firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 01:15:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5ZsNJgtmWKCTK696EWLCXsu4oRDMCwUvnXDcq6U7y7-Dl7FJWXah9g==
Age: 3030
flixhq.net/
301 Moved Permanently 166 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET / HTTP/1.1
Host: flixhq.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 02:05:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://flixhq.ru/
X-Frame-Options: SAMEORIGIN
X-Dynamic-Cache: EXPIRED
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pojrzBYeRFogRtOhStNmAYXXykhZzdlueap1Nrqk7D0dKeRj2MpNkp11Sj2K9eylHFK49KHl%2FTZrLIx8Is9nOaclFzVpWFhuxlDw66le%2BJNGfut3dpbMieWAppxs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75086fbcefb1b51e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15502
Expires: Mon, 26 Sep 2022 06:24:08 GMT
Date: Mon, 26 Sep 2022 02:05:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bLPc1_on40SgryEwNW5tpI0nFQFxLqAilvfa2RSXuY71saDJV09J8Q==
age: 77432
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 02:05:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
flixhq.ru/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: flixhq.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 02:05:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://flixhq.ru/
X-Frame-Options: SAMEORIGIN
X-Dynamic-Cache: EXPIRED
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JlrAWhGn9hxNrgCKp4Or9sOwoNz9QGdjYc0BZ6qpy3RIjiDXapw5L5OVSQePzOxdKvYOut8DWdxlSTiegnvrAJ01G5fUnC9snRP743ah96enE%2Fo3IJqfSvO7IQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75086fbe7e92b515-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 6ddfc325f80bc2a3df4c5d6eac4328ff
c6b3c5e50594266a172322cf14edf1f7bc81bc78
b878df3825f80c6e7138d93d1e5e6674a3fa99d85801a143e64881feb45f21fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B878DF3825F80C6E7138D93D1E5E6674A3FA99D85801A143E64881FEB45F21FC"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=876
Expires: Mon, 26 Sep 2022 02:20:22 GMT
Date: Mon, 26 Sep 2022 02:05:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 02:04:17 GMT
Expires: Mon, 26 Sep 2022 02:22:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VZ8iDolhl0WUuuCmoey1QN-ZlujvlA4WhVA2VK2bV1fttimaVtHhLA==
Age: 90
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 6ddfc325f80bc2a3df4c5d6eac4328ff
c6b3c5e50594266a172322cf14edf1f7bc81bc78
b878df3825f80c6e7138d93d1e5e6674a3fa99d85801a143e64881feb45f21fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B878DF3825F80C6E7138D93D1E5E6674A3FA99D85801A143E64881FEB45F21FC"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=875
Expires: Mon, 26 Sep 2022 02:20:22 GMT
Date: Mon, 26 Sep 2022 02:05:47 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css
200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css
IP
File type ASCII text, with very long lines (58749)
Hash 4a2beef828026de10ee4974679198e36
2f4cfc1a33538d944b61c5828bc09c567a5c2cf3
3d943651835bb396141bcfa98dcdf4f7fea86836b28f605889e57b165dbc477d
GET /ajax/libs/font-awesome/5.13.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: text/css; charset=utf-8
content-length: 10392
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eebda3d-e637"
last-modified: Thu, 18 Jun 2020 21:18:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1502052
expires: Sat, 16 Sep 2023 02:05:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2pbF43zFsU7%2BDx4BTInlY2NPb0OrP%2BxNh25gi1NKQ%2B7sa0khOs0Y863mNeVB2rNpNU7Ru3I9N5xc1cbWYi7oNkOIaKx%2F68u%2B6D8yQhyBF2wYtlNIPGwCuZ%2BzUiSTHBk6jn0sQSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75086fc27c1f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 270349
expires: Sat, 16 Sep 2023 02:05:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCbQ7uCIeYyyfg1IvveQtI2GRiORRllSfiP%2Fwg8l9ISxN%2FnKeHvg5IlxahuCd5xO9MmXRRp3%2FxnAZot7otq5PDn0F9eltR1BysPbzIoAZpmYqqgajguZXhJ9MVEPXsO7E4YR0jA2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75086fc27c240b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js
200 OK 13 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (59893)
Hash 4fab1eec96fa73ae05128112e3ef4cb6
3d774010eabc43e0fbc017e334d600932fbf0533
77484c7905037ef72fbe72f5c659f09a94928daf091971a646e45de3aacc45a3
GET /ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 13080
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ebae359-eb0e"
last-modified: Tue, 12 May 2020 17:56:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7201549
expires: Sat, 16 Sep 2023 02:05:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMiZv0ePiRS18%2BlEgjueRBRUdWGeJhjMPpGDevhtHNcuiUGYGUeONsl4%2BCoK%2FPzfoVpkjNkHkX5jFtkVNQoAym8YaD0Xlp%2FhuHFzL%2F9mQdzE1LfD6jVxSirNLhxapHGVWoq88p%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75086fc27c250b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
IP
File type ASCII text, with very long lines (20164)
