Overview

URL web.fmovies.to/series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1
IP104.31.16.119
ASNCLOUDFLARENET
Location United States
Report completed2022-10-03 17:02:34 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-03 2 banquetunarmedgrater.com Sinkholed
2022-10-03 2 invaderannihilationperky.com Sinkholed
2022-10-03 2 precedentadministrator.com Sinkholed
2022-10-03 2 invaderannihilationperky.com Sinkholed
2022-10-03 2 banquetunarmedgrater.com Sinkholed
2022-10-03 2 unseenreport.com Sinkholed
2022-10-03 2 invaderannihilationperky.com Sinkholed
2022-10-03 2 unseenreport.com Sinkholed
2022-10-03 2 invaderannihilationperky.com Sinkholed
2022-10-03 2 unseenreport.com Sinkholed


Files

URL m.addthis.com/live/red_lojson/300lo.json?si=633b15a2c7b7aaeb&bkl=0&bl=1&pdt (...)
IP  23.38.200.123
Magic gzip compressed data, max compression\012- data
Size 750
MD5 ce1c553866522aa81efba2d00324ed3a
SHA1 49575e29f8466e1decf9a5c284d97f0744dc6dd7
SHA256 43cd8271c80d1675d44d5cc72ec3e8117dfc5d1f5bca0dcdb837e0b41a49bd18
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (42)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-10-03 17:02:25 UTC 172.64.105.16 Unknown ranking
mnemonic passive DNS cdn.sb4you1.com (4) 22321 2021-09-16 11:26:58 UTC 2022-10-03 17:02:27 UTC 172.64.200.2
mnemonic passive DNS m.addthis.com (1) 1448 2013-11-06 20:12:22 UTC 2022-10-03 10:09:01 UTC 23.38.200.123
mnemonic passive DNS a.disquscdn.com (1) 8084 2013-07-25 23:55:56 UTC 2022-10-03 13:31:57 UTC 151.101.86.49
mnemonic passive DNS web.fmovies.to (2) 0 2022-09-28 15:36:58 UTC 2022-10-03 14:53:02 UTC 104.31.16.10 Domain (fmovies.to) ranked at: 77557
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 14:54:54 UTC 143.204.55.36
mnemonic passive DNS banquetunarmedgrater.com (2) 0 2022-08-04 15:12:50 UTC 2022-10-03 17:02:25 UTC 173.233.137.44 Unknown ranking
mnemonic passive DNS api-public.addthis.com (3) 4111 2012-05-21 13:44:35 UTC 2022-10-03 06:11:50 UTC 23.38.200.123
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS likedstring.com (2) 0 2022-03-08 13:59:21 UTC 2022-10-03 17:02:24 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS fmoviescomment.disqus.com (1) 317254 2017-06-10 13:14:02 UTC 2022-10-03 17:02:25 UTC 151.101.84.134
mnemonic passive DNS invaderannihilationperky.com (4) 0 2022-09-20 14:08:34 UTC 2022-10-03 16:46:50 UTC 173.233.139.164 Unknown ranking
mnemonic passive DNS referrer.disqus.com (1) 6065 2014-02-25 00:54:56 UTC 2022-10-03 06:00:08 UTC 151.101.84.134
mnemonic passive DNS widgets.pinterest.com (2) 6540 2013-04-10 10:19:37 UTC 2022-10-03 07:04:40 UTC 151.101.84.84
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-10-03 17:02:26 UTC 172.67.74.218
mnemonic passive DNS e1.o.lencr.org (11) 6159 2021-08-20 07:36:30 UTC 2022-10-03 09:30:40 UTC 23.36.76.226
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-03 14:59:45 UTC 142.250.74.42
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS precedentadministrator.com (1) 0 2022-09-19 02:40:19 UTC 2022-10-03 12:21:53 UTC 173.233.137.36 Unknown ranking
mnemonic passive DNS disqus.com (3) 1759 2012-05-21 07:51:22 UTC 2022-10-03 06:00:08 UTC 151.101.64.134
mnemonic passive DNS realtime.services.disqus.com (1) 7694 2012-05-26 09:36:22 UTC 2022-10-03 17:02:28 UTC 54.227.133.51
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-10-03 17:02:25 UTC 172.64.133.22
mnemonic passive DNS r3.o.lencr.org (11) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS static.bunnycdn.ru (11) 59581 2021-01-04 08:11:49 UTC 2022-10-03 17:02:23 UTC 172.64.110.21
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-03 14:22:39 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-03 13:17:20 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 35.81.125.88
mnemonic passive DNS web.fmovies.to (2) 0 2022-09-28 15:36:58 UTC 2022-10-03 14:53:02 UTC 104.31.16.119 Domain (fmovies.to) ranked at: 77557
mnemonic passive DNS unseenreport.com (3) 0 2022-03-30 14:33:17 UTC 2022-10-03 17:02:27 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS vidstream.pro (1) 104658 2016-11-18 16:24:28 UTC 2022-10-03 17:02:25 UTC 104.21.86.173
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS cdnjs.cloudflare.com (7) 235 2020-10-20 10:17:36 UTC 2022-10-03 09:28:27 UTC 104.17.25.14
mnemonic passive DNS simplewebanalysis.com (4) 0 2022-02-25 04:06:25 UTC 2022-10-03 12:02:47 UTC 52.29.95.124 Unknown ranking
mnemonic passive DNS s7.addthis.com (4) 1504 2012-05-21 03:34:04 UTC 2022-10-03 09:38:09 UTC 23.38.200.123
mnemonic passive DNS z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-10-03 09:38:09 UTC 95.101.172.146
mnemonic passive DNS v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-10-03 09:38:09 UTC 23.38.200.123
mnemonic passive DNS whos.amung.us (1) 12687 2014-04-02 14:27:13 UTC 2022-10-03 09:41:30 UTC 172.67.8.141
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.35
mnemonic passive DNS s1.bunnycdn.ru (3) 83516 2021-01-04 18:16:53 UTC 2022-10-03 17:02:23 UTC 172.64.110.21
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-03 14:22:41 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS c.disquscdn.com (9) 3983 2017-02-11 02:19:07 UTC 2022-10-03 13:31:57 UTC 143.204.55.72


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.31.16.119

Date UQ / IDS / BL URL IP
2022-12-06 03:07:02 +0000
0 - 0 - 3 104.31.16.119/ 104.31.16.119
2022-12-06 00:48:52 +0000
0 - 0 - 7 putlocker.digital/ 104.31.16.119
2022-12-02 08:47:58 +0000
0 - 0 - 13 putlocker.digital/ 104.31.16.119
2022-12-01 00:48:50 +0000
0 - 0 - 13 putlocker.digital/ 104.31.16.119
2022-11-27 09:45:59 +0000
0 - 0 - 17 fmovies.to/movie/homunculus-20352/1-full 104.31.16.119

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 01:44:33 +0000
0 - 0 - 1 chicagowindandsolar.com/lolz/OneDrv/7df5ffaa7 (...) 188.114.97.1
2022-12-09 01:43:52 +0000
0 - 0 - 4 www.coinbase-trademax.com/ 172.67.178.137
2022-12-09 01:42:49 +0000
0 - 0 - 0 boi9osyg1uwtyafn.com 104.16.229.42
2022-12-09 01:38:52 +0000
0 - 0 - 2 cba-login.info/a1b2c3/4e6f0f00198e5764378978e (...) 104.21.38.23
2022-12-09 01:38:36 +0000
0 - 0 - 1 cba-login.info/a1b2c3/4e6f0f00198e5764378978e (...) 104.21.38.23

Last 5 reports on domain: fmovies.to

Date UQ / IDS / BL URL IP
2022-11-27 09:45:59 +0000
0 - 0 - 17 fmovies.to/movie/homunculus-20352/1-full 104.31.16.119
2022-11-26 03:58:30 +0000
0 - 0 - 16 fmovies.to/movie/work-it-qnrz5/1-full 104.31.16.119
2022-11-24 08:42:31 +0000
0 - 0 - 11 fmovies.to/ 104.31.16.119
2022-11-20 08:41:41 +0000
0 - 0 - 9 fmovies.to/ 104.31.16.10
2022-11-19 07:31:45 +0000
0 - 0 - 12 fmovies.to/ 104.31.16.119

No other reports with similar screenshot



JavaScript

Executed Scripts (35)


Executed Evals (2)

