 02 Oct 2022 18:31:38 GMT
Date: Sun, 02 Oct 2022 16:22:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdd9866b12888cb51ef4abea62c5972e
f37858f4155824035ee96529dfa82fdf0cf7d195
2a855734509898a7f55345b4e7a2587fac4c31a3d1842b4bfaffef81633176e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A855734509898A7F55345B4E7A2587FAC4C31A3D1842B4BFAFFEF81633176E5"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Sun, 02 Oct 2022 22:22:29 GMT
Date: Sun, 02 Oct 2022 16:22:32 GMT
Connection: keep-alive
acquitfigreside.com/5f/f4/90/5ff4908a8882bc2de4fbbc6047c8997a.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 acquitfigreside.com/5f/f4/90/5ff4908a8882bc2de4fbbc6047c8997a.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37163), with no line terminators
Hash 66117232c4286a749885fcdac0052cce
b74e58419863937dd24d679161d66f3d5b2031d5
2779e86a8157bc377aab673d42ab0cea5186f3f9e4f22d9006a74cc43df02b56
Analyzer Verdict Alert quad9 Sinkholed
GET /5f/f4/90/5ff4908a8882bc2de4fbbc6047c8997a.js HTTP/1.1
Host: acquitfigreside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 16:22:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66119fe42cb08d06bcf98084783dd811
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
acquitfigreside.com/cf/2b/08/cf2b08db9596a9caecd1e228e537d4ff.js
192.243.59.12200 OK 20 kB URL HTTP/1.1 acquitfigreside.com/cf/2b/08/cf2b08db9596a9caecd1e228e537d4ff.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59376), with no line terminators
Hash 53054491afd16e31a05deac0008cdcfd
80d2d238f1c6ca02cf780c8ad73e12f93111ed87
b48ffa3959a5db00bfda3991f42825a25bf55461a3881e0e88dbac8b679e112c
Analyzer Verdict Alert quad9 Sinkholed
GET /cf/2b/08/cf2b08db9596a9caecd1e228e537d4ff.js HTTP/1.1
Host: acquitfigreside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 16:22:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9b6a81e8d87d9a6efdcaf2401c64831
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
108.138.212.95200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.95:0
Hash 606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 16:22:32 GMT
Last-Modified: Sun, 02 Oct 2022 14:46:11 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: 2qE5iLWI_sTPXnwqUlRHBRrbWblfR-zbVmqexeWnlwiiMejllWIQYA==
Age: 5781
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b4a01fa28b7818979653c9b4f3827c
f1281a68d8e452f5d16d561ed601b9b2166dcad2
d22c5e2711704d4e1a30d9fbb9375c0322948fdd4df12d838dfec2c2c3a1df0d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D22C5E2711704D4E1A30D9FBB9375C0322948FDD4DF12D838DFEC2C2C3A1DF0D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3935
Expires: Sun, 02 Oct 2022 17:28:07 GMT
Date: Sun, 02 Oct 2022 16:22:32 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 334104
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash cb029a95104b67bf054d723661edb059
98a9ea7463cff954f214a09aa00b6155b0279a3f
a04799fa98361c78d83f2781724d671eb57d47d924f5959c725b90b248ec0625
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gasstrusflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; expires=Wed, 29 Sep 2032 16:22:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
104.18.11.207200 OK 57 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:32 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/18/2022 19:50:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 72d05d6f0220472d9bfb6645d3ff44d3
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753ec704ba070b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 786a66c481b320cfe3f961c71c496c0a
9f725c830180ee96a2f138fbd1c790d91f0da408
