Report - cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

Report Overview

Submitted URL
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
172.67.183.11
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-21 18:31:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-09T06:49:10Z	393 B	1.2 kB	151.101.85.229
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	586 B	703 B	173.194.222.156
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	3.6 kB	8.0 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.191.210.155
cdn.rawgit.com	8186	2017-01-30T06:42:07Z	2023-03-09T10:15:39Z	396 B	1.1 kB	194.242.11.186
captinzizo44492282022.skyvids.cyou	unknown			402 B	29 kB	65.109.25.73
literalcorpulent.com	unknown	2022-10-21T03:59:02Z	2023-03-09T16:51:50Z	430 B	467 B	173.233.137.44
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	4.2 kB	28 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	372 B	45 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
cima-club.cam	unknown	2022-08-25T01:17:33Z	2023-03-05T22:21:35Z	1.7 kB	4.3 kB	104.26.12.236
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	359 B	21 kB	142.250.74.174
skyvid.cyou	unknown	2022-03-02T11:31:47Z	2022-10-24T12:24:27Z	343 B	927 B	172.67.223.168
marinegruffexpecting.com	423448	2021-08-01T03:34:28Z	2023-03-08T10:38:48Z	388 B	21 kB	173.233.139.164
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	55 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	2.4 kB	65 kB	216.58.207.195
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	1.0 kB	54.230.245.39
cima-club.pics	unknown			587 B	1.3 kB	172.67.166.96
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	4.0 kB	44 kB	142.250.74.3
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-09T05:09:04Z	356 B	1.9 kB	104.18.21.226
gvadz.click	unknown			3.2 kB	199 kB	104.21.47.62
cima-club.one	unknown			1.0 kB	1.5 kB	104.21.48.90
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.27
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-09T11:05:34Z	949 B	79 kB	104.18.11.207
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-10T08:01:44Z	344 B	28 kB	172.64.101.4
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	987 B	561 B	216.239.32.36
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-09T11:23:24Z	814 B	684 B	18.193.142.27
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-09T09:20:47Z	679 B	423 B	192.243.59.12
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	1.2 kB	2.2 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-21	medium	marinegruffexpecting.com	Sinkholed
2022-10-21	medium	unseenreport.com	Sinkholed

JavaScript (32)

	URL	Size	First Seen	Last Seen
	cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75dc1116ea05b4f9	61 kB	2023-03-10	2023-03-10
Pretty URL cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75dc1116ea05b4f9 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash be75bdf4d796de0744bf9f530ece1c77 447d4e3fc2958f0a74137e14c971578abfd9af3c d64a0f3e2ee964c5a76eadf1bb4d6cfcd170d89a8ae56ca93b52478bf2cfc5ec Loading...

	cima-club.pics/themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7	87 kB	2023-03-07	2024-04-18
Pretty URL cima-club.pics/themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-18 11:28:16 Times Seen12137 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-174083888-1	114 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-174083888-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash 62b766e7f5fc7ac33769e2b7c0c72c1e db8d426b09dcf75626f4063e7118876f6b80ac9d 404c671bc527505482902b5f62a121a322f449f0850ce2a8c58579ba576d2d71 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	155 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2023-11-17 18:46:40 Times Seen38 Hash 6897055a2e11901f9cecdb136f9a08c6 52e4b9691e2fb8a85c29c6a5c50dd77016f3f64c d732616e065bd7c2fe648b5e1ff8dc61e544f203a88b10d2d39121717fa44844 Loading...

	www.googletagmanager.com/gtag/js?id=G-J0QQKPLZPB&l=dataLayer&cx=c	216 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-J0QQKPLZPB&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash b17294257ca05b6fc0b01959fb1420fa fc964aef3f7d0b5b93df2eb3cc5b5f01e35ac372 ac518b4c2da8d184cf3ab102e09ca154d033343db3074f7010b769c5cfb3ba42 Loading...