#1 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

#2 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 346, repeated: 1) - SHA256: 963461f4deff4c2acfbd14a9c4d0d2a17f7912cd7369d27d848d5fbf7b1d99b4

                                        < !DOCTYPE html >
    < html lang = "en" >
    < head >
    < meta charset = "utf-8" >
    < title > Disqus Realtime Notification < /title> < /head> < body >
    < link rel = "stylesheet"
href = "https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css" >
    < div class = "north"
id = "message" > - < /div> < /body> < /html>
                                    

#2 JavaScript::Write (size: 346, repeated: 1) - SHA256: 049baf67d9a9a73f299a33f9587df1ed129213616e256878e9723db3dc1f09d7

                                        < !DOCTYPE html >
    < html lang = "en" >
    < head >
    < meta charset = "utf-8" >
    < title > Disqus Realtime Notification < /title> < /head> < body >
    < link rel = "stylesheet"
href = "https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css" >
    < div class = "south"
id = "message" > - < /div> < /body> < /html>
                                    


HTTP Transactions (122)


Request Response
                                        
                                            GET /series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1 HTTP/1.1 
Host: web.fmovies.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.31.16.10
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 17:02:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://web.fmovies.to/series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1
X-Frame-Options: SAMEORIGIN
X-Dynamic-Cache: MISS
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Adbz7olYgSHDuLVYQXp0AXc4XkOuJHM7pAdgF7gLtGhIJQbvUHVre8umlOk6OR7ISBiuW3H7pdQT67%2B%2B4YVxbOvKJOZxSDz4yWXWlywUcUnTNu2PYD6Tk56boy%2B5BMUOOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75473ec38b52b529-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 16:16:53 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KgkhEI_WyoG1lpADcxqD_cLRd-2CuvykMWnzc9NWlOxPJwOzpsbV2A==
Age: 2730


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8766
Expires: Mon, 03 Oct 2022 19:28:29 GMT
Date: Mon, 03 Oct 2022 17:02:23 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7JTFiB_r1mr6km2NABaWhpx3zTTFtT4z9zgVbqChN6e_wc2ZKz3hXg==
age: 41636
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 392209
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn85Ec6kBQSQnBtSjtTf74LBkd%2B0j3dKYyYNAjK1VFjIyw%2BvxOWmdmEf%2BLGjYCvv1W3cPZLNLRrdhvknYWGk%2F2vKIJmjskzTYtKi1rYkWVAYaQKKZ492gtYNl%2Ftnlb7HgIrnvY9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d93bb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59119)
Size:   10462
Md5:    14e1692fd4263ccfea0b84299bdbf1f5
Sha1:   7783020a9ced5f32c8d38205357c7d10798be1fd
Sha256: 8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
                                        
                                            GET /ajax/libs/lazysizes/5.1.1/lazysizes.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 2950
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed0-1b91"
last-modified: Mon, 04 May 2020 16:12:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3533130
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUl1PnrNlhfMTmdgs0s9VIHCqx2BsHWZt9wUmK2i0JsDXXKjMo2ExMlLmLVzv%2BWZew0fK0CyZrtjUjMlmXfRom8OeTKLc4EU45%2BaVo33sb0zItj3s2lTuaDcx3OOICcL84K%2FKe2P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d93cb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7031)
Size:   2950
Md5:    379c5aa33e89ac9f77eb76b172a90412
Sha1:   cf0ec5f99553b412715a023f8f645eb8366cc254
Sha256: a859d73a0cab8a91abb9abcb384c6e495dee74176769927affef9a1d53a295b0
                                        
                                            GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 928945
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1xKnOwRBGtvmN%2BqkEtLLCYXosyQkzUixvnJ15OVZgK%2B6V4jK1debIA3HNyyg%2FWphdk15mYsIVJj7pxy0jQwU00Lo9W5H%2FJ22o0fiIliX1n60IGazkLIR7SnFFoef7SfjwIQv4j1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d93eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   30360
Md5:    5e4764d3c94d1a1db8c3d0890278b6d1
Sha1:   e5171f2f46e16d32df5f634ba21e47256fa9689c
Sha256: 5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
                                        
                                            GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 438109
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJUjWI2SaLpAtLAuZAVwn2w7BR8CXrk60sm65nzqm0QfzjDYA5qUCq5IRu8kXoIqWZyY4AWPQSi%2FHmakOT4stXMw%2BrIhwWcVlRaWLnqDeXsXhojmkKVlUZqoV3jDdYR2Wmg%2FaSc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d93fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20164)
Size:   6451
Md5:    ae393ccddfcfe335c9b29ee90aaf72cb
Sha1:   6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81
Sha256: 75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8
                                        
                                            GET /ajax/libs/Swiper/5.4.5/js/swiper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 31065
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee8d6b2-22681"
last-modified: Tue, 16 Jun 2020 14:26:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 437581
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2B%2BLJl6gAtrpVsT86FnSxLMNkKMQjcTnV8DLeoo0FC%2FaGt33ZejWKjtjKBmN4T%2BAdATlX8DWo6e4yftCv1dMqM7u4Ytk7NHZpvqbanuaQJ7%2FTnTV9BKJ%2BiNgE%2BIlEpt%2FQ6dUsIeC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d948b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65284)
Size:   31065
Md5:    8d255819531e4eb28f976ecb6d44fe7f
Sha1:   e51e978dcd68d86f3c1b6f66cdef9e9d9cfebd43
Sha256: 085e2837521f81d399f348392214b014fcc7f66354fbcb0e5a16ff29a96a074d
                                        
                                            GET /ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 13080
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ebae359-eb0e"
last-modified: Tue, 12 May 2020 17:56:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7860145
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdFwF%2FgoSD3xpGr8gSj1ZGkOyfQrgscWO4mySGXSDL1TJqPl%2Bw0GI6TVUYz1Z7bdrIMqCBhfaMuEStF%2FMcGo2w5uozR9iSHNu441y%2FR%2FjgwI4BZDSdNw5NN3gVy6tzcxSd%2F%2Ftr53"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d942b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59893)
Size:   13080
Md5:    4fab1eec96fa73ae05128112e3ef4cb6
Sha1:   3d774010eabc43e0fbc017e334d600932fbf0533
Sha256: 77484c7905037ef72fbe72f5c659f09a94928daf091971a646e45de3aacc45a3
                                        
                                            GET /ajax/libs/Swiper/5.4.5/css/swiper.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
content-length: 3573
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ee8d6b2-356d"
last-modified: Tue, 16 Jun 2020 14:26:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1200010
expires: Sat, 23 Sep 2023 17:02:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT7mBnsN9wefTYMGTiOe%2B8p74NdCTJ%2BkzGOWjHg1Ag0TKzCFyFCTjKfKUfLrN4Y2ygSDhzkmQiD2jDb1QHebzdntMhv4sJXlGluavHgUEKBeBEsNsxYDKCl0uhNgd4C6FX6OXKR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75473ec7d949b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13425)
Size:   3573
Md5:    ff318a74709abdc0c85e4bdb08fda57e
Sha1:   f29fc2b12719f5e79999e279a6d45bc495564185
Sha256: 36618ab26e321bad4832e98ad4dfe5b43a2ce7a4de672b4e9b65a0a1ea6e275d
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "69C2A643117BC76FD262EF0FB5B47F78CB40177A6C7B6D5B47A3B03D557EB20A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19105
Expires: Mon, 03 Oct 2022 22:20:49 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "69C2A643117BC76FD262EF0FB5B47F78CB40177A6C7B6D5B47A3B03D557EB20A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19105
Expires: Mon, 03 Oct 2022 22:20:49 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "69C2A643117BC76FD262EF0FB5B47F78CB40177A6C7B6D5B47A3B03D557EB20A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19105
Expires: Mon, 03 Oct 2022 22:20:49 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "69C2A643117BC76FD262EF0FB5B47F78CB40177A6C7B6D5B47A3B03D557EB20A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19105
Expires: Mon, 03 Oct 2022 22:20:49 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/sites/fmovies/logo2.png HTTP/1.1 
Host: s1.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 26342
last-modified: Thu, 09 Dec 2021 17:26:02 GMT
etag: "61b23c2a-66e6"
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1031629
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmHDKhMHP0I4PdJx7SkLd%2BFvsGOq49IjMy1wfPeYKARgfnub1j4XRzpqY48wct80QMhmJnOr9vENRpUHkOPCtfRIHYKPkyV7EBBV7JegXAwTTm9a4wLvCjOVAROvEetQKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec89dcd7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1001 x 291, 8-bit/color RGBA, non-interlaced\012- data
Size:   26342
Md5:    d14b4cbde80b54529c02538721faffac
Sha1:   0d6affd7e8ab13d540441f43acc5f39e9117be99
Sha256: 4118295c5f50a00242515e5417ba7f7b8fd3c483e8d096d032ace4947fdb9af3
                                        