08a6f8630f9115c096e63041ca685d3556a88ed8c5dc57396dbb6ae78e71bd0b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gasstrusflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=9ba443e6-2016-44c2-8ad4-62ccc90133b9:1:1; expires=Wed, 29 Sep 2032 16:22:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b4a01fa28b7818979653c9b4f3827c
f1281a68d8e452f5d16d561ed601b9b2166dcad2
d22c5e2711704d4e1a30d9fbb9375c0322948fdd4df12d838dfec2c2c3a1df0d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D22C5E2711704D4E1A30D9FBB9375C0322948FDD4DF12D838DFEC2C2C3A1DF0D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3935
Expires: Sun, 02 Oct 2022 17:28:07 GMT
Date: Sun, 02 Oct 2022 16:22:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53ba821715c1b94d23a6d941e44bf136
10a1157425505669924ec23fd0c6ba5e6c1358ad
27fde7a839f23f2cd335cfb074b8f504127f03c8a1cc0a217d19059f5b9cc34c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27FDE7A839F23F2CD335CFB074B8F504127F03C8A1CC0A217D19059F5B9CC34C"
Last-Modified: Fri, 30 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1833
Expires: Sun, 02 Oct 2022 16:53:05 GMT
Date: Sun, 02 Oct 2022 16:22:32 GMT
Connection: keep-alive
oblongseller.com/pixel/purst?dl=0&th=0&sc=0&rs=2695&rd=2695&fd=1011&bv=22.8.v.1&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/purst?dl=0&th=0&sc=0&rs=2695&rd=2695&fd=1011&bv=22.8.v.1&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2695&rd=2695&fd=1011&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 16:22:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d34813a601de7f54acb0ab703f0587e
7974adb0c6a4fe8f04a90d0250737a9f2b78f45e
7d3aedf73cb63e9ff961dad6d73041f9871420cd7920ff31dbe9d146b91618e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D3AEDF73CB63E9FF961DAD6D73041F9871420CD7920FF31DBE9D146B91618E4"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18306
Expires: Sun, 02 Oct 2022 21:27:39 GMT
Date: Sun, 02 Oct 2022 16:22:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47199b2e26855c9209e824540b6e5da1
4bd06f063bdc4e05e8de0f6631a7fcb45fd9ebbc
09110c6a8600063789ccddd45094b3799f08c945cf9c31e60f80dee10e1e166a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09110C6A8600063789CCDDD45094B3799F08C945CF9C31E60F80DEE10E1E166A"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8732
Expires: Sun, 02 Oct 2022 18:48:05 GMT
Date: Sun, 02 Oct 2022 16:22:33 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.139.164200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:33 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11b4ba356f4aa478c91965675de31fa8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b7e61728ff6d4bf88bbdbe856287f09
1a6c4fa5ae582cfb3eca4b31d86e13085135dfc3
969e380918ef88c2ef942606d4e9fed7e97f828bc419ae840b12bb5be1dc28db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "969E380918EF88C2EF942606D4E9FED7E97F828BC419AE840B12BB5BE1DC28DB"
Last-Modified: Fri, 30 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18989
Expires: Sun, 02 Oct 2022 21:39:02 GMT
Date: Sun, 02 Oct 2022 16:22:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b7e61728ff6d4bf88bbdbe856287f09
1a6c4fa5ae582cfb3eca4b31d86e13085135dfc3
969e380918ef88c2ef942606d4e9fed7e97f828bc419ae840b12bb5be1dc28db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "969E380918EF88C2EF942606D4E9FED7E97F828BC419AE840B12BB5BE1DC28DB"
Last-Modified: Fri, 30 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18989
Expires: Sun, 02 Oct 2022 21:39:02 GMT
Date: Sun, 02 Oct 2022 16:22:33 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:20:30 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 338526959