Hash ae393ccddfcfe335c9b29ee90aaf72cb
6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81
75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8
GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7013686
expires: Sat, 16 Sep 2023 02:05:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxFd3epj1LMRmKjgC65eBQUxebktqnBfziNQUTV0sJGRui2nn9ljKZE72H%2Btr7EBZ6SIJWZ14au%2Flc0BBhr7XQypOvl0TUTIjiaEk7r1UJ1Iz%2BnvngF%2BeZqz5HYHzhZb87kyW0ne"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75086fc28c270b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash f4c17752f49a1e0686017bf6dba9844f
20a79a9777ec980fc53e3ca639712dc3ab8b3365
6bc9e749f193e904c09d510373bbd17b84af84a8e9ec1a480382e120db375198
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6BC9E749F193E904C09D510373BBD17B84AF84A8E9EC1A480382E120DB375198"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16236
Expires: Mon, 26 Sep 2022 06:36:23 GMT
Date: Mon, 26 Sep 2022 02:05:47 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash f4c17752f49a1e0686017bf6dba9844f
20a79a9777ec980fc53e3ca639712dc3ab8b3365
6bc9e749f193e904c09d510373bbd17b84af84a8e9ec1a480382e120db375198
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6BC9E749F193E904C09D510373BBD17B84AF84A8E9EC1A480382E120DB375198"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16236
Expires: Mon, 26 Sep 2022 06:36:23 GMT
Date: Mon, 26 Sep 2022 02:05:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Last-Modified: Mon, 26 Sep 2022 01:39:54 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
s1.bunnycdn.ru/assets/template_3/style_4/images/logo.png
200 OK 2.3 kB URL HTTP/2 s1.bunnycdn.ru/assets/template_3/style_4/images/logo.png
IP
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 9696491193d9a4b5287eb9c479e9fbbe
2eee1990d3a68ccc555380c141bdc8b9a0e5e359
96c937d6dfd04b687a0076292203b7366091021459c815bfd9c21e93757835d8
GET /assets/template_3/style_4/images/logo.png HTTP/1.1
Host: s1.bunnycdn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: image/png
content-length: 2289
last-modified: Thu, 09 Dec 2021 17:26:05 GMT
etag: "61b23c2d-8f1"
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
cf-cache-status: HIT
age: 323857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIfzoMyixBzNnhpEzHKtTOxVw6TtjUHXPjfbkuEcjl0PWUnuYYCU%2FjULZSyhQmdAiB1FdWkRz8rmcmuS1eLE9FSm5RPI7cFQSQ2I1vPY%2Fd25oKD8Jyd6uTj%2FI4BDkoR3dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fc2ddc99966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash f4c17752f49a1e0686017bf6dba9844f
20a79a9777ec980fc53e3ca639712dc3ab8b3365
6bc9e749f193e904c09d510373bbd17b84af84a8e9ec1a480382e120db375198
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6BC9E749F193E904C09D510373BBD17B84AF84A8E9EC1A480382E120DB375198"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16236
Expires: Mon, 26 Sep 2022 06:36:23 GMT
Date: Mon, 26 Sep 2022 02:05:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 28295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 369099
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 369099
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t3g3axhYJSsO9vnsxhoAbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ihiPtItxP5KDmiIi8TrW5ag1j6A=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcffabf7d5f024e6573d88f3344be5c7
d25c345072321a217e58605afed03e6723fd6c2b
a89c8b6c0c59810ac4ded481c0036bda8e9caa923eb1a73ac4f30e31a4668428
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A89C8B6C0C59810AC4DED481C0036BDA8E9CAA923EB1A73AC4F30E31A4668428"
Last-Modified: Sat, 24 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 26 Sep 2022 03:27:51 GMT
Date: Mon, 26 Sep 2022 02:05:47 GMT
Connection: keep-alive
likedstring.com/03/0d/83/030d836cb85beabcb76604b2c28b89c4.js
200 OK 20 kB URL HTTP/1.1 likedstring.com/03/0d/83/030d836cb85beabcb76604b2c28b89c4.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59881)
Hash 7caac122270aaa527841d97e830c253c
3cc66d39cdbad19a1638685e93aeee999633c61a
68f33b1138ff61b1e4d1ed5973ce3b0385a5c626dc46d04cea4cccc0709500a3
GET /03/0d/83/030d836cb85beabcb76604b2c28b89c4.js HTTP/1.1
Host: likedstring.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 02:05:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd-28118_1=1; expires=Tue, 04 Oct 2022 02:05:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96f693a73a6eb359029c11d0b9a2d0e6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5063
Expires: Mon, 26 Sep 2022 03:30:11 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
likedstring.com/52/37/ba/5237baae7578dfd1e5603cc55f8d0086.js
200 OK 13 kB URL HTTP/1.1 likedstring.com/52/37/ba/5237baae7578dfd1e5603cc55f8d0086.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37154), with no line terminators
Hash 1a49910ad30b57ff7935d6412828eaf7
9c44aa3142276c0557dbf7500b03d3f4c0d8e4be