                                            GET /i/cache/images/2/22/223df179010d0f6b8e270f2f8b63e4ae.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 11254
last-modified: Thu, 16 Jul 2020 21:41:34 GMT
etag: W/"5f10c98e-867b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1027498
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7VStSFFQ87vE4dbHS0d9FzE9rd7VZqP5f%2FrhG55vk7HLa%2F%2Fhk%2BqVt7olxj8xDPPQRUkr2QyIdRNisCRpydANLmOBO%2Ba%2FLUyeEL2IL0vs0QiHHDSWGEdwRkamsmPTfnpnJ3RRpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de617713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   11254
Md5:    49d9f03fc6c73bc973aa1267ec182c37
Sha1:   24b57719dcd67a7c525d18bec7f863ba3d7e501b
Sha256: 37e8f5a83de2eaa023106481a0424703461a8a2772c5a13e0d8334d61a65d088
                                        
                                            GET /i/cache/images/2020/07/5370a806cd0b9ff52f19a4cafc80f1f8.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 11324
last-modified: Fri, 17 Jul 2020 15:17:30 GMT
etag: W/"5f11c10a-c0b5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 982683
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7MAXsr7vSmzlfOy7%2F%2BsQXnmYcub59dZLEXJSpvcBIPoIOCOe4yfFq%2BJlerWlQGhmccAOkTvxDkewHG5U0xHFE20jywnkXikaCHS6y%2FVSoae%2FkI6FQefhbrkS1Ll0%2FyLtoREBiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de5e7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   11324
Md5:    aa967052c6f75ff4bb8e2c8a7c455d06
Sha1:   cce37d0370fc5c22a63c28f7efeef702557c6984
Sha256: 9497ae3ec708d3b752640464c448d81a5bd10e688f10c5b0040813ba458bc222
                                        
                                            GET /i/cache/images/2/2d/2ddfdd56cb28f390b47d31eddd055f2d.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 15046
last-modified: Mon, 05 Jul 2021 06:59:21 GMT
etag: W/"60e2adc9-f402"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 983270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCXAps%2FwBks0aAN01ne76aaxQt5ERWOU7%2BsjYvMCkIkgX9eqrcvPv0QNlzs7RDqP65aYp4%2FVC6Vim%2BY21LSFsJT4Ejc6LKupHubfqtY%2FVhftRe%2ByPeoDpTWojCYZxDIRnQ58JHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de647713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   15046
Md5:    ba2dfb6a128283432c5d9946084ca2f8
Sha1:   ebe7d39f7e795ddf718789e53cfe5a437cf7df55
Sha256: baee4ebdcad17942c3790883e77f6879c3d8d942ca8ffe089f383931b501a100
                                        
                                            GET /i/cache/images/b/be/be0896814dd02320effe96b60f70b974.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 7949
last-modified: Thu, 01 Jul 2021 09:26:17 GMT
etag: W/"60dd8a39-82d8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 984915
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRXvfUFZXuca%2Bc44Peq1RHj9eCuoMGKY0Z4zPmtvuE2lLnEFUSG3SAr5UDlie0RcHzJDgHSQt34WVF8ZU4y0UbmlThpJkiu%2Bzgqlq4p511G6Lzab23JKaYYjgYZLxnypOtrJGBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de637713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   7949
Md5:    0789b5446c5f2119d312d8a2adaf7a80
Sha1:   b602efb2a734458b8bd8808f7fa76e74259ba11d
Sha256: 6d141bb1de79821767bb9011e6d75a03403db836fd7e9f642430ef5309ee823b
                                        
                                            GET /i/cache/images/8/83/83ddc8d384cdc0c694d750c9d55e988f.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 9967
last-modified: Thu, 16 Jul 2020 22:05:17 GMT
etag: W/"5f10cf1d-b291"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 980762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSmpxFDv434fa82cRTvdR6OoDvImRAkS%2Fyc19sQwITaSj7vq8MKn0y9epZdE%2FInH4YX1L8SLXIW%2B63PfCMZAERRLlvSbz0SMA2X%2BtpwoFNEqwxspiL14avxE1huisss2tWrJucY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de5d7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   9967
Md5:    a1ec31f612434fe7b67cd23cf389be2b
Sha1:   8d235080040c8e061f5f1a344d142a1b186c08d3
Sha256: 4cc0f3d8834012cd3873509f718dbbdabc52d5a1196065a26203e66f85c3371b
                                        
                                            GET /i/cache/images/9/94/9435c9fdcec13897d7374cf0a3ff903e.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 14148
last-modified: Thu, 13 May 2021 08:49:49 GMT
etag: W/"609ce82d-f8a2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1015390
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eam%2B8IuIx5iuYQvF3e29EebgnBtGY76m1HtfYhOJX2fO5ec2BDh8m5kVfip1Q4JLCWNYfzzRp4oGvyyXB5CKN%2Bst9pUibKrN22EX%2Blb3Rb63U1F0nZ7PdvA7nYEPulXw1eGivdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8de607713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   14148
Md5:    1742dd151d8cbd42cfc8a94f70e17977
Sha1:   70e6ecd3c8c504c19c12cc34f90574283c0284b1
Sha256: 07c3fee0fe043cbaf9b1e256a5e39fe265870fe1c80206de3766fb7513d09acc
                                        
                                            GET /i/cache/images/0/07/07f7b2e2948fd6f1120a8438e0f1bcf4.jpg-w380 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 41491
last-modified: Thu, 15 Sep 2022 08:08:35 GMT
etag: W/"6322dd83-ddaf"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1521762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTyObBQryKsjmekmHjwVjNLMmxQZEzO6ZvwzewYy7wAye0rWJDmRbxpAavn2nyb24%2BCYtklAawrTfU0%2F2VBS6Gh3ZhkjS3yea5oa8s2jf8nDurLgCaM8ppeq91As7GTkx4wLZg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8ee7f7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 380x551, components 3\012- data
Size:   41491
Md5:    ced2301e9cf1f152f0d669bd13e39260
Sha1:   fe9f528e37e7269ff560d1bc89850d835bdae723
Sha256: 441eb2e3db81071871ab3df1a521f2d25ed815e9f24a91794b3394cfc1d94add
                                        
                                            GET /i/cache/images/e/eb/eb200412bbfbc388ee6bc95701890648.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 12715
last-modified: Thu, 16 Jul 2020 22:14:41 GMT
etag: W/"5f10d151-c972"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 450115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQPoQp1kFp1%2FEJu1KKzHh0djHOiJTe1sA%2BbxYMVz38UMToqaJeaFOhEAbg4FQvT7zUspUt8Zy1floNYGDhrnZLK83WWfhi6RnoOA6q3w5c5jMv28Bcaf0aeU7lG%2BPSvHSp986f8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8ee8c7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   12715
Md5:    ca6b7b03f022c807426701490c0a698e
Sha1:   9692f237bdcea4fb866987bee47cf41fecdbbf11
Sha256: 1a83e70474dcc0215781351c6129ea2191b4356e1146e3a6165be4dfcf0e5bbe
                                        
                                            GET /i/cache/images/c/c6/c68b780795f0c1956243d3298761e4c3.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 14870
last-modified: Thu, 16 Jul 2020 21:32:18 GMT
etag: W/"5f10c762-bdb0"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 18762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ui3BU2I96RnPyH28%2F8kut2vdxcnq%2FvKTwXrc05l%2FuCcg%2FuJeIn0WQrI7MpA1s7PVGYisbrUMksksCKqWgyv27%2BqpiUmaVnlDTCy87%2F0GScV9Zu2dSeDck8eVo%2BIokMrNlDlkl4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8febc7713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   14870
Md5:    9204c534be650c74d37ff46f73a675ac
Sha1:   970d2066a71030a98b4bc0d04af61d0e4c908762
Sha256: 58e49cb30b0d2b21147021263eec1ac41b4477078d83985673911c98b3ec7f50
                                        