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
disreputablegenuinelyhonorary.com/sbar.json?key=5ff4908a8882bc2de4fbbc6047c8997a&uuid=79072c55-f57c-4af3-a39a-0c351d915340%3A3%3A1
173.233.137.60200 OK 4.0 kB URL HTTP/1.1 disreputablegenuinelyhonorary.com/sbar.json?key=5ff4908a8882bc2de4fbbc6047c8997a&uuid=79072c55-f57c-4af3-a39a-0c351d915340%3A3%3A1
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (5710), with no line terminators
Hash 000705c2f0f23dc240eb0ae5b0bf90fe
60b37def62ea0cb33ea1afc8d52517952bb4f959
df943087ce5b8d04ca1863466e7d021f723e0794539c804e0a7dc8785606456c
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=5ff4908a8882bc2de4fbbc6047c8997a&uuid=79072c55-f57c-4af3-a39a-0c351d915340%3A3%3A1 HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://gasstrusflix.xyz
Access-Control-Allow-Origin: https://gasstrusflix.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17453004; expires=Mon, 03 Oct 2022 16:22:33 GMT; secure; SameSite=None
uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; expires=Sun, 09 Oct 2022 16:22:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 16:22:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 16:22:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 03 Oct 2022 16:22:33 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 03 Oct 2022 16:22:33 GMT; secure; SameSite=None
slec5ff4908a8882bc2de4fbbc6047c8997a=[3364845]; expires=Sun, 02 Oct 2022 16:22:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ee249af2175f9d49b8b1b1e2f51a277
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s10.histats.com/counters/cc_511.js
46.105.201.240200 OK 6.0 kB URL HTTP/2 s10.histats.com/counters/cc_511.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (14926), with no line terminators
Hash e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:13:42 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 416710802
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 090d6f5997424542ced6b008ffe0f9fc
d98cf113ac317f717a71e02cc8f01ed2f77fcf8a
dfc175af8c6f637410e02f60754fdc6e3cdd6fa080c3cd7a704e50d1cb52fcd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:22:33 GMT
Last-Modified: Sun, 02 Oct 2022 15:13:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
disreputablegenuinelyhonorary.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdN5FAcAL1AlLRHjiAIBvb%2B8NreiiEEBSRNlULKjcYz9ibIWOPNeNZb%2FYUUYF6XMQ%2F4LxNGhUqVCROSFRoU6mgIKQupxzIf8ABIfXEAe02YuG7fO%2F5vcPz%2B%2BbzPXtKXFh6snpZDYSUdLlVd2uvfOh5F2sbIrP9Wr%2FT%2FqjdvFjTvTfCdt19tfZuzLbVsu96ruu5Xm1N6DhR%2FeWpCJHfDb166Nabft1rNdHX%2F%2BfGOjDUAe%2Bdkuch%2BGTxgXMego2RpfdWY7NdqPz1d1IraaE0evzwg2w7U2WGdA4T7SDJDs%2FcUObR2n2o7GAWF6r3rzESE%2BI8vI8oOzwLiai3P8sZScQZIv4syt4YsRxD0DGYugnBHxGAcVzZRJbevqJ0SXeeqHSqTsji478gyglZ%2FP08svSbFSn6tetK2kKozKCfVBD9MUR3jNweoRicgyiPwIpPIfivZPnxBrJ0f9NIBcFPXg5CN%2FBZq7WUtAK21KRJY4k2QrrkskbL46HXajTdWUFCjCGSMWQ8BDULsMaBFQ5s4sDmDlJ%2BUmOe5wUuZ9TthIw1eBBHbe56NEg86rntDiyb%2FsMQRT4Ek0MwvYtc72JbDKHtjzBbFQx3YAqCHq9QxgSlISgpQSkIyoKg7FUHXBrfVLe5NDbyzrZ%2FthvVSBXdPXqgim6ckb38lDw3Lc55ZvMXbMcntVaSNEO3Qzudjh8xn8fNJIpY220GrBOGAYURFYQ5B2ocDMSEXHjzNeRiQp768idE9AhGHoEJB9ReAC1Hge%2BCbo2aHReD7F6XGlNoaxIp%2BvX%2BzgBcVciLRRQ7zp48JS%2FMjti48Qdidnzp4%2Bjy5M87f4PpCrmu8Il4QNCVt0bXVEn2r6nSkG8380KkYkCnB75e0CJe%2BOq9eKdUmq%2BvmuGdt9hUmMK778em2KAZF1nXkK9XBOexXlOaxeSHdXMjjq5as7VidWbzjatvr62nuY6NESobg4oJIQ%2BPwcSEPP3dweztvvhZCaHH0LZCao%2FJ2UCoI7B8Fyaf5zdqAVrOPVHuoLTVSPvR%2FKMUBDKecxpVMP%2Fh0RzvmVvo6pdAi5vI0go9XaEnK1A5hLELoyLXx5d%2Ba8wGkXRGkdTOfiS1%2FOJJuUac1IJGw6XtsOUFAY2DqOl3krbHKfWbbb%2Fdpg0UZsLC73%2F%2BBwAA%2F%2F8BAAD%2F%2F9xHu7uGBAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 disreputablegenuinelyhonorary.