9667180f0753c2ba68b2d95ad9292ae24cb94719e2ce94259f06c65d12fa4d2f
GET /52/37/ba/5237baae7578dfd1e5603cc55f8d0086.js HTTP/1.1
Host: likedstring.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 02:05:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54b0037236bac8a174a0a694925f4bc6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 287d2412da1baf3c6215a6fcd00c7093
11d609821fa875407c9a943ff30875aa44459adb
accdc26685c3a61244f0fdc3b054c1cf26093c167e7a2e633f35f258dd7a2e45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 02:05:48 GMT
Last-Modified: Mon, 26 Sep 2022 01:08:26 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JSaA5ygr21Qnm6MLfUlnlt2PQvMW5IXESo3Z_ZjlwbL64g3aXtm_eQ==
Age: 3443
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 8b614dee9d55f7d33411a25be83f00b2
4987caddd4f28ddf9bcc8fa7976944cfff578ff4
384ed6a5ccca937584a8493f452dbf1b345e0515c79b332b5760c32540a6e3ad
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://flixhq.ru
access-control-allow-credentials: true
set-cookie: uid_id2=8c594bf5-f81e-4edf-a694-cff5db5f33d1:3:1; expires=Thu, 23 Sep 2032 02:05:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
s1.bunnycdn.ru/assets/template_3/min/all.js?6316f686
200 OK 82 kB URL HTTP/2 s1.bunnycdn.ru/assets/template_3/min/all.js?6316f686
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8f3a182b4933db03e11f3c5f1a0ec575
bd5a36f0df54ba567ae616469e5a5de1dbe407c4
25a42d1c20d5422619377ec9215c7ad8e533e9e6fe2f811713ea85e82c44f22d
GET /assets/template_3/min/all.js?6316f686 HTTP/1.1
Host: s1.bunnycdn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 07:31:29 GMT
vary: Accept-Encoding
etag: W/"6316f751-2e1d3"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1708443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20QxJrz%2Ft%2BrJhxs7AtE%2BcFTW45GosVksknFX0bLAD7PV%2BJ2j%2F48ve7mb%2BHuReSO3h%2BxlyPs%2FvFL2wxs88njTYJYQqvwRwk3ov0NJPsDy5s7i56gqoT99QdII%2B2TUP4N3Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75086fc2ddcb9966-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash deffda2fbf60714b76c498b7f739006a
b5843b4a0150cf071c318d773993c3007b952e7c
d61bcea184a125d4cd76651f9e4d5bfa60b4a81662f06fd51740f7161159fcbc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 02:05:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:29:12 GMT
Expires: Sat, 01 Oct 2022 05:29:11 GMT
Etag: "b5843b4a0150cf071c318d773993c3007b952e7c"
Cache-Control: max-age=443602,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75086fc92b69b50b-OSL
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 1db5c7f2c85de8127872d38a5b05c345
9bbbb27fa6722d4eee575c393450e145104dcc50
dff615546146684226d84ecd94e33be71020258329bd35891db1dacb467654d3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://flixhq.ru
access-control-allow-credentials: true
set-cookie: uid_id2=8ce00db9-352a-4a8e-939d-bbfe9108abfa:3:1; expires=Thu, 23 Sep 2032 02:05:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5063
Expires: Mon, 26 Sep 2022 03:30:11 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:48 GMT
Last-Modified: Mon, 26 Sep 2022 00:44:01 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 324df1bc1a8a5837eba73bff592d5d54
dccd88d9feecca3049501c23beccaa07f6df1fd4
dac1a05778ba4bdf08a738ca20d00ae04c7d867724b6272210704fd018d2633b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAC1A05778BA4BDF08A738CA20D00AE04C7D867724B6272210704FD018D2633B"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2297
Expires: Mon, 26 Sep 2022 02:44:05 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116421 bytes)
Hash 50b2be22436f28eeb626c063bd506eba
d4dafc6f2a3d10ac086ea07d19519df93fba8a8a
ddd6e4f7cbc0726429726c7a908ed33c3f94bb0cff47f87d3dcf71e37ea7ad4b
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116421
date: Mon, 26 Sep 2022 02:05:48 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
plainmarshyaltered.com/pixel/purst?dl=0&th=0&sc=0&rs=1703&rd=1703&fd=885&bv=22.9.v.2&tmpl=70
200 OK 0 B URL HTTP/1.1 plainmarshyaltered.com/pixel/purst?dl=0&th=0&sc=0&rs=1703&rd=1703&fd=885&bv=22.9.v.2&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1703&rd=1703&fd=885&bv=22.9.v.2&tmpl=70 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 02:05:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18735
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18735
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18735
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18735
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18735
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 02:05:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce85614e-743a-4f62-8caf-9fdeb86a1c45.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce85614e-743a-4f62-8caf-9fdeb86a1c45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53e1460eb42e8f71ed179c3be0709333
43c5b52cd3fb56660d826916eaafff0901340787