                                            GET /i/cache/images/f/f3/f34eb772fffad82cd6adc610ba30f2c9.jpg-w180 HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 7347
last-modified: Thu, 16 Jul 2020 22:17:54 GMT
etag: W/"5f10d212-7680"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 969696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9yihNTWdPZQt6L6cjaWkgG6IJUxm%2FIl1sl72VYxv6Q3XO3e6xxMFl5FpPvM82C2hP%2BMz6J5HXCj7bE1ZpU287gSFVNqUInmqiDTfBxhuGVQfXXAjj%2Bu2bK7WFVdXe0gP6LghtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec8fec97713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 180x261, components 3\012- data
Size:   7347
Md5:    cd081660c826a1596550a37f78b89b98
Sha1:   aaf08466c78deaf59813895313d6cfef5d89dc3a
Sha256: bc476c6b4f5c2f50737fd76d75c8dff7f55ae4647644cb1c6fed6dd8ae152cf2
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "69C2A643117BC76FD262EF0FB5B47F78CB40177A6C7B6D5B47A3B03D557EB20A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19105
Expires: Mon, 03 Oct 2022 22:20:49 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/cache/images/0/08/08e09a88c0a9eeac80d6326952b9f432.jpg HTTP/1.1 
Host: static.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
content-length: 236483
last-modified: Fri, 16 Sep 2022 00:02:35 GMT
etag: "6323bd1b-39bc3"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1521762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGZ0H8%2FztQOeslBr7bH4RxOWXJhcY%2B%2BtnWueggNXGJ%2B%2B6LdTOdaSi1JEYymG2RFELt7fjfvLorYua4Ge%2BMN7Ffb21VEkAlxwK8CjQ89Lw9lL7LCSnz3hX%2FTniox93C19bqQtIdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ec96fa77713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 2048x1152, components 3\012- data
Size:   236483
Md5:    6c757a65d67126fa253ec9c6298bcad3
Sha1:   f7a3bb301d2ef64500df2962b994f79bd52cf81f
Sha256: fb155023eca5398dce7279b5626cfd3c696a042c8a187e4aa1f6a43980cbcf04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 422896
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /assets/template_1/min/all.js?6316f61f HTTP/1.1 
Host: s1.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
last-modified: Tue, 06 Sep 2022 07:31:29 GMT
vary: Accept-Encoding
etag: W/"6316f751-2e408"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2367043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR2F4emALStgJ26zMabHUU0OppqRvXxg6%2FC9fLZ6reROCyKITvKJqz46b7QaLzXIfgRq6QLfvtTyjbI%2BnwdXG%2FBoLuoIIMdgno1OfyPppCZMVLeYtS1OYtYLY3tlo9MpEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75473ec8fecc7713-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   94765
Md5:    77254362b044046c7c48856bf30f110e
Sha1:   7c4afd3253beaf83f925b43912c6752039a53975
Sha256: 8a90b06b48e9219201ac5ac221c7753ba9f371c58c49be523439b349ebbe9550
                                        
                                            GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 17:02:24 GMT
date: Mon, 03 Oct 2022 17:02:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16682
Md5:    93d007d96b9df0de73d9847ad0c7befd
Sha1:   73a7680ccf07def626ca4dd106b56d34427e1f1d
Sha256: eb24a11fede0c6577d062cd50ab32022d10c098cc1322684e96a0d5e5db19b9c
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 142244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:21 GMT
expires: Thu, 28 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 422883
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:40:23 GMT
expires: Thu, 28 Sep 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 422521
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 16:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 16:58:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z-xc98NXl5UT7Z9m2oZSlCDQh3-6UdE1En3ftkIPO_Bl_wemvc7OUg==
Age: 1971


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AA72494559751DB356657BAF881CAB2DA239EF3442F6960B0FC099A78CE8483F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Mon, 03 Oct 2022 18:01:47 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AA72494559751DB356657BAF881CAB2DA239EF3442F6960B0FC099A78CE8483F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Mon, 03 Oct 2022 18:38:35 GMT
Date: Mon, 03 Oct 2022 17:02:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5906
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:02:24 GMT
Last-Modified: Mon, 03 Oct 2022 15:23:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /34/f6/19/34f619fc95f965634d1a4e95a243ed28.js HTTP/1.1 
Host: likedstring.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Mon, 03 Oct 2022 17:02:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5e4792d8b5848147de647475120ad26
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32122), with no line terminators
Size:   10739
Md5:    d901b4423570102cfb2bf95827d865c0
Sha1:   866aef4cb2744a136c89c337f29ec72b2cc2c12f
Sha256: 50a5e932c8c55d274e9eea550924e5989596fd59822d0a2b8fb422f9cc4e1537
                                        
                                            GET /53/51/18/53511865558f5e0bb6aa425146e36740.js HTTP/1.1 
Host: likedstring.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Mon, 03 Oct 2022 17:02:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 324f1979794ca271b71975add2f32e1b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59392), with no line terminators
Size:   20328
Md5:    b43bc28ce5796f1eccc79f48ccde2327
Sha1:   a8c5905f096724e12c796d6405451ac216c0decd
Sha256: 7146686b1ed7613c59709013c35c6976aec92dd16df92a01c42918662486eda1
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +VK3bvOVgeSwUl3TLVx+Dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.81.125.88
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0HSFE1qp7EQzWU3dWKWBqOOgGBM=

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CD212B572AB47332DB014243791147CF29AD81235A987BB40D528924230327E0"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3687
Expires: Mon, 03 Oct 2022 18:03:52 GMT
Date: Mon, 03 Oct 2022 17:02:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:02:25 GMT
Last-Modified: Mon, 03 Oct 2022 15:50:39 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ViK87KLlH0eOhFPOVh51DcvQqQa5LMQpp90tRUujbrckXJTJsIGIpA==
Age: 4306

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:02:25 GMT
Last-Modified: Mon, 03 Oct 2022 15:19:13 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7eu_PKZgShCQXKEkaBWLcZLkMMmOAYYX4LSOB3reyz7dY2Ona6m47g==
Age: 6192

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:25 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://web.fmovies.to
access-control-allow-credentials: true
set-cookie: uid_id2=6ba6791d-f306-4d0a-8d8c-5ca2ed15c3e0:1:1; expires=Thu, 30 Sep 2032 17:02:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    aa7d6487597f11aeae9365d90846dba4
Sha1:   aee62ce4146820fc4365c57969d898074f9b5cf1
Sha256: ecab4b4001235d234eb68d63301c63c3e4b65689b76eb27482a9a7854ae9666c
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:25 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://web.fmovies.to
access-control-allow-credentials: true
set-cookie: uid_id2=10c2fe1f-7b15-4cdf-8533-784a5e446dec:3:1; expires=Thu, 30 Sep 2032 17:02:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    a15f3dc4d283d3eb03392a7c30412fff
Sha1:   a6e9f1b051d084f5f7acff95f5b22260db2d3bff
Sha256: c36acbdcd5ab783d5cac3e86c4f5b06d8fe3df0b652d58d9095b51b09c965511
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CD212B572AB47332DB014243791147CF29AD81235A987BB40D528924230327E0"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3687
Expires: Mon, 03 Oct 2022 18:03:52 GMT
Date: Mon, 03 Oct 2022 17:02:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7471613B5EFD78239E215EFB00198B3D11FFDB7130140B42C07233FC1C881DCA"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12438
Expires: Mon, 03 Oct 2022 20:29:43 GMT
Date: Mon, 03 Oct 2022 17:02:25 GMT
Connection: keep-alive