	skyvid.cyou/js/dnsads.js	30 B	2023-03-07	2024-04-07
Pretty URL skyvid.cyou/js/dnsads.js IP 172.67.223.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-04-07 00:26:45 Times Seen206 Hash 1c57f7e83ceae8ee7d8707cf3eb91c2c ca5b7c4bf30cbdb6a4680ee5345d5c68e90d0675 cdf19c04fc4fd1992d9cf69ee0ef7c83d03dfa4f6998f06c8d73611f5a6d1740 Loading...

	marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js	59 kB	2023-03-10	2023-03-10
Pretty URL marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash 98008b60ba777e22a6a5cf35e0484f5b 0ea33cebf45f33af517e918cc23a0a4401f5b925 5d913a007bb762e8d9bd05aa79d6b050a544eab76d0c2e62d04ed15d32b31733 Loading...

	gvadz.click/embed-di5wpdl6fpjh.html	152 B	2023-03-10	2023-03-10
Pretty URL gvadz.click/embed-di5wpdl6fpjh.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash 6b205f7ee35df44a502333d0a5c9eedf e9f9cfad22513f0fc497a11ce246b8f9bfa93acd f81ad5f55dd64a042114baf38badf906a7397e2e09d65b95ef6982819727d8be Loading...

	gvadz.click/embed-di5wpdl6fpjh.html	22 B	2023-03-07	2024-04-14
Pretty URL gvadz.click/embed-di5wpdl6fpjh.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-14 17:45:01 Times Seen236 Hash 6052027f8899a6bfe3148fb3b49c2e5d 0c623518c7ab0d4725e6808c76798123779d6372 442c8e7468ce2fb1deae90be815308271b69df058481e94135a669b7a6134500 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	3.4 kB	2023-03-10	2023-03-10
Pretty URL cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash 3942bd0ea8f826d58ac85257619e10e1 23ea307296fc1c9364e9f19617bb7daa73736eb1 620ab89b019e7875cb8a11ea670506717058064b7ce09b0dcd72f96c5b7493d0 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	21 B	2023-03-07	2024-04-02
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2024-04-02 09:37:41 Times Seen71 Hash caa8c05baf500ec297cb1352469cd469 66e9ea1d9cf60ef075d3d2205519b8260873a0bd b2da0e6cfe1d9aaa7375529d7ab56a39eecfc39b2a13bc90048590e17e3e4600 Loading...

	gvadz.click/js/xupload.js	8.2 kB	2023-03-07	2024-04-07
Pretty URL gvadz.click/js/xupload.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:37 Last Seen2024-04-07 00:26:43 Times Seen28 Hash 9671a9989a3249273207e940194f2601 f78b042cfe4274cd112758224de6b52969dbae10 7172ac4bf4f6c126432d15b5662147e34a19a2c973b242b65c91b4265d9076a2 Loading...

	gvadz.click/js/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL gvadz.click/js/jquery.min.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 15:07:14 Times Seen259852 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	gvadz.click/embed-di5wpdl6fpjh.html	1.8 kB	2023-03-10	2023-03-10
Pretty URL gvadz.click/embed-di5wpdl6fpjh.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash b88923526b7e716fc5b30396794e09cc de38b8e9a152c988313a0d3cdd382369f0a2c360 c05dfceab5254bdaa175912df11d48a088222a70d0be1d1d4d34a647db14c36b Loading...

	cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7	912 B	2023-03-07	2024-02-25
Pretty URL cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2024-02-25 04:02:19 Times Seen16 Hash b3dd33db12b77a70fdfc3901894d65dd e5c388dea3ca196fc956f07269fd87fa8a5d6259 f1240c5e81a12bb4e90be775a237f76c9e54f0e9251cf4dede4621911bb23927 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	1.0 kB	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash a3e0f0e9d6f79a7c3c3085eec4baf376 1b177664f1bb8115417dc0ac1d834ba130842cf1 dfbd1d393383612ea494051227decf0da9aa00dac9030a1980b7536385a19446 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	157 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:40 Times Seen42 Hash e43fb1125f506ed60746b6c113f30278 21beef3b222ef281dafcd843f1c478bd74edba61 814167bdd05519757e8bbbca40f425b0785312206d271ae49e9f0bab8f3ed0f0 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	378 B	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 4cb6e7074e4a15af418526a9e95710a7 93b2f5dfc1d925540a5b6e72ca7d2c89af9d8576 4b0950b9ead3c61e57587d6917015fe616d8bdcf723671ad057b18d369a37034 Loading...

	gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js	32 kB	2023-03-07	2023-11-14
Pretty URL gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:18:53 Last Seen2023-11-14 00:47:29 Times Seen18 Hash 4c1b58eb768ca90be652a0cbc41b2264 b3b0169c7522bef0e229c96d8bc88cee8bc0758e a1cfb33d7031f6ba4f5e5c5950157fb7e1206ff372f43344c75d0ed48881c2f9 Loading...

	gvadz.click/player_clappr/clappr-chromecast-plugin.min.js	25 kB	2023-03-07	2024-04-12
Pretty URL gvadz.click/player_clappr/clappr-chromecast-plugin.min.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-12 15:26:07 Times Seen314 Hash e5d13c4d7c790f7dfa01d86cd6c2419b 0d5e7500ba0cea98d5fc014918d7cd1a48b5a668 1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90 Loading...

	cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	17 B	2023-03-07	2023-04-05
Pretty URL cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	218 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2023-11-17 18:46:40 Times Seen38 Hash e617d950d83cb7a312b714f359461914 e71866431339ad9357158ad2362ae0b22d15602c c00f4d4acc26499f5d3e4fb49593de3313439f9231856263591f3caca99fd68b Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	923 B	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 172.67.166.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 15a6e54ec89b010a7b22e236ab85b8d1 b38fe585545d92e29e97055047dd48c58f4aecdb 759fd4e409891f9455322f572d14e0bf2ec6d47e3af96867d1aac161a656b04b Loading...

	gvadz.click/player_clappr/clappr.min.js	525 kB	2023-03-07	2024-04-12
Pretty URL gvadz.click/player_clappr/clappr.min.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-04-12 15:26:07 Times Seen569 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	gvadz.click/embed-di5wpdl6fpjh.html	208 B	2023-03-07	2023-11-17
Pretty URL gvadz.click/embed-di5wpdl6fpjh.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:40 Times Seen18 Hash ac9d259dc68e257c8be17996970eed33 295747e4c9fa36b3890333337d51e01fcf1fd029 59340cb76a70a270032d034733beeef0e5e6cb0f36c1e574d306e5d5ef200790 Loading...

	www.googletagmanager.com/gtag/js?id=UA-74510604-1	111 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-74510604-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash af509446c419d80c1f6ac51e88aa85a3 fc17da95ffac5073a2ede1128dd478080fdd7679 8f0a6621b1100fa176115c02c70a34a87d1265ed37ba674ac15fbfa1515fc5d1 Loading...

	cima-club.pics/themes/CimaClub/js/tornado.min.js?v=1.2.2	191 kB	2023-03-07	2023-11-17
Pretty URL cima-club.pics/themes/CimaClub/js/tornado.min.js?v=1.2.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:40 Times Seen69 Hash d93607ad1efbc2acd5e443ecf43135ef c2af80e2e9cf2c1599b17f8bbe8fca0a48008789 7b06f659aacaa1af97c624506d4a055993ebbcc15f04061b2e02272706420fef Loading...

	cima-club.pics/themes/CimaClub/js/pusher.min.js?v=1.1.7	62 kB	2023-03-07	2023-11-17
Pretty URL cima-club.pics/themes/CimaClub/js/pusher.min.js?v=1.1.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:41 Times Seen79 Hash ddef184b18bce04e19c5701fb3334ebd 8dd020f03a0e9eb28d7babfb78ef6c8113ed223f ce1bd1df2dd32d3ad07cd5776fd9bd3deb3681b4cc4755be8ff32c13d5fe1569 Loading...