ec6de3d11b3c8d9743d8a91864a0c04a16259c206d87691591c2aa9b10edcd3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce85614e-743a-4f62-8caf-9fdeb86a1c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4021
x-amzn-requestid: b265dc30-377d-42a7-93ce-9e6932febcbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSJ5FMxoAMF4GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca3f-58fbb5914e5ec38f6260893c;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i-pfWKLyt4Fhf-eCw-3Nu9PkxwaTY3hVyFqPxytgzICxUCd8SY9VLw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:19:29 GMT
age: 13579
etag: "43c5b52cd3fb56660d826916eaafff0901340787"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8703b7f0-bb10-4a43-a50f-a8a5c8857499.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8703b7f0-bb10-4a43-a50f-a8a5c8857499.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38f828e3aa86057cc3b686ca9d4accc5
c529507a70247c7e03c849c3ff45f93eada6f0c4
76016d51352ff6a8372b92206119d88747600874ecee5315573ca4e539e03c6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8703b7f0-bb10-4a43-a50f-a8a5c8857499.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10045
x-amzn-requestid: a01e6cef-fe8f-498c-aa68-2603a66b1121
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvwHPwoAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-1a4405e54c54eccb4f0846a2;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wSP8BShuQVtS8IAsX0iih-Du6JSFbzSFB3gQZwpugD51A6xWTD3PpA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 15416
etag: "c529507a70247c7e03c849c3ff45f93eada6f0c4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647364db-b398-41d7-8705-de1b74b7b110.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647364db-b398-41d7-8705-de1b74b7b110.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3db75e6241f57400010012f889a43d5
3a71ab6dac65dede3b07a5a5ee926ee964904541
6fff314d72ce18cf560dec61ea1c286b00777d6ec1bd30a31752bcf994c970e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647364db-b398-41d7-8705-de1b74b7b110.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: c03f3f22-9132-455b-adc9-d38565307a9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTEnFySIAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbb6-62f8e2e817e7ab530a359eaf;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2oPD_pTgMlohgc-D5LUGd8B-_YaDf8bUDlkbGPK4PIg8A5MGYuXWsQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:21:02 GMT
age: 13486
etag: "3a71ab6dac65dede3b07a5a5ee926ee964904541"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 14877
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 16093
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 13508
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 02:05:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 623837009ecdcda58779c4cb8c62f182
Strict-Transport-Security: max-age=0; includeSubdomains
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=56580
date: Mon, 26 Sep 2022 02:05:49 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 26 Sep 2022 02:05:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-5a4bbf5745d3e51e/_ate.track.config_resp
200 OK 810 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5a4bbf5745d3e51e/_ate.track.config_resp
IP
File type ASCII text, with very long lines (4414), with no line terminators
Hash 90d06f36a306147405d512fb8d82e96c
b28c715163ba9fffebd531d4ccfb94c9d3ce5531
b8ff4bb7750f841827a79bdde60e5b16cdfa7a1c8fe58e3d3460de970a345425
GET /live/boost/ra-5a4bbf5745d3e51e/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 810
etag: -189841643--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=8, s-maxage=86400
date: Mon, 26 Sep 2022 02:05:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03c66b27e3f1c4fdf25c588d07fe681e
7e0d0a816cd754301778481f9027b535ee675fd8
6ad15be03ec6800f3d92718d5cc52a58ff74da44798924b4223adcb0a20ebbff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AD15BE03EC6800F3D92718D5CC52A58FF74DA44798924B4223ADCB0A20EBBFF"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21043
Expires: Mon, 26 Sep 2022 07:56:32 GMT
Date: Mon, 26 Sep 2022 02:05:49 GMT
Connection: keep-alive
m.addthis.com/live/red_lojson/300lo.json?si=633108fbd2b0252c&bkl=0&bl=1&pdt=818&sid=633108fbd2b0252c&pub=ra-5a4bbf5745d3e51e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=flixhq.ru&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20series%20online%20free%2Cwatch%20series%20online%2Cfree%20watch%20series%20online%2Cwatch%20online%20series%2Cfree%20watch%20online%20series&colc=1664157947529&jsl=1&uvs=633108fbd7cf6781000&skipb=1&callback=addthis.cbs.jsonp__7743441412964680