                                        
                                            GET /series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1 HTTP/1.1 
Host: web.fmovies.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.31.16.119
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:23 GMT
x-frame-options: SAMEORIGIN
x-dynamic-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMHNEupnwL8X2QV%2FU9jjrcNK9iqLpnY8Eb%2Bdmhtn40UF9XDrMKa1JYbm%2Fa%2BUZ7%2F94p2%2FCviTULyp0MBLSbbB%2BEBXKGX61N3P%2F71wBp%2FVzEd0uJ0akiCCW8tjBLXAhVhpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75473ec5993cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31705), with no line terminators
Size:   6949
Md5:    aea30eb7dc6493f576389bb96514c636
Sha1:   18106c1fe01923e4e50205cc4d66ee6456f74fc5
Sha256: 2f45e61bc5796035b688e420ffaf52842cd5089877f38afb0dadf8e141cedb38
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0A3E7473A6467CA59E3AADB9D1AC2BEC7C88740F45E8C8CBFAF856E55F62C50A"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7366
Expires: Mon, 03 Oct 2022 19:05:12 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5036
Expires: Mon, 03 Oct 2022 18:26:22 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5036
Expires: Mon, 03 Oct 2022 18:26:22 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5036
Expires: Mon, 03 Oct 2022 18:26:22 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vidstream.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 02:16:22 GMT
expires: Sun, 01 Oct 2023 02:16:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 225964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   33507
Md5:    103708790db3586027df27ded660f8ef
Sha1:   d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
Sha256: fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidstream.pro
Connection: keep-alive
Referer: https://vidstream.pro/
Cookie: uid_id2=10c2fe1f-7b15-4cdf-8533-784a5e446dec:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:26 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidstream.pro
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    a15f3dc4d283d3eb03392a7c30412fff
Sha1:   a6e9f1b051d084f5f7acff95f5b22260db2d3bff
Sha256: c36acbdcd5ab783d5cac3e86c4f5b06d8fe3df0b652d58d9095b51b09c965511
                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.105.16
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:25 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 29f580b46c567d143ba1c2331b23bc2e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 03 Oct 2022 17:02:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjgN4XMbdcPaS50Rj3atMj4cTOvdG2vyjf6anzM4WLCvem36jjpP2VcRIe1Zz3zzMrGHlAXZQTyh%2BnmY08uiXHeVjPGYk3cl3VDYxcWYImBSBx4l7lL1HN2tcoy7Y0xFD3s0ytU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ed03dc1d180-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   35277
Md5:    51aa44acde492334c2f6b6c7d2749cc0
Sha1:   4a36f0f5a2fa9e04e3641ce2d95375458d1c14ec
Sha256: f089bb8b503f64992163dbcf0226dbf712fe97b49b169b2fd75e6e476d1c5d6a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 44375
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23348
Md5:    b4f65eb2a8aec7d36f1671adb5b2e083
Sha1:   f8cc96600c113ea7204e7dd18b615aa802d86e1b
Sha256: 52e35e99eee92cfa08f9df2f37e4ce2245a8c81d21f34cc855221f64155cbadb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 69419
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 74896
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 69463
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   51626
Md5:    de5e689ed3e2abe51885f12749ecdac6
Sha1:   d4ec7c1f9001a31d0d0a3774517591e4b10f62c4
Sha256: bd8f909713cc75f0c880f7d8f344894eb6878645a8e83531b4cb5a5874fc0fb6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UnHrBSOKrX4XRjDOtvi6MEMUF9BgrHqn4_2zFpaaKh4X3e-lFzA-2A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:03:43 GMT
age: 86323
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   92494
Md5:    81b9d150b563f6b6fd7e79100b71ff05
Sha1:   158b889c348cc9b50993ee4eedd00f0bba3fc6eb
Sha256: 721492ad2d86badb56468eae3b7ec3998e112c090e568f2dbea11c05a751fdd6
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Mon, 03 Oct 2022 17:02:26 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116423
Md5:    d5b9b7a3accd3b7b7de639c072ae3ee2
Sha1:   9583b5c046d78af5c6379d844219f828aa2222d0
Sha256: 648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1E8183659C0AECA681E6C4B374FA41F98FDEFC402C670A77114C5DDAABEB65C1"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8835
Expires: Mon, 03 Oct 2022 19:29:41 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 100cea618dfbfc7a268699a3fa7dc354
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /embed.js HTTP/1.1 
Host: fmoviescomment.disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.134
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 25379
Server: openresty
X-Service: router
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 17:02:26 GMT
Age: 23
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect


--- Additional Info ---
Magic:  ASCII text, with very long lines (32091)
Size:   25379
Md5:    61e60806e3fc3e6b42f18d62ba82d04a
Sha1:   d7ea55c663129ccf4b502780f8a7fc44403e5415
Sha256: 68f69756419a6d25dc2ee72d48b80b0ba99613bb711ac708364e6211ecf62858
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7942C8AC4AC4238450342A6B062E8DDB2F7611F55E4AF066622397BEAC6B8022"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13762
Expires: Mon, 03 Oct 2022 20:51:48 GMT
Date: Mon, 03 Oct 2022 17:02:26 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=34f619fc95f965634d1a4e95a243ed28 HTTP/1.1 
Host: invaderannihilationperky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.139.164
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://web.fmovies.to
Access-Control-Allow-Origin: https://web.fmovies.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16995613; expires=Tue, 04 Oct 2022 17:02:26 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 04 Oct 2022 17:02:26 GMT; secure; SameSite=None uncs=1; expires=Tue, 04 Oct 2022 17:02:26 GMT; secure; SameSite=None pdhtkv29=true; expires=Tue, 04 Oct 2022 17:02:26 GMT; secure; SameSite=None uncs29=1; expires=Tue, 04 Oct 2022 17:02:26 GMT; secure; SameSite=None slec34f619fc95f965634d1a4e95a243ed28=[3364903]; expires=Mon, 03 Oct 2022 17:02:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae992cc607ed585c7d85211c2270d627
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5593), with no line terminators
Size:   3214
Md5:    d17942cd5dbcc0ad9a503065cc47ac8d
Sha1:   ec5d37ccd8566ad5950ea869acc90636c3e6c46e
Sha256: e60e7ac2ac6b32dbabbe37bfd5eac929a21c030c17d27e8dd6cf0ad603469947

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=3&rd=21&fd=36&bv=22.8.v.1&tmpl=70 HTTP/1.1 
Host: precedentadministrator.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vidstream.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.36
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidstream.pro
Connection: keep-alive
Referer: https://vidstream.pro/
Cookie: uid_id2=10c2fe1f-7b15-4cdf-8533-784a5e446dec:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:26 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidstream.pro
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    a15f3dc4d283d3eb03392a7c30412fff
Sha1:   a6e9f1b051d084f5f7acff95f5b22260db2d3bff
Sha256: c36acbdcd5ab783d5cac3e86c4f5b06d8fe3df0b652d58d9095b51b09c965511
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.101.172.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=41720
date: Mon, 03 Oct 2022 17:02:26 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6184
Cache-Control: max-age=93948
Date: Mon, 03 Oct 2022 17:02:26 GMT
Etag: "6339c976-117"
Expires: Tue, 04 Oct 2022 19:08:14 GMT
Last-Modified: Sun, 02 Oct 2022 17:25:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS0Wsc1Ru904QfP%2FBJqQ8qlX1TQTYzs7uzu1YoxhgJpk1tLfZN78y9s7nmztzh3rkzmzwFi6VPsv0PJmeThtYiCr5aZFPoQ0DI%2BJQH8z%2BI0CcfZLfB1Q%2BG75w55%2BF833fv7tkz4sLS05WrakdISZc6Tbfx9m3Pu9xYF6kdNoa94Iugfbmhi%2Ff6QdN9p%2FExj7bUku96ruu5XmNVaB6r4dJUhMge971m3222%2FabXaWOo%2F8uNdWCoA1ackVcgWL341LkIEU2QJj%2BscLOVq%2BzdjxIraa40CnZ4K91KVZkimcNYO4jTw3M3lDlZfQKVHsziQhX%2FGENRE%2BfZE4Tp4XlIhMX%2BLGcowVOE7CWUxQRcTiDoBJG6A8FOCBAxXNtAmjy4pnRJt1%2BodKrWZPH5nxBlTRZ%2Fv4g0%2BX5ZimHjppI2Fyo1GMYVxHACMZggs0fIdy5AlEeI8q8h2K9k6fk60mR%2Fw0gFwarZ7EJMIOIJJB%2BBGgd2%2BgkHNnZgMwcJO21Enud1XRZRt9ePohbr8jBgrke7sUc9N%2BjBRtN4I%2BTZCJEcIdK7yPQutsT9k2YX2v4Cs1nBMAcmr4nz6S4KVqHkBKUhKClBKQjKnKAsqgMmjW%2BqB0waG3rn3T%2FvrWqs8sEePVD5gKdkLzsjL09X4yzcuoQtftpotePA68dRvxP3g07QajOPtnm%2FQ%2F12izO%2FByMqCHNhNu2OqMkb7%2FvIRE3%2B9y1DSI9g5BEi4YDaS6DluOu7oJvjds%2FFTvooTlQhuGnmCkxVyPJF5NvOnjwjr80O1Lr9Fnh0fOXL8Gr9x8O%2FEOkKma7wlXhKMJD3xjdUSfZvqNKQHzeyXCRih06PdzOnOV949AnfLpVmaytm9PCDaCpM4ePPuMnXacpEOjDku2XBGNerSkec%2FLxmPufhdWs2l61ObbZ%2B%2FcPVtSTT3Bih0gmoqAl5doxI1OT%2FPx3M3uXr39yF0BNoWyGxx%2BS8INQRomwXJpvnN2oBWs49YeagtNVY%2B%2BH8pxQEks85DSuYf%2FFwjvfMPQz0m6D5HaRJhUJXKGQFKkcwdmGcZ%2Fr4ym%2BtWSGUzjiU2tkPpZb3XyzXiNNGt9VyadDveN0u5d2w7ffiwGOU%2Bu3ADwLaQm7q6PKr%2BBsAAP%2F%2FAQAA%2F%2F8w5IWxYgQAAA%3D%3D HTTP/1.1 
Host: invaderannihilationperky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Cookie: u_pl=16995613; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34f619fc95f965634d1a4e95a243ed28=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.139.164
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:26 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f91de9b97e19e17a219f376a371b82ff
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vidstream.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18c15ce95a9ec8ec43796c643088b3b0
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /embed/comments/?base=default&f=fmoviescomment&t_i=61979&t_u=https%3A%2F%2Fweb.fmovies.to%2Fwatch%2Fqz3r3&t_d=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&t_t=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&s_o=default HTTP/1.1 
Host: disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         151.101.64.134
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 4977
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 02 Oct 2022 09:01:50 GMT
ETag: W/"lounge:view:9355163332.497f31b7cd749b9fb99f90404e6960ef.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 17:02:27 GMT
Age: 35
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (17255)
Size:   4977
Md5:    7d60ec120e6d0ffc563162fca6321818
Sha1:   aa9a471910a1a928f1acf646e1a44c8a658d8c19
Sha256: 2e58b487901cae545c7a96ed1eaaf0104ba77ab00bdba3528658b2f9276199e0
                                        