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdN5FAcAL1AlLRHjiAIBvb%2B8NreiiEEBSRNlULKjcYz9ibIWOPNeNZb%2FYUUYF6XMQ%2F4LxNGhUqVCROSFRoU6mgIKQupxzIf8ABIfXEAe02YuG7fO%2F5vcPz%2B%2BbzPXtKXFh6snpZDYSUdLlVd2uvfOh5F2sbIrP9Wr%2FT%2FqjdvFjTvTfCdt19tfZuzLbVsu96ruu5Xm1N6DhR%2FeWpCJHfDb166Nabft1rNdHX%2F%2BfGOjDUAe%2Bdkuch%2BGTxgXMego2RpfdWY7NdqPz1d1IraaE0evzwg2w7U2WGdA4T7SDJDs%2FcUObR2n2o7GAWF6r3rzESE%2BI8vI8oOzwLiai3P8sZScQZIv4syt4YsRxD0DGYugnBHxGAcVzZRJbevqJ0SXeeqHSqTsji478gyglZ%2FP08svSbFSn6tetK2kKozKCfVBD9MUR3jNweoRicgyiPwIpPIfivZPnxBrJ0f9NIBcFPXg5CN%2FBZq7WUtAK21KRJY4k2QrrkskbL46HXajTdWUFCjCGSMWQ8BDULsMaBFQ5s4sDmDlJ%2BUmOe5wUuZ9TthIw1eBBHbe56NEg86rntDiyb%2FsMQRT4Ek0MwvYtc72JbDKHtjzBbFQx3YAqCHq9QxgSlISgpQSkIyoKg7FUHXBrfVLe5NDbyzrZ%2FthvVSBXdPXqgim6ckb38lDw3Lc55ZvMXbMcntVaSNEO3Qzudjh8xn8fNJIpY220GrBOGAYURFYQ5B2ocDMSEXHjzNeRiQp768idE9AhGHoEJB9ReAC1Hge%2BCbo2aHReD7F6XGlNoaxIp%2BvX%2BzgBcVciLRRQ7zp48JS%2FMjti48Qdidnzp4%2Bjy5M87f4PpCrmu8Il4QNCVt0bXVEn2r6nSkG8380KkYkCnB75e0CJe%2BOq9eKdUmq%2BvmuGdt9hUmMK778em2KAZF1nXkK9XBOexXlOaxeSHdXMjjq5as7VidWbzjatvr62nuY6NESobg4oJIQ%2BPwcSEPP3dweztvvhZCaHH0LZCao%2FJ2UCoI7B8Fyaf5zdqAVrOPVHuoLTVSPvR%2FKMUBDKecxpVMP%2Fh0RzvmVvo6pdAi5vI0go9XaEnK1A5hLELoyLXx5d%2Ba8wGkXRGkdTOfiS1%2FOJJuUac1IJGw6XtsOUFAY2DqOl3krbHKfWbbb%2Fdpg0UZsLC73%2F%2BBwAA%2F%2F8BAAD%2F%2F9xHu7uGBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2%2FcRBgdN5FAcAL1AlLRHjiAIBvb%2B8NreiiEEBSRNlULKjcYz9ibIWOPNeNZb%2FYUUYF6XMQ%2F4LxNGhUqVCROSFRoU6mgIKQupxzIf8ABIfXEAe02YuG7fO%2F5vcPz%2B%2BbzPXtKXFh6snpZDYSUdLlVd2uvfOh5F2sbIrP9Wr%2FT%2FqjdvFjTvTfCdt19tfZuzLbVsu96ruu5Xm1N6DhR%2FeWpCJHfDb166Nabft1rNdHX%2F%2BfGOjDUAe%2Bdkuch%2BGTxgXMego2RpfdWY7NdqPz1d1IraaE0evzwg2w7U2WGdA4T7SDJDs%2FcUObR2n2o7GAWF6r3rzESE%2BI8vI8oOzwLiai3P8sZScQZIv4syt4YsRxD0DGYugnBHxGAcVzZRJbevqJ0SXeeqHSqTsji478gyglZ%2FP08svSbFSn6tetK2kKozKCfVBD9MUR3jNweoRicgyiPwIpPIfivZPnxBrJ0f9NIBcFPXg5CN%2FBZq7WUtAK21KRJY4k2QrrkskbL46HXajTdWUFCjCGSMWQ8BDULsMaBFQ5s4sDmDlJ%2BUmOe5wUuZ9TthIw1eBBHbe56NEg86rntDiyb%2FsMQRT4Ek0MwvYtc72JbDKHtjzBbFQx3YAqCHq9QxgSlISgpQSkIyoKg7FUHXBrfVLe5NDbyzrZ%2FthvVSBXdPXqgim6ckb38lDw3Lc55ZvMXbMcntVaSNEO3Qzudjh8xn8fNJIpY220GrBOGAYURFYQ5B2ocDMSEXHjzNeRiQp768idE9AhGHoEJB9ReAC1Hge%2BCbo2aHReD7F6XGlNoaxIp%2BvX%2BzgBcVciLRRQ7zp48JS%2FMjti48Qdidnzp4%2Bjy5M87f4PpCrmu8Il4QNCVt0bXVEn2r6nSkG8380KkYkCnB75e0CJe%2BOq9eKdUmq%2BvmuGdt9hUmMK778em2KAZF1nXkK9XBOexXlOaxeSHdXMjjq5as7VidWbzjatvr62nuY6NESobg4oJIQ%2BPwcSEPP3dweztvvhZCaHH0LZCao%2FJ2UCoI7B8Fyaf5zdqAVrOPVHuoLTVSPvR%2FKMUBDKecxpVMP%2Fh0RzvmVvo6pdAi5vI0go9XaEnK1A5hLELoyLXx5d%2Ba8wGkXRGkdTOfiS1%2FOJJuUac1IJGw6XtsOUFAY2DqOl3krbHKfWbbb%2Fdpg0UZsLC73%2F%2BBwAA%2F%2F8BAAD%2F%2F9xHu7uGBAAA HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Cookie: u_pl=17453004; uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5ff4908a8882bc2de4fbbc6047c8997a=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9019227cd548e6d1e8a56066532cf712
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-26173754&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-26173754&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-26173754&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
s4.histats.com/stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:24660029&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:24660029&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4686440&@f16&@g1&@h1&@i1&@j1664727753418&@k0&@l1&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:24660029&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