200 OK 88 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=633108fbd2b0252c&bkl=0&bl=1&pdt=818&sid=633108fbd2b0252c&pub=ra-5a4bbf5745d3e51e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=flixhq.ru&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20series%20online%20free%2Cwatch%20series%20online%2Cfree%20watch%20series%20online%2Cwatch%20online%20series%2Cfree%20watch%20online%20series&colc=1664157947529&jsl=1&uvs=633108fbd7cf6781000&skipb=1&callback=addthis.cbs.jsonp__7743441412964680
IP
File type ASCII text, with no line terminators
Hash 2e0a9682274bef4d1371c4b4f6e32b48
f4f5877c744b2b1c5ae1ad9e44c17ce6aa4623d0
3b656ee1d7e242a2528b44e0a204c2d8558c56622b34564adf90e729c777a6cd
GET /live/red_lojson/300lo.json?si=633108fbd2b0252c&bkl=0&bl=1&pdt=818&sid=633108fbd2b0252c&pub=ra-5a4bbf5745d3e51e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=flixhq.ru&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=watch%20series%20online%20free%2Cwatch%20series%20online%2Cfree%20watch%20series%20online%2Cwatch%20online%20series%2Cfree%20watch%20online%20series&colc=1664157947529&jsl=1&uvs=633108fbd7cf6781000&skipb=1&callback=addthis.cbs.jsonp__7743441412964680 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 88
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 26 Sep 2022 02:05:49 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 968198a1616f58bae179ece51ddee081
255d4fd03085e47ca29f32aa918ecb9e2c6d0f31
5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6799
Expires: Mon, 26 Sep 2022 03:59:08 GMT
Date: Mon, 26 Sep 2022 02:05:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 968198a1616f58bae179ece51ddee081
255d4fd03085e47ca29f32aa918ecb9e2c6d0f31
5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6799
Expires: Mon, 26 Sep 2022 03:59:08 GMT
Date: Mon, 26 Sep 2022 02:05:49 GMT
Connection: keep-alive
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 26 Sep 2022 02:05:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=a156bb69b759&c=s&x=https%3A%2F%2Fflixhq.ru%2F&v=29&r=703
200 OK 3.4 kB URL HTTP/2 whos.amung.us/pingjs/?k=a156bb69b759&c=s&x=https%3A%2F%2Fflixhq.ru%2F&v=29&r=703
IP
Hash 4a969058fa8cb5f273b086dffe748507
3b5940e783c717716c93eebee85e13650e326ddd
078314a802f6ef58f8c19a0c91f21c344dc76eba01bcba3471f672a9ae0b1b0e
GET /pingjs/?k=a156bb69b759&c=s&x=https%3A%2F%2Fflixhq.ru%2F&v=29&r=703 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:48 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75086fc97fe20d4e-ARN
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d6901262bc1a9e9a70324a3aa32e5c6f
57774ebdd2cbeaa01b7c1694eecc79480799d7f3
a2241df56c24736a566e75a08c8d1213682809229ea3230316aab054428aedb0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 02:05:49 GMT
Last-Modified: Mon, 26 Sep 2022 01:39:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
unseenreport.com/pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=030d836cb85beabcb76604b2c28b89c4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=030d836cb85beabcb76604b2c28b89c4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=030d836cb85beabcb76604b2c28b89c4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 02:05:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 142b13c731eba030e7d18a559e4e2b08
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=5237baae7578dfd1e5603cc55f8d0086&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=5237baae7578dfd1e5603cc55f8d0086&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8ce00db9-352a-4a8e-939d-bbfe9108abfa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=5237baae7578dfd1e5603cc55f8d0086&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 02:05:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9dba22890cd0f2f33ca5afaf0c9378d
Strict-Transport-Security: max-age=0; includeSubdomains
interesteddeterminedeurope.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2scVRy90wQp%2BKT0RUXZBx8UzGZm%2F8zuWrBYa6SYNqVVFBT0%2FpvNNXfnjvfO3dnkKViQPun6DSZnk4ZoEf0AFtkU%2BhAQuj4taL6DCH1SkN0GV38vv3PmnIcz53e%2F3POnJISn0yvXzI7Smq42q2HllQ%2Bj6GJlXaV%2BUBm040%2FixsWK7b%2Feiavhq5V3JN8yq7UwCsMojCprysrEDFZnIlR2rxNVO2G1UatGzQYG9v%2Fc%2BQCOBhD9U%2FIslJgsPwguQPEx0t4PV6Tbyk322ts9r2luLPri8P10KzVFit4CJjZAkh6euWHco7X7MOnBPC5M%2F18jUxMSPLwPlh6ehQTr789zMg2ZgomnUfTHkHoMRcfg5jaUeEQALnB9A2nv7nVjC7r9RKUzdUKWH%2F8JVUzI8u8XkPa%2Bv6zVoHLLaJ8rkzoMkhJqMIbqjpH5Y%2BQ756CKY%2FD8CyjxC1l9vI60t7%2FhtIES05fbXIahYJ2VerNGVxq0LVc69Y5YYSyRnShsU5bQeUFKjaGSMbQcgroleBfAqwA%2BCeCzAD0xrfAoilqh4DRsdzivi5ZksQgj2koiGoVxG57P%2FmGIPBuC6yG43UVmd7GlhrD%2BZ7jNEk4EcDlBX5QoJEHhCApKUCiCIico%2BuWB0K7myrtCO8%2Bis1072%2FVyZPLuHj0weVemZC87Jc%2FMiguWPp5iS04rzVq9xSiVrWarLRIRyWYc1jlvNpO2CMN2DKdKKHcO1AXYURPywhtfI1MT8tRXAowew%2BljcBWA%2BhdBi1GrFoJujhrtEDvpUaLVYPPzqvUQpkSWLyPfDvb0KXlufr36xd8g%2BcmlT9m1yR9Hf4HbEpkt8Zl6QNDVd0Y3TUH2b5rCkR83slz11A6dXfZWTnO59O27crswVly94oZHb%2FKZMIP33pMuX6epUGnXke8uKyGkXTOWS%2FLTVfeBZDe827zsbeqz9RtvrV3tZVY6p0w6BlUTQh6egKsJOS%2BK%2BaN93n0EZcewvkTPn5CzgTLH4NkuXLbI78wSrF54WBag8OXI1tjio1YEWi44ZSXcfzhb4D13B137Emh%2BG2mvRN%2BW6OsSVA%2Fh%2FNIoz%2BzJpV%2Fr8wHTwYhpG%2BwzbfU3T8p1alpp1eshjTvNqNWissUatXYSR4LSWiOuxTGtI3cTHp3%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FLcnk438EAAA%3D