                                            GET /next/embed/lounge.load.8ec9a3b6b7bcd3fa25977c5ac7c3c810.js HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 494
date: Thu, 29 Sep 2022 21:02:58 GMT
server: nginx
last-modified: Thu, 29 Sep 2022 20:42:18 GMT
etag: "6336032a-1ee"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 29 Sep 2023 21:02:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SpdBsE3rEHTPhDgrtRpJMTEQWewQ9oB1BfHPhTzIDFFJsr_bqz5lbQ==
age: 331169
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (958), with no line terminators
Size:   494
Md5:    c3d34afd9d5f9d7a45d684db97cfbcdd
Sha1:   358b1f2fad414b32ca9684fd86ca80c46912bbf3
Sha256: c6b8e1bf4aaf81e7636b4a63877150ad9ab2f5f66fe73b4af465547b927a6c6e
                                        
                                            GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fAVxPedII8smOznkVGdGTxyuXQKmAS1sOxt85YsxjqvPj110N2zGrg==
age: 6090058
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32023)
Size:   94755
Md5:    7b99df04cc3984222b4f02f738de9fa4
Sha1:   f3eefe01e2f39579ceaca4927de1177711e01544
Sha256: c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7EF8CC0C5FF2359F8C5EBDE3F74EFAFE80155B9E0FA248BC9A0905E3DBF6C2A8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10342
Expires: Mon, 03 Oct 2022 19:54:49 GMT
Date: Mon, 03 Oct 2022 17:02:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7EF8CC0C5FF2359F8C5EBDE3F74EFAFE80155B9E0FA248BC9A0905E3DBF6C2A8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10342
Expires: Mon, 03 Oct 2022 19:54:49 GMT
Date: Mon, 03 Oct 2022 17:02:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7EF8CC0C5FF2359F8C5EBDE3F74EFAFE80155B9E0FA248BC9A0905E3DBF6C2A8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10342
Expires: Mon, 03 Oct 2022 19:54:49 GMT
Date: Mon, 03 Oct 2022 17:02:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7EF8CC0C5FF2359F8C5EBDE3F74EFAFE80155B9E0FA248BC9A0905E3DBF6C2A8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10342
Expires: Mon, 03 Oct 2022 19:54:49 GMT
Date: Mon, 03 Oct 2022 17:02:27 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   19525
Md5:    948e0430796a22326f412f0925baa3f3
Sha1:   82a2983c3080ccaaf10c33c209577fa1c142914d
Sha256: 383b224804011ee963c139f15bc50a63bc8cc738186b6379c5464e8d5c7091bc
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 03 Oct 2022 17:02:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /live/boost/ra-5a4bbf5745d3e51e/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 810
etag: -189841643--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=6, s-maxage=86400
date: Mon, 03 Oct 2022 17:02:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4414), with no line terminators
Size:   810
Md5:    90d06f36a306147405d512fb8d82e96c
Sha1:   b28c715163ba9fffebd531d4ccfb94c9d3ce5531
Sha256: b8ff4bb7750f841827a79bdde60e5b16cdfa7a1c8fe58e3d3460de970a345425
                                        
                                            GET /next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-length: 26176
date: Thu, 29 Sep 2022 21:02:58 GMT
server: nginx
last-modified: Thu, 29 Sep 2022 20:42:18 GMT
etag: "6336032a-6640"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 29 Sep 2023 21:02:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hakgnj092L4mP7ORvfmIIwHwArfQfSyvV-8BXzR9oPBDlFFBrwKezA==
age: 331169
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65469)
Size:   26176
Md5:    15976c9c2f8fdcaffdd91728d6f0a82b
Sha1:   eac5ef6756e3c6fda25438a59ae29722b3c7ba67
Sha256: 4888364939b1d951ebafedfa95f8cbd12c42a32bc9f38e4d7e8d658978b69014
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 03 Oct 2022 17:02:27 GMT
content-length: 82807
last-modified: Tue, 08 Feb 2022 14:25:26 GMT
etag: "62027d56-14377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5295433
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MRXeun0S%2FbRhzwdu%2Baa1OVvUruezzbNU5AaG9D5%2B7ldN%2BtLALx7PDhH2e5C7uOYTYo%2BA5wd4M1YYw6cH2V45D3m9ve%2B5TA2uthwCTwF06JvAXStit4WXtDaMOTTPZaAyCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473edd7c05e660-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 435x290, components 3\012- data
Size:   82807
Md5:    85f73b8e6875d66c6d73ebdefc72c793
Sha1:   7281bfc203aa9c27601828765ba37b28b79c2476
Sha256: f2772dd68c9e122cb84b4c535502d3c7034437ca7c053fc781da626cf1a1064f
                                        
                                            GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 03 Oct 2022 17:02:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   77672
Md5:    9a77dff666eebb6cf4bbc4c67c7b563b
Sha1:   9e98d7824a7b4e34665c2690d6f52caddad1fe4b
Sha256: 6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
                                        
                                            GET /next/embed/lounge.bundle.4a4252944de4199d2e7f3e9e3eb9bc54.js HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 123979
date: Fri, 16 Sep 2022 09:02:42 GMT
server: nginx
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
etag: "63243521-1e44b"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 16 Sep 2023 09:02:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zkd35kDKr8Dwy0h-AukxKCgY-qbQy8I_U8wFb-GwYwnkfcwb_wN00A==
age: 1497585
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32035)
Size:   123979
Md5:    7b5a447a2bf1505198ba04e50bbe8af4
Sha1:   5377c483be50ae516af00ccfbd740c18e468deac
Sha256: 2f5f08e0306667a0de34dc481ab4a593b94ae9bdf6470615a546bddf98cdef12
                                        
                                            GET /next/config.js HTTP/1.1 
Host: disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=fmoviescomment&t_i=61979&t_u=https%3A%2F%2Fweb.fmovies.to%2Fwatch%2Fqz3r3&t_d=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&t_t=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         151.101.64.134
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Connection: keep-alive
Content-Length: 16440
Server: nginx
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Mon, 03 Oct 2022 17:02:27 GMT
Age: 56
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with very long lines (16440), with no line terminators
Size:   16440
Md5:    dd53ecbbe37d38e23320bcfacb6cb34b
Sha1:   5341fddefa212ab5f7b89d8e51d55587bbeffeee
Sha256: a86591c5a214e6b3237c8f5356c71e654f0fef7936c521ba17fc2d19a4128bd8
                                        