s4.histats.com/stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-24213708&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-24213708&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-24213708&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
s4.histats.com/stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:31024435&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:31024435&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4686440&@f16&@g0&@h2&@i1&@j1664727753422&@k4&@l2&@mWatch%20Rupaya%20500%20Full%20Movie%20on%20123Movies%20on%20gasstrusflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:31024435&@b3:1664727753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgasstrusflix.xyz%2Ftv%2F127629%2Frupaya-500.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Sun, 02 Oct 2022 17:59:56 GMT
Date: Sun, 02 Oct 2022 16:22:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Sun, 02 Oct 2022 17:59:56 GMT
Date: Sun, 02 Oct 2022 16:22:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Sun, 02 Oct 2022 17:59:56 GMT
Date: Sun, 02 Oct 2022 16:22:34 GMT
Connection: keep-alive
disreputablegenuinelyhonorary.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=646
173.233.137.60200 OK 0 B URL HTTP/1.1 disreputablegenuinelyhonorary.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=646
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=646 HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Cookie: u_pl=17453004; uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5ff4908a8882bc2de4fbbc6047c8997a=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg
172.64.201.2200 OK 74 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg
IP 172.64.201.2:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 500x333, components 3\012- data
Hash edc025c8802080bcfb154c337fdb21a4
41d8d08c7984fcffbeeffee40e680e0a23d7f7e7
343eec76860bcb772bd3b2db18b495c7bd557cc20635141b3173c933b1df8592
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: image/jpeg
content-length: 73837
last-modified: Thu, 10 Feb 2022 09:31:00 GMT
etag: "6204db54-1206d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5206696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9eiKGQVd%2BJzVPYL9Xju5s%2FKhxi8CnG2%2BKVW%2F9fc%2FPIz4BkoWyxSW9R4Ci2AJu%2FZYzsF674BaMBVezSS3%2B8U9EjXMVRHu7voZmlHBMtVb5b8GPVuRCeLzY3K%2Fy7h1F9cp4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec7116951e63c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Sun, 02 Oct 2022 17:59:56 GMT
Date: Sun, 02 Oct 2022 16:22:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b3173eff80b64049bff92afa135727e
3a21ff79d45b6356f8283a87ba8cb2e33040ca29
7a5db34068fb34056744665a1e81460da9473caf812d47b5ee75a64f8d78ae2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A5DB34068FB34056744665A1E81460DA9473CAF812D47B5EE75A64F8D78AE2B"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5934
Expires: Sun, 02 Oct 2022 18:01:28 GMT
Date: Sun, 02 Oct 2022 16:22:34 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
172.64.201.2200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
IP 172.64.201.2:0
Hash 39c32ed8e89731e79982ffa12d481827
ace5f47d3e3b2b9f5580cd58b7a72cf225c339e5
6419ff9558c6e960ff78ff8b4d5ee7cfbab10b0a3524847321dd4b7fdfddf430
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:56 GMT