200 OK 7 B URL HTTP/1.1 interesteddeterminedeurope.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2scVRy90wQp%2BKT0RUXZBx8UzGZm%2F8zuWrBYa6SYNqVVFBT0%2FpvNNXfnjvfO3dnkKViQPun6DSZnk4ZoEf0AFtkU%2BhAQuj4taL6DCH1SkN0GV38vv3PmnIcz53e%2F3POnJISn0yvXzI7Smq42q2HllQ%2Bj6GJlXaV%2BUBm040%2FixsWK7b%2Feiavhq5V3JN8yq7UwCsMojCprysrEDFZnIlR2rxNVO2G1UatGzQYG9v%2Fc%2BQCOBhD9U%2FIslJgsPwguQPEx0t4PV6Tbyk322ts9r2luLPri8P10KzVFit4CJjZAkh6euWHco7X7MOnBPC5M%2F18jUxMSPLwPlh6ehQTr789zMg2ZgomnUfTHkHoMRcfg5jaUeEQALnB9A2nv7nVjC7r9RKUzdUKWH%2F8JVUzI8u8XkPa%2Bv6zVoHLLaJ8rkzoMkhJqMIbqjpH5Y%2BQ756CKY%2FD8CyjxC1l9vI60t7%2FhtIES05fbXIahYJ2VerNGVxq0LVc69Y5YYSyRnShsU5bQeUFKjaGSMbQcgroleBfAqwA%2BCeCzAD0xrfAoilqh4DRsdzivi5ZksQgj2koiGoVxG57P%2FmGIPBuC6yG43UVmd7GlhrD%2BZ7jNEk4EcDlBX5QoJEHhCApKUCiCIico%2BuWB0K7myrtCO8%2Bis1072%2FVyZPLuHj0weVemZC87Jc%2FMiguWPp5iS04rzVq9xSiVrWarLRIRyWYc1jlvNpO2CMN2DKdKKHcO1AXYURPywhtfI1MT8tRXAowew%2BljcBWA%2BhdBi1GrFoJujhrtEDvpUaLVYPPzqvUQpkSWLyPfDvb0KXlufr36xd8g%2BcmlT9m1yR9Hf4HbEpkt8Zl6QNDVd0Y3TUH2b5rCkR83slz11A6dXfZWTnO59O27crswVly94oZHb%2FKZMIP33pMuX6epUGnXke8uKyGkXTOWS%2FLTVfeBZDe827zsbeqz9RtvrV3tZVY6p0w6BlUTQh6egKsJOS%2BK%2BaN93n0EZcewvkTPn5CzgTLH4NkuXLbI78wSrF54WBag8OXI1tjio1YEWi44ZSXcfzhb4D13B137Emh%2BG2mvRN%2BW6OsSVA%2Fh%2FNIoz%2BzJpV%2Fr8wHTwYhpG%2BwzbfU3T8p1alpp1eshjTvNqNWissUatXYSR4LSWiOuxTGtI3cTHp3%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FLcnk438EAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSX2scVRy90wQp%2BKT0RUXZBx8UzGZm%2F8zuWrBYa6SYNqVVFBT0%2FpvNNXfnjvfO3dnkKViQPun6DSZnk4ZoEf0AFtkU%2BhAQuj4taL6DCH1SkN0GV38vv3PmnIcz53e%2F3POnJISn0yvXzI7Smq42q2HllQ%2Bj6GJlXaV%2BUBm040%2FixsWK7b%2Feiavhq5V3JN8yq7UwCsMojCprysrEDFZnIlR2rxNVO2G1UatGzQYG9v%2Fc%2BQCOBhD9U%2FIslJgsPwguQPEx0t4PV6Tbyk322ts9r2luLPri8P10KzVFit4CJjZAkh6euWHco7X7MOnBPC5M%2F18jUxMSPLwPlh6ehQTr789zMg2ZgomnUfTHkHoMRcfg5jaUeEQALnB9A2nv7nVjC7r9RKUzdUKWH%2F8JVUzI8u8XkPa%2Bv6zVoHLLaJ8rkzoMkhJqMIbqjpH5Y%2BQ756CKY%2FD8CyjxC1l9vI60t7%2FhtIES05fbXIahYJ2VerNGVxq0LVc69Y5YYSyRnShsU5bQeUFKjaGSMbQcgroleBfAqwA%2BCeCzAD0xrfAoilqh4DRsdzivi5ZksQgj2koiGoVxG57P%2FmGIPBuC6yG43UVmd7GlhrD%2BZ7jNEk4EcDlBX5QoJEHhCApKUCiCIico%2BuWB0K7myrtCO8%2Bis1072%2FVyZPLuHj0weVemZC87Jc%2FMiguWPp5iS04rzVq9xSiVrWarLRIRyWYc1jlvNpO2CMN2DKdKKHcO1AXYURPywhtfI1MT8tRXAowew%2BljcBWA%2BhdBi1GrFoJujhrtEDvpUaLVYPPzqvUQpkSWLyPfDvb0KXlufr36xd8g%2BcmlT9m1yR9Hf4HbEpkt8Zl6QNDVd0Y3TUH2b5rCkR83slz11A6dXfZWTnO59O27crswVly94oZHb%2FKZMIP33pMuX6epUGnXke8uKyGkXTOWS%2FLTVfeBZDe827zsbeqz9RtvrV3tZVY6p0w6BlUTQh6egKsJOS%2BK%2BaN93n0EZcewvkTPn5CzgTLH4NkuXLbI78wSrF54WBag8OXI1tjio1YEWi44ZSXcfzhb4D13B137Emh%2BG2mvRN%2BW6OsSVA%2Fh%2FNIoz%2BzJpV%2Fr8wHTwYhpG%2BwzbfU3T8p1alpp1eshjTvNqNWissUatXYSR4LSWiOuxTGtI3cTHp3%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FLcnk438EAAA%3D HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Cookie: u_pl=16997593; uid_id2=8ce00db9-352a-4a8e-939d-bbfe9108abfa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5237baae7578dfd1e5603cc55f8d0086=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 02:05:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4c0aece9d92744b895518cec02668a9
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash a0f884d959b986684bb199e29ea6c2af
91d2654bea2dd92ae95b844b32cc345d16c398b7
3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4868
Expires: Mon, 26 Sep 2022 03:26:57 GMT
Date: Mon, 26 Sep 2022 02:05:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash a0f884d959b986684bb199e29ea6c2af
91d2654bea2dd92ae95b844b32cc345d16c398b7
3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4868
Expires: Mon, 26 Sep 2022 03:26:57 GMT
Date: Mon, 26 Sep 2022 02:05:49 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
200 OK 2.3 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
IP
Hash fa258238ec6af43b089ad7c3f26c4bd3
942405359afd05ab9183f5c96cd83cf528c13bf0
89cdb647678d4a3175561ca2bfa2a8cb2b0866545a597093e61b00b6ace190a2
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4636884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPEsRYHWD4EqLF%2FZ2%2BoNSfqw%2FGTKtL3Y4iyTNpwURAzxtooUFsH8VVliiJrPWNrwydfa8VRANPAo5nrfPXd4ETDCyYJ77Anvs1idMozR%2BYPe2aTXpZcbgDfQ0hDRQJz40cE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd378416937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4636884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRcONQlmiAZ1EsXnjo3LyNfoRsY0aolscgFD%2FP4H3WC1Nl0GKzxpR4uSDVYpHHjBiCn6Su2XtXuq8NFdrNUpvDX9cTW%2F9YmlsgzTKFiorYVec750Z16P34%2F2Q6QLTSH1rW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd378406937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
IP
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4636884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaupGsUMeZqYTsW7C45Jk06%2F8HZM0TRiA%2B9mld%2Fq9bsxR4NEfXf%2FzRLHKX20GbHLR9ICXrptrZBhCHGuH5xYpTfAVYNwOqKoRW%2BBpvYBG6wxMGiXrGCP61ROCB5ZUpgHR38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd378436937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