                                            GET /live/red_lojson/300lo.json?si=633b15a2c7b7aaeb&bkl=0&bl=1&pdt=676&sid=633b15a2c7b7aaeb&pub=ra-5a4bbf5745d3e51e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=web.fmovies.to&fp=series%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=dark%20fantasy%2Cbastard%20heavy%20metal&colc=1664816547285&jsl=1&uvs=633b15a2e441fca9000&skipb=1&callback=addthis.cbs.jsonp__060411220711801940 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 03 Oct 2022 17:02:27 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   750
Md5:    ce1c553866522aa81efba2d00324ed3a
Sha1:   49575e29f8466e1decf9a5c284d97f0744dc6dd7
Sha256: 43cd8271c80d1675d44d5cc72ec3e8117dfc5d1f5bca0dcdb837e0b41a49bd18

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3443CBA19EB70AA0D6BC0ADC3C0420DBC27F52FA86EDE9EC5A77597E2C9F3193"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5632
Expires: Mon, 03 Oct 2022 18:36:19 GMT
Date: Mon, 03 Oct 2022 17:02:27 GMT
Connection: keep-alive

                                        
                                            GET /api/3.0/forums/details?forum=fmoviescomment&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1 
Host: disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=fmoviescomment&t_i=61979&t_u=https%3A%2F%2Fweb.fmovies.to%2Fwatch%2Fqz3r3&t_d=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&t_t=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         151.101.64.134
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Connection: keep-alive
Content-Length: 2983
Server: nginx
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Mon, 03 Oct 2022 17:02:27 GMT
Age: 83
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2983), with no line terminators
Size:   2983
Md5:    2011587c01b0b8c4a202be7262bc7740
Sha1:   25820e3591d3808c1d0ab0be9cef741637abd7bd
Sha256: bf3ce2d3a391f8bad6de5c4c410f1ae2a5f52e9014a7ef6536c31c7e050c9723
                                        
                                            GET /pxf.gif?uuid=10c2fe1f-7b15-4cdf-8533-784a5e446dec&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=e35fff0d600aad048bac0f7b692e007b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vidstream.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Mon, 03 Oct 2022 17:02:27 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 67207365a9207c2636eb2f3d6d3eed40
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Btwk%2FfuBKqQuVyuxUkMm98z1WKMYYCaZNbS12p%2BfrTo45957LOfdjklWwWLqS6X9w80zS0FpEwa1FJoUuAkKuqyzM%2FyBCVy5kpsHRFy7v89znWTzv%2B567e9kZ8ZHR05WrZkdpTZfadb%2F29u0guFxbV3E2rA17nS86rcs1m7%2FX79T9d2ofS75llhp%2B4PuBH9RWlZWhGS5NRajkcT%2Bo9%2F16q1EP2i0M7X%2B5yzw46kHkZ%2BQVKFEtPvUuQvEJ4uiHFem2UpO8%2B1GUaZoai1wc3oq3YlPEiOYwtB7C%2BPDcDeNOVp%2FAxAezuDD5P0amKuI9ewIWH56HBMv3ZzmZhozBxEso8gmknkDRCbi5AyVOCMAFrm0gjh5cM7ag2y9UOlUrsvj8T6iiIou%2FX0Qcfb%2Bs1bB20%2BgsVSZ2GIYl1HACNZggyY6Q7lyAKo7A06%2BhxK9k6fk64mh%2Fw2kDJcrZ7EpNoMIJtByBOg%2FZ9FMestBDlniIxGmNB0HQ9QWnfq%2FPeVN0JesIP6DdMKCB3%2Bkh49N4I6TJCFyPwO0uEruLLXX%2FpN6FzX6B2yzhhAeXVsT7dBe5KFFIgsIRFJSgUARFSlDk5YHQruHKB0K7jAXnvXHem%2BXYpIM9emDSgYzJXnJGXp6uxlu4dQlb8rTWbIWdoB%2Fyfjvsd9qdZksEtCX7bdpoNaVo9OBUCeUuzKbdURV54%2F0GElWR%2F30rwOgRnD4CVx5odgm0GHcbPujmuNXzsRM%2FCiOTK%2BnqqYEwJZJ0Eem2t6fPyGuzAzVvvwXJj698ya5Wfzz8C9yWSGyJr9RTgoG%2BN75hCrJ%2FwxSO%2FLiRpCpSO3R6vJspTeXCo0%2FkdmGsWFtxo4cf8KkwhY8%2Fky5dp7FQ8cCR75aVENKuGssl%2BXnNfS7Z9cxtLmc2zpL16x%2BurkWJlc4pE09AVUXIs2NwVZH%2F%2F3Qwe5evf3MXyk5gsxJRdkzOC8ocgSe7cMk8vzMLsHruYYmHIivHtsHmP7Ui0HLOKSvh%2FsXZHO%2B5exjYN0HTO4ijErktkesSVI%2FgsoVxmtjjK781ZwWmvTHT1ttn2ur7L5br1Gmt6Ysuk6HsMtlqt0LJBWu3mc9Dzpqi1%2BNIXcUvv4q%2FAQAA%2F%2F8BAAD%2F%2F7AwUFliBAAA HTTP/1.1 
Host: invaderannihilationperky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Cookie: u_pl=16995613; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34f619fc95f965634d1a4e95a243ed28=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.139.164
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:27 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5b5eecaaee775b1d4ce59c5de3c2d7b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=10c2fe1f-7b15-4cdf-8533-784a5e446dec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=53511865558f5e0bb6aa425146e36740&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Mon, 03 Oct 2022 17:02:28 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11cb25e957603b488aada530c3717c7b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  data
Size:   206
Md5:    9080d6b87acf0e52d683808573fc9f49
Sha1:   e2bdc66befd03c52dc14083bbf64d0d5f99c4e84
Sha256: 7f8748031ef07db18321afd02aeaf24a431745e5c732a937da4ff34533fba5d7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
                                        
content-length: 13079
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4a61WdyNHbqQNErXic66PSVzkLFEolgoI9Q0zQEJjJq37I430iebfw==
age: 6090058
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Size:   13079
Md5:    4da5413f5086c5755b46094b813dbfcd
Sha1:   87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
Sha256: 3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
                                        
                                            GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 7900
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-1edc"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QChEe3LSCAlSXzrscYn4SwE0rEFK88-K1L1C5NFCPdNu2Z2UkUDkPA==
age: 6090058
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size:   7900
Md5:    4cc7a703d2fdfe684151ff8ac24d45f1
Sha1:   046adee74e5ce76db11491906a21c09399391571
Sha256: f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
                                        
                                            GET /next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 2971
date: Sat, 04 Jun 2022 12:47:57 GMT
server: nginx
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
etag: "629a3ed3-b9b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 12:47:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H-XRm6hMGnLL470xl4_0Wz7XrrPgOm-XOlgXBLpkFNUcf8A3QW_u1Q==
age: 10469671
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 62 x 20\012- data
Size:   2971
Md5:    ba7c86e8b4b6135bb668d05223f8f127
Sha1:   ae07a576af9eab682281921075436798438e902e
Sha256: 4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
                                        
                                            GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1763
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ssUCVlEAUvz4O6fGn5i7mdFu6J-lFwDfM5zwm28gaQ8m92MF9vl5kQ==
age: 6090058
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Size:   1763
Md5:    ad630a07080a45451f139a7487853ff8
Sha1:   c2673d7404fc947fab20eed21416f9656149018d
Sha256: 9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
                                        
                                            GET /1663775094/images/noavatar92.png HTTP/1.1 
Host: a.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.49
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
etag: "60395f01-66c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 21 Oct 2022 16:55:13 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: uLnV0_q-GUs2ff7qmmVinpMgEAxO6qGBFik3pl01EpJpjIqqB0fjDA==
date: Mon, 03 Oct 2022 17:02:28 GMT
age: 1037234
strict-transport-security: max-age=300; includeSubdomains
content-length: 1644
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 92 x 92, 8-bit/color RGB, non-interlaced\012- data
Size:   1644
Md5:    675fb4b91ca717db030507f2d84bcfdf
Sha1:   c8728df74487f907230358a1b08ae1a1b25f9ed4
Sha256: 36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: invaderannihilationperky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Cookie: u_pl=16995613; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34f619fc95f965634d1a4e95a243ed28=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.139.164
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 03 Oct 2022 17:02:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Mon, 03 Oct 2022 17:02:28 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (564), with no line terminators
Size:   394
Md5:    09d6e31790596b5636e4332b45864d33
Sha1:   078bdaadd33f7e19f624e403959dca3eef1a73d4
Sha256: 42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
                                        