etag: W/"6204db50-15b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfBrmw5B60OBzKVPuA4o9YyvDgtLK3thpvdcYOE%2F4f2NWfu2u69Dr5PwutNtViWoi5ejicf2luqFWQ%2BDA7S1%2B119T2aCm4Pdnsn6V%2FZ1ar0MQjEy5z3Brfroxh2nb6fR3a4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec711391be63c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=9ba443e6-2016-44c2-8ad4-62ccc90133b9&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=cf2b08db9596a9caecd1e228e537d4ff&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=9ba443e6-2016-44c2-8ad4-62ccc90133b9&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=cf2b08db9596a9caecd1e228e537d4ff&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=9ba443e6-2016-44c2-8ad4-62ccc90133b9&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=cf2b08db9596a9caecd1e228e537d4ff&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb38a90cad390a34ea0534e214619b62
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
104.26.6.19200 OK 445 B URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
IP 104.26.6.19:0
File type HTML document text\012- HTML document, ASCII text
Hash 82dbfe69457b7149ca79c321f9097690
e054ed082c6e691ed694ce6c80ae6893ab512628
8858f1e7e9225d679177bdeb249552cea9a9456e0e6ab301c3dbf4b77e110302
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: text/html
last-modified: Thu, 10 Feb 2022 09:30:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oACqtB5zz2tc1lqRdeSfLOBdCMOtZ9rF5cOAh7aQE9gl4BYZGVEestQMZhodLwClolPn4DauPkK77cOiBk%2F5CFx3rUCOJyUHd%2F4COsBvctkkT25ui5imH6wVTkCD%2BnjuiK1pPdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec70cbde5b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js
172.64.201.2200 OK 194 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js
IP 172.64.201.2:0
Hash 9d0d1d223e35512cabac61e5d1b60267
b55b590938c93453cda11f49e7d354598254b63b
9d8ffa56035e0f894424c6c6632304240af07bff691decb4e501d3ee8e381df3
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 09:31:01 GMT
etag: W/"6204db55-18d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKCvW%2Fb4OY8T%2Fu%2BjZX7hgxUd5cwqTE8IxQV1Qksd7f7ECzFOEu5nvCninkKRrH%2FoflFe2PWIf1N%2BZAry3nxRc9ETNZXqAa%2FdrmWWkqUB8LtAzQEl7AjakN2EiwaHYjYI29M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec711391ae63c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
disreputablegenuinelyhonorary.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 disreputablegenuinelyhonorary.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Cookie: u_pl=17453004; uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5ff4908a8882bc2de4fbbc6047c8997a=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
172.64.201.2200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
IP 172.64.201.2:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:57 GMT
etag: W/"6204db51-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw2wW73Ac5C1UYuYP4fy5us2T3tVGJYBaLEwkgKt34x5esE795NLVM0eT2QLhfPGg3yPNGo5tSBEvNvZ%2FxLVJxdhnbH7hbeaj3ILwHhjltj4qdAmNFgyEL1NLTwjl9LftBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec7113918e63c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
disreputablegenuinelyhonorary.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwkoulK6UajMwoWimbw3v8cuqjFGgmlTWqXu9P56k2vuvPu49915k1kFi9LliP%2FAy5mkoVqkgivBIpNClYjQcZWF%2BQ9ciNCVC5lpcPTbfOe8cxbnne9%2BvudPSQhPT1Yvm4HSmi7Xy2HplQ%2Bj6GJpQyW%2BX%2Bq3Gh81ahdLtvdGu1EOXy29K%2Fm2Wa6EURhGYVRaU1bGpr88FaHSu%2B2o3A7LtUo5qtfQt%2F%2FnzgdwNIDonZLnocRk8UFwHoqPkXTvrUq3nZn09Xe6XtPMWPTE4QfJdmLyBN05jG2AODk8c8O4R2v3YZKDWVyY3r9GpiYkeHgfLDk8CwnW25%2FlZBoyARPPIu%2BNIfUYio7BzU0o8YgAXODKJpLu7SvG5nTniUqn6oQsPv4LKp%2BQxd%2FPI%2Bl%2Bs6JVv3TdaJ8pkzj04wKqP4bqjJH6I2SDc1D5EXj2KZT4lSw%2F3kDS3d902kCJk5eb7bBZ4fX6Ulxv8qUajatLtNqmSyGv1iPRjurVWjgrSKkxVDyGlkNQtwDvAngVwMcBfBqgK05KPIqiZig4DVttzquiKVlDhBFtxhGNwkYLnk%2F%2FYYgsHYLrIbjdRWp3sa2GsP5HuK0CTgRwGUFPFMglQe4IckqQK4I8I8h7xYHQruKK20I7z6KzXTnb1WJkss4ePTBZRyZkLz0lz02LC57Z%2FAXb8qRUj%2BNaO2zRVqtVYbwiZC1mjDfCWpO32u0mhVMFlDsH6gIM1IRcePM1pGpCnvryJzB6BKePwFUA6i%2BA5qNmJQTdGtVaIQbJvQ51LrPexVr1y%2F2dAYQpkGaLyHaCPX1KXpgdsXrjD0h%2BfOljdnny552%2FwW2B1Bb4RD0g6Ohbo2smJ%2FvXTO7It5tpprpqQKcHvp7RTC589Z7cyY0V66tueOctPhWm8O770mUbNBEq6Tjy9YoSQto1Y7kkP6y7G5Jd9W5rxdvEpxtX315b76ZWOqdMMgZVE0IeHoOrCXn6u4PZ233xsxzKjmF9ga4%2FJmcDZY7A0124dJ7fmQVYPfewNEDui5GtsPlHrQi0nHPKCrj%2FcDbHe%2B4WOvYl0Owmkm6Bni3Q0wWoHsL5hVGW2uNLv1VnA6aDEdM22Gfa6i%2BelOvUSakaiiaTsWwyWavXYskFq9dZyGPOqqLV4sjchLe%2F%2F%2FkfAAAA%2F%2F8BAAD%2F%2F1yTblOGBAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 disreputablegenuinelyhonorary.