200 OK 46 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
IP
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Hash 0d687af39faa7241d1a584f1c3eec050
ccd68a2138d3da9c44c93a139a72fcd8fd750614
cdd30ab847b158f337faaca366647fa594365de0c63b58c9e8243dec575df329
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: image/png
content-length: 45627
last-modified: Tue, 01 Feb 2022 11:50:51 GMT
etag: "61f91e9b-b23b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4636884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmzTiAjhOjkTJf8cLr%2FfcHjxR1K52rWuUNn0si0y5S0NLiwUeC64%2F9IetNGiLVFzo%2FefMfV7O6M7pgGw93FZWbarvynnuZFqyVYfBABkCJ20wFsGqOG1q2M1lfD0exDR1zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd378466937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=41
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=41
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=41 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Cookie: u_pl=16997593; uid_id2=8ce00db9-352a-4a8e-939d-bbfe9108abfa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5237baae7578dfd1e5603cc55f8d0086=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 02:05:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash a0f884d959b986684bb199e29ea6c2af
91d2654bea2dd92ae95b844b32cc345d16c398b7
3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Mon, 26 Sep 2022 03:26:57 GMT
Date: Mon, 26 Sep 2022 02:05:50 GMT
Connection: keep-alive
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=129
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=129
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=129 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Cookie: u_pl=16997593; uid_id2=8ce00db9-352a-4a8e-939d-bbfe9108abfa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5237baae7578dfd1e5603cc55f8d0086=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 02:05:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=130
200 OK 0 B URL HTTP/1.1 interesteddeterminedeurope.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=130
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=130 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Cookie: u_pl=16997593; uid_id2=8ce00db9-352a-4a8e-939d-bbfe9108abfa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5237baae7578dfd1e5603cc55f8d0086=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 02:05:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Mon, 26 Sep 2022 02:05:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js
200 OK 317 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js
IP
Hash 4761ad2393202bfabef11ba0db779752
f67daa266767f3528ac554901f32ca9b43da00ff
92fdc96ed03a7abaff8750ca48f8f19cd769784927289cbd2544b9c642acf55c
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:50 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 227172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM6s8VcBxEVudyJ7ifwpK4sK1Noq8zN07pEgMiDgKxFJdlzvGT2hwtrLjfl0NzEOuSyfBEG%2Bpc12Gn7Ue8FWLX0GfUh30CvA0%2BvD3xxzwUqJ6wxsynnmqNSm5gSeTRsH10g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd408cb6937-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fflixhq.ru%2F
200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fflixhq.ru%2F
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fflixhq.ru%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://flixhq.ru/
last-modified: Mon, 26 Sep 2022 01:00:00 GMT
access-control-allow-origin: https://flixhq.ru
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 26 Sep 2022 02:05:50 GMT
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_9pia0
200 OK 79 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_9pia0
IP
File type ASCII text, with no line terminators
Hash 246b4fd8758a9dc430dc1e08124b026c
7596f6429eea2fc89dcd257e608cd2ce5a8cce50
95687a152ad7556f462590cc9ea1efca3e561477343f51bd957608c4d5055976
GET /v1/urls/count.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_9pia0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Mon, 26 Sep 2022 02:20:48 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6403005360886679
date: Mon, 26 Sep 2022 02:05:50 GMT
age: 2
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_4apg0
200 OK 72 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_4apg0
IP
File type ASCII text, with no line terminators
Hash 75f817bf1bf7188b48a431c20eb04417
5c1f329c1130a96b600a05f3028ee062846df0aa
9bf71c8238578ee3816b8c71af992a811849cba7c576f65a8c61a6b49bf9e0b5
GET /v1/urls/count.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=window._ate.cbs.rcb_4apg0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Mon, 26 Sep 2022 02:20:48 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 4297741030213359