                                            GET /pxf.gif?uuid=10c2fe1f-7b15-4cdf-8533-784a5e446dec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=34f619fc95f965634d1a4e95a243ed28&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Mon, 03 Oct 2022 17:02:28 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b03700d0aba0277887121d06c83d7fa0
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=608&event=init_embed&thread=9355163332&forum=fmoviescomment&forum_id=5163355&imp=4eiqs9k38bqf98&thread_slug=fmovies_watch_bastard_heavy_metal_dark_fantasy_2022_online_free_on_fmoviestaxi&user_type=anon&referrer=https%3A%2F%2Fweb.fmovies.to%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1 
Host: referrer.disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=fmoviescomment&t_i=61979&t_u=https%3A%2F%2Fweb.fmovies.to%2Fwatch%2Fqz3r3&t_d=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&t_t=FMovies%20%7C%20Watch%20Bastard!!%20Heavy%20Metal%2C%20Dark%20Fantasy%20(2022)%20Online%20Free%20on%20fmovies.to&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.134
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Connection: keep-alive
Content-Length: 43
Server: nginx
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Mon, 03 Oct 2022 17:02:28 GMT
Cross-Origin-Resource-Policy: cross-origin


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css HTTP/1.1 
Host: c.disquscdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.72
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-length: 244
date: Mon, 15 Aug 2022 04:29:37 GMT
server: nginx
last-modified: Fri, 12 Aug 2022 17:44:41 GMT
etag: "62f69189-f4"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2023 04:29:37 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FcC5sKQhQZ9RQ7Tvf-ROIV-CSgZrhAYf6jQwMczo3buKROakT1I54A==
age: 4278771
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (337), with no line terminators
Size:   244
Md5:    f74fc76abba12fe71950760c586845c2
Sha1:   0e2456bb947e89d92afdde9a0f1f7043e0e0e12a
Sha256: f6a934d83fa1c7116ec650c15cdd07d227fa43423024920345ac5ebf0b10532a
                                        
                                            POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://web.fmovies.to/series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1
last-modified: Mon, 03 Oct 2022 17:00:00 GMT
access-control-allow-origin: https://web.fmovies.to
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 03 Oct 2022 17:02:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&callback=_ate.cbs.rcb_69h80 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: web.fmovies.to/series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1
last-modified: Mon, 03 Oct 2022 17:02:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Mon, 03 Oct 2022 17:02:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    99f62a6376cacfd3fdfaaa2f344a7acc
Sha1:   bbbb9d0f4f812f5f3e3882cc5cd3df2c820d5583
Sha256: e7a73d9f5c0fd507f9874ff02a164d83135642b5c895eca6b8b3cd689aef2542
                                        
                                            GET /url/shares.json?url=https%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&callback=_ate.cbs.rcb_5my90 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: web.fmovies.to/series/bastard-heavy-metal-dark-fantasy-qz3r3/1-1
last-modified: Mon, 03 Oct 2022 17:02:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Mon, 03 Oct 2022 17:02:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    a3288f8c2d4d9fbfc6097ee5dd9b8cd8
Sha1:   5f9fb88732a563d3290382b5bac99cb4d419004a
Sha256: 7a8ac47ec525f35cb3ec4a6d596ed72eafb65c7ad53c6fb9847550c5f40a8a7d
                                        
                                            GET /ws/2/thread/9355163332? HTTP/1.1 
Host: realtime.services.disqus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://disqus.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /lbexeu9Tem1Io5RZSfOeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.227.133.51
HTTP/1.1 101 Switching Protocols
                                        
Server: nginx
Date: Mon, 03 Oct 2022 17:02:28 GMT
Content-Length: 0
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://disqus.com
Sec-WebSocket-Accept: ZAx5+nufeRW7qvyq2cpe2A17Vv8=
Upgrade: websocket
X-Served-By: realtime-8
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

                                        
                                            GET /assets/template_1/style_1/min/all.css?6316f61f HTTP/1.1 
Host: s1.bunnycdn.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.110.21
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 03 Oct 2022 17:02:24 GMT
last-modified: Tue, 06 Sep 2022 07:31:29 GMT
vary: Accept-Encoding
etag: W/"6316f751-340f2"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2367043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqhHtVyvBtK4dRI%2B2WSXv1XVr0YQEwWxg9CmcbMHRvDTi8MMtxOPUSyLBQUuXjpLNpEjXaloc2kz9vsDo4s%2BlcGEAUF7Mc1Ptbt5S0PlZxOi%2BOtjllfiV2LylCVHDvwWgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75473ec89dcb7713-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pingjs/?k=ac8b5aea3f9f&c=s&x=https%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&v=29&r=655 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.8.141
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75473ed06e641bfa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 03 Oct 2022 17:02:27 GMT
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 439107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQyFavCWtSsWYxBt86vyRKyY0Lx7abVW7HakYJnclW04zp0gidm8DNhpRl8Rm9quaGft8UseHUk8uBC%2BExrFlmqBVF87cVL%2FoPDUdwdS8qEajvavPMf8EKf9usxqOOZsjLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473edd0e74740f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 03 Oct 2022 17:02:27 GMT
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 439107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtjJDL6ddFOJLQ0zpipxC69EFY94CvcfkizdLoxrD7bRp4Wa2FR9ZCkn87PipD711vKT9%2BqQMcmb7rQQQ03r%2B72pnDD0DWz5JzJL%2BnhSHkhmqrOce9%2Fflip0FpFeND%2Bqz4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473edd0e75740f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 03 Oct 2022 17:02:27 GMT
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5295433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weraW4pGpJPJmTXisLZ18Pntwy4lPKEKktFPRDMxazsTmP8O3%2Fb8Fl9B7Ezt5xL04CGzxVJm%2BAbl4GsEhAZk8MG6qy5bmKm1ga81T7bT%2FTAFyWNb%2FkCxo4ovH%2BFcCWco0Z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473edd7c08e660-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v1/urls/count.json?url=http%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&callback=window._ate.cbs.rcb_hr1i0 HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
expires: Mon, 03 Oct 2022 17:17:28 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1596949952583866
date: Mon, 03 Oct 2022 17:02:28 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /e/LNPEK115LPXW?sub.info=https%3A%2F%2Fweb.fmovies.to%2Fajax%2Fepisode%2Fsubtitles%2Fb1287725a42518b0c6c2bc55f36ecac3%3F HTTP/1.1 
Host: vidstream.pro
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.86.173
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 03 Oct 2022 17:02:26 GMT
x-cache: HIT
x-dynamic-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeI%2Fx4u3UCUzTRhoG22tUAEbxf1abuywwiOCMTEyHwepTiCi361DJ%2F1kZnhzX%2BaisDLqAT3FE98ScMEp3DlgnpIRFShCWmp7AoSnfQqGQlUmz06Qi%2Bh2%2FKxU2BZap3D%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75473ed409b6b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.22
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:02:25 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b04324f855cb0f7ef60f5d985994c406
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 03 Oct 2022 17:02:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lh3X80gSYLtKJOa4subKCu9Kd7tHqVaAZ3lhsqJoi7OxUCgyzOIiegaLQ0FvGGkPJYuJv3f1Q8rXO2nq2mvngWAaZLwI5q1vax0qTdz9qnIBvlT328INo8vPz8SVRmDok3FeYvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473ed06fb77529-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html HTTP/1.1 
Host: cdn.yourwebbars.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web.fmovies.to
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.74.218
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 03 Oct 2022 17:02:26 GMT
last-modified: Wed, 09 Feb 2022 11:25:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 439500
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejvds693mKVxZsMBuW9EKx5hasyRBtM%2Bqn34QSQDtpjUys%2FGn3Gji5sBhHME05mscuzePLQmup30YCbwgq3fpElLbNezFmnbZmLzOZYZw6Ci4kja6R6h8hmESrhlaCFOM0Jtf8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75473eda3cffb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v1/urls/count.json?url=https%3A%2F%2Fweb.fmovies.to%2Fseries%2Fbastard-heavy-metal-dark-fantasy-qz3r3%2F1-1&callback=window._ate.cbs.rcb_7rhx0 HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.fmovies.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
expires: Mon, 03 Oct 2022 17:17:28 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9227995161742019
date: Mon, 03 Oct 2022 17:02:28 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2


--- Additional Info ---