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwkoulK6UajMwoWimbw3v8cuqjFGgmlTWqXu9P56k2vuvPu49915k1kFi9LliP%2FAy5mkoVqkgivBIpNClYjQcZWF%2BQ9ciNCVC5lpcPTbfOe8cxbnne9%2BvudPSQhPT1Yvm4HSmi7Xy2HplQ%2Bj6GJpQyW%2BX%2Bq3Gh81ahdLtvdGu1EOXy29K%2Fm2Wa6EURhGYVRaU1bGpr88FaHSu%2B2o3A7LtUo5qtfQt%2F%2FnzgdwNIDonZLnocRk8UFwHoqPkXTvrUq3nZn09Xe6XtPMWPTE4QfJdmLyBN05jG2AODk8c8O4R2v3YZKDWVyY3r9GpiYkeHgfLDk8CwnW25%2FlZBoyARPPIu%2BNIfUYio7BzU0o8YgAXODKJpLu7SvG5nTniUqn6oQsPv4LKp%2BQxd%2FPI%2Bl%2Bs6JVv3TdaJ8pkzj04wKqP4bqjJH6I2SDc1D5EXj2KZT4lSw%2F3kDS3d902kCJk5eb7bBZ4fX6Ulxv8qUajatLtNqmSyGv1iPRjurVWjgrSKkxVDyGlkNQtwDvAngVwMcBfBqgK05KPIqiZig4DVttzquiKVlDhBFtxhGNwkYLnk%2F%2FYYgsHYLrIbjdRWp3sa2GsP5HuK0CTgRwGUFPFMglQe4IckqQK4I8I8h7xYHQruKK20I7z6KzXTnb1WJkss4ePTBZRyZkLz0lz02LC57Z%2FAXb8qRUj%2BNaO2zRVqtVYbwiZC1mjDfCWpO32u0mhVMFlDsH6gIM1IRcePM1pGpCnvryJzB6BKePwFUA6i%2BA5qNmJQTdGtVaIQbJvQ51LrPexVr1y%2F2dAYQpkGaLyHaCPX1KXpgdsXrjD0h%2BfOljdnny552%2FwW2B1Bb4RD0g6Ohbo2smJ%2FvXTO7It5tpprpqQKcHvp7RTC589Z7cyY0V66tueOctPhWm8O770mUbNBEq6Tjy9YoSQto1Y7kkP6y7G5Jd9W5rxdvEpxtX315b76ZWOqdMMgZVE0IeHoOrCXn6u4PZ233xsxzKjmF9ga4%2FJmcDZY7A0124dJ7fmQVYPfewNEDui5GtsPlHrQi0nHPKCrj%2FcDbHe%2B4WOvYl0Owmkm6Bni3Q0wWoHsL5hVGW2uNLv1VnA6aDEdM22Gfa6i%2BelOvUSakaiiaTsWwyWavXYskFq9dZyGPOqqLV4sjchLe%2F%2F%2FkfAAAA%2F%2F8BAAD%2F%2F1yTblOGBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwkoulK6UajMwoWimbw3v8cuqjFGgmlTWqXu9P56k2vuvPu49915k1kFi9LliP%2FAy5mkoVqkgivBIpNClYjQcZWF%2BQ9ciNCVC5lpcPTbfOe8cxbnne9%2BvudPSQhPT1Yvm4HSmi7Xy2HplQ%2Bj6GJpQyW%2BX%2Bq3Gh81ahdLtvdGu1EOXy29K%2Fm2Wa6EURhGYVRaU1bGpr88FaHSu%2B2o3A7LtUo5qtfQt%2F%2FnzgdwNIDonZLnocRk8UFwHoqPkXTvrUq3nZn09Xe6XtPMWPTE4QfJdmLyBN05jG2AODk8c8O4R2v3YZKDWVyY3r9GpiYkeHgfLDk8CwnW25%2FlZBoyARPPIu%2BNIfUYio7BzU0o8YgAXODKJpLu7SvG5nTniUqn6oQsPv4LKp%2BQxd%2FPI%2Bl%2Bs6JVv3TdaJ8pkzj04wKqP4bqjJH6I2SDc1D5EXj2KZT4lSw%2F3kDS3d902kCJk5eb7bBZ4fX6Ulxv8qUajatLtNqmSyGv1iPRjurVWjgrSKkxVDyGlkNQtwDvAngVwMcBfBqgK05KPIqiZig4DVttzquiKVlDhBFtxhGNwkYLnk%2F%2FYYgsHYLrIbjdRWp3sa2GsP5HuK0CTgRwGUFPFMglQe4IckqQK4I8I8h7xYHQruKK20I7z6KzXTnb1WJkss4ePTBZRyZkLz0lz02LC57Z%2FAXb8qRUj%2BNaO2zRVqtVYbwiZC1mjDfCWpO32u0mhVMFlDsH6gIM1IRcePM1pGpCnvryJzB6BKePwFUA6i%2BA5qNmJQTdGtVaIQbJvQ51LrPexVr1y%2F2dAYQpkGaLyHaCPX1KXpgdsXrjD0h%2BfOljdnny552%2FwW2B1Bb4RD0g6Ohbo2smJ%2FvXTO7It5tpprpqQKcHvp7RTC589Z7cyY0V66tueOctPhWm8O770mUbNBEq6Tjy9YoSQto1Y7kkP6y7G5Jd9W5rxdvEpxtX315b76ZWOqdMMgZVE0IeHoOrCXn6u4PZ233xsxzKjmF9ga4%2FJmcDZY7A0124dJ7fmQVYPfewNEDui5GtsPlHrQi0nHPKCrj%2FcDbHe%2B4WOvYl0Owmkm6Bni3Q0wWoHsL5hVGW2uNLv1VnA6aDEdM22Gfa6i%2BelOvUSakaiiaTsWwyWavXYskFq9dZyGPOqqLV4sjchLe%2F%2F%2FkfAAAA%2F%2F8BAAD%2F%2F1yTblOGBAAA HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Cookie: u_pl=17453004; uid_id2=79072c55-f57c-4af3-a39a-0c351d915340:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5ff4908a8882bc2de4fbbc6047c8997a=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:22:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c3ab70327bfa3cc38f93d334bca1cb
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/fonts/SFUIText-Regular.woff
172.64.201.2200 OK 73 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/fonts/SFUIText-Regular.woff