date: Mon, 26 Sep 2022 02:05:50 GMT
age: 2
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_e50d0
200 OK 56 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_e50d0
IP
File type ASCII text, with no line terminators
Hash e754d2f131671828da125f917fe93d2a
792285eb9e47d62563ccd1d666f37f0697f180a3
806c88515bfb7641b2843fb835960e6b0dd6dfb89b192ba519aa46e6bd0ceea0
GET /url/shares.json?url=https%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_e50d0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: flixhq.ru/
last-modified: Mon, 26 Sep 2022 02:05:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 56
date: Mon, 26 Sep 2022 02:05:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_2gk70
200 OK 56 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_2gk70
IP
File type ASCII text, with no line terminators
Hash 18ed772a3a144373e4ac0682bb82ee15
b13f88c956372947c6714d41b9dae059e7b10d56
206eabd1bc04ced50612bd9ce28f10da337a2798df3b5c0538a604c9d991ffd8
GET /url/shares.json?url=http%3A%2F%2Fflixhq.ru%2F&callback=_ate.cbs.rcb_2gk70 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: flixhq.ru/
last-modified: Mon, 26 Sep 2022 02:05:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 56
date: Mon, 26 Sep 2022 02:05:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:50 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4636885
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQJjv9w1idSI7UBt6GYf%2F5YDkQBWaFUBmpvlluVvQatUCMgBOTi%2BZeL4M3PthGKrjdTKmI6o087dj56WyB3Pd9ZMx9HQkBq9sAxoQR3lgUO%2Bqxvfeq9B2qRVf8zn068pJjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd378476937-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
flixhq.ru/
200 OK 0 B IP
GET / HTTP/1.1
Host: flixhq.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-dynamic-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COphSfzHepCfqbWpwK3PYVPJb3s1GNQI6ejrBzQzUxv2Zcc3MuK1MqpZjT1CeFCn0NLVShs4QZQDbsOoUzlt40jI83m39Sxlq7TBXyP46s0uRR%2BE2dU%2FPPYg0Dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75086fc028cd1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s1.bunnycdn.ru/assets/template_3/style_4/min/all.css?6316f686
200 OK 0 B URL HTTP/2 s1.bunnycdn.ru/assets/template_3/style_4/min/all.css?6316f686
IP
GET /assets/template_3/style_4/min/all.css?6316f686 HTTP/1.1
Host: s1.bunnycdn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:47 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 07:31:29 GMT
vary: Accept-Encoding
etag: W/"6316f751-34c44"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1708254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1Jzvr2Ef0b%2BFlpnanbvWYKVZvwaLRpEwX7s9AA2jl3%2FZ6VlpTPLXwoWhIE95fqmoLbqGpamw27k0whxeCWa1UJ52UiXC27eOzwaaQWOg6C1IErMGFgeiCLNmTVeuBfHKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75086fc2ddc79966-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:48 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: df987956d740432bf66b0bfcfbd5e4e1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 02:05:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lL8mRIX9YNSQS9kemrHCnlSFF9TjnzXZDLUi%2F1rAvh7BpfdsTERf1Jw3%2Fc91m%2BiR%2Bij7OHudubCVuZq%2BL5XNS7UwdqIl4jQ7c1h0RNtefTsyZ4MLJCK7c0rdzw59uWFY%2FszshVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fc96c597278-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 227171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4fZy2%2B7%2FNEW11nkvOG0tjOwiH4SN%2Bcc0dMc2eY5ZOOOljPnxM3qYet9MgLdLushrdT%2BUgRhWyTYxdYIkuehMlMIud9o%2F1vv8rHihGL0HHC9jMZFwVA4yJI0OXf7moSfeHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd3582a6937-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 02:05:47 GMT
date: Mon, 26 Sep 2022 02:05:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:48 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 87b4e03b9638a749f46cfb9fe4783d30
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 02:05:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8HBPA2JdbQtRTaXM4D53EhavRviZlM42YKQfsvgERcaY0vaE9Fb7TmM6ZEXD7d69NiWjww1VTP0DydgYeRI7Rn8Cowolc6xeofhwam3Hv1ucd%2Fn2vBkUAmlUpB9l%2FDq%2FP7%2BqjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fc88a6eca60-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flixhq.ru
Connection: keep-alive
Referer: https://flixhq.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 02:05:49 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 13:22:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 912043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh9DSTshDRxe%2BGiFQB515ZgZyaz8GTevalGb%2FW%2Fd7aWUPYkn9RyV6B1lTyvBSVEcxh%2FjJRqnwqUkCc5GjGI4elsBwYhtDe88hZyvDztpcwXpCBp9jprTMteK%2F4o6Q%2FdYyYwRLQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75086fd29b170b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
172.67.191.164
104.21.234.233
23.36.77.32
52.29.95.124
151.101.84.84
93.184.220.29