IP 172.64.201.2:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/fonts/SFUIText-Regular.woff HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gasstrusflix.xyz
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:35 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Thu, 10 Feb 2022 09:30:59 GMT
etag: "6204db53-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSoFs3QmVXB%2B9qEI5MI2bBd1AUQDZ60j%2Bq5Z8%2FQxKC9X0FQ%2FTjT36Usce2yS8OgTGo7c%2BFQ8ASdVX86WffrW7%2FJhrqnqo8m6g9hcWUS9%2B95IpxAX1Ar3sftJqgQ4ujRVDTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec713fc33e63c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 66845
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 24251ff3ca5ca50817c91db7ee16de10
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 16:22:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGV%2BvdKPXycsqFIv3PjK%2FgZjElwx7WLgcsGrCgzp3WTQExW8uMOR3GczcBuSOlUFo1Uhwpmek7smxYdCf21%2Fo1qnnz7LEcLeysHlIGEpubGAkNwcE5TSvbAYqPsJ78Tj7NJ2SUg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec7040c38775b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
daytr.us/d/45eb
51.81.109.125301 Moved Permanently 0 B IP 51.81.109.125:0
GET /d/45eb HTTP/1.1
Host: daytr.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 02 Oct 2022 16:22:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IlZmdmhOUmlQbG4wSTlZUlRNYlI1Ync9PSIsInZhbHVlIjoiU3I1Z05FYThNZUJvaUtIR0lsTThVMEU2cXdmUWZNZ3FxakFkaEhudTVyWHAxTUU2cStmVjVYam1lbStVMVpZQyIsIm1hYyI6ImQ0ZWY1ZGVjOGU1NTQ5YTZlZmZhODQ5ZWVjNDgyOWZmZjRiMjVjMjYwNzM2OGE1ZjM2MmZhZTBmMGVlN2QwYzUifQ%3D%3D; expires=Sun, 02-Oct-2022 18:22:30 GMT; Max-Age=7200; path=/
short_url_session=wlJWZZIBIcmsWjgWDn4IlaO1HaDioGoZB8feRQQ0; expires=Sun, 02-Oct-2022 18:22:30 GMT; Max-Age=7200; path=/; httponly
location: https://gasstrusflix.xyz/tv/127629/rupaya-500.html
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10169350
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753ec6feed97b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:48:47
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 39b7a4107ac99785daf3883d73227d5f
cdn-cache: HIT
cf-cache-status: HIT
age: 12838071
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753ec6fefdafb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg
IP 172.64.201.2:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:34 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 09:30:59 GMT
etag: W/"6204db53-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5206696
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbtCH2FoOs%2FLeofm9Pm3Hh588E3ozhsOjqVZSDL873C%2FibF4ZYVBKpEsJfKuRep3cQY4ppXPA%2FkaQ243m0n%2BH4pgrrZlKpu%2Fevs3JYG2Gk7avyLjBMkAgzLrUI94%2BS2QzvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec7116946e63c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/24/2022 14:58:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
cdn-cache: HIT
cf-cache-status: HIT
age: 10177137
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753ec6ff1dd8b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gasstrusflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:22:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b27029555f74279afa077a62cfa0018c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 16:22:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAKrATId%2FCCwteocujKKRif3zMYXHc9I3jXPYvfwaHJ40H8teFV%2BxmN5M4Z5ZkEDXlLZC1zP45xibsygyYjXhekEgsAA6L5sBx9iMte552Ftv7nf5p6Du8lE28XG7EqyA2tSL%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ec7050f4d88a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2