	gvadz.click/js/jquery.cookie.js	990 B	2023-03-07	2024-04-07
Pretty URL gvadz.click/js/jquery.cookie.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-04-07 00:26:44 Times Seen153 Hash 532e8df5fdcf8bb2ac1a2cf408a9599d 0b8de3b1b4e1167693c51f461c8dc3c733602d52 39c8dcfca47db5df9169e58c7411bc8ffcc668d19686824c378a9b14351f04c8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f1c052d57c2b0c832a250eb13f8c2eff	7 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 12:39:56 Times Seen1 Hash f1c052d57c2b0c832a250eb13f8c2eff 5ba79174a5683b85f3a7aad6148e6f59807844aa f83a12a0ad8da7c8c40f11db8189a871146553934b9310d27a75b8d27a86386e Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (88)

URL IP Response Size

cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

104.21.48.90

301 Moved Permanently

0 B

URL HTTP/1.1
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
104.21.48.90:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 21 Oct 2022 18:30:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 19:30:50 GMT
Location: https://cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbVLhoe2EffDqO1V%2F%2B4TRwceIz8LX9LDmDG0DU5Aae7T20xTCIEpRQpIkRuRm4SKyAByeuEZhyPicoX%2BKqaCak5dcGj6GxCeaYcVVswve8IrnJOYjQyMPDOGbntPSTfa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dc1113d969fabc-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 17:52:25 GMT
Expires: Fri, 21 Oct 2022 18:13:56 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F9RopcYHYVBB1_Z_hycW2rVv4Ax5DpM2qtP54uCMvvyQz-EyKPMQ1A==
Age: 2305

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16502
Expires: Fri, 21 Oct 2022 23:05:52 GMT
Date: Fri, 21 Oct 2022 18:30:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16566
Expires: Fri, 21 Oct 2022 23:06:56 GMT
Date: Fri, 21 Oct 2022 18:30:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: axNWP1txnDb6DB53MOIrwdZwft6mOfAGdN6Q9Wv5pZb7Ont/DbQzoeXWmq9H3XdjaGZvLNLQOeI=
x-amz-request-id: MW8A5WY0GCNG76ZM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 17:37:15 GMT
age: 3215
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
7d917480a944afbe113057e24723e5d4
edce416c83ffb7fdbcd80442adda2f0c18116a2b
bf6bfd4669585a92b640ecab3d88e3514293d5f4f8983e3120c4e1cdd52b41af

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF6BFD4669585A92B640ECAB3D88E3514293D5F4F8983E3120C4E1CDD52B41AF"
Last-Modified: Wed, 19 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Fri, 21 Oct 2022 19:19:46 GMT
Date: Fri, 21 Oct 2022 18:30:50 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 18:30:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
7d917480a944afbe113057e24723e5d4
edce416c83ffb7fdbcd80442adda2f0c18116a2b
bf6bfd4669585a92b640ecab3d88e3514293d5f4f8983e3120c4e1cdd52b41af

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF6BFD4669585A92B640ECAB3D88E3514293D5F4F8983E3120C4E1CDD52B41AF"
Last-Modified: Wed, 19 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Fri, 21 Oct 2022 19:19:46 GMT
Date: Fri, 21 Oct 2022 18:30:50 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b712a95cbc491bfd3c18fd0ac61aa1e7
fc6c70828e66f5b1d42f35dc337575e5905740c1
262f8a309a1a75c66f9168020d4b1a69114ad63df1d8c87ded2808b7bce3f3d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "262F8A309A1A75C66F9168020D4B1A69114AD63DF1D8C87DED2808B7BCE3F3D8"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19094
Expires: Fri, 21 Oct 2022 23:49:04 GMT
Date: Fri, 21 Oct 2022 18:30:50 GMT
Connection: keep-alive

cima-club.cam/cdn-cgi/styles/challenges.css

104.26.12.236

200 OK

2.6 kB

URL HTTP/2
cima-club.cam/cdn-cgi/styles/challenges.css
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.6 kB (2646 bytes)
Hash
2080f6c1c5995ef744362ba648f04a8c
41e33c8ce9c082bd9945f612eb1cb507a7ba5c8b
a8496326269f30076b3683f0ef278e989c6d80cda9b8aa1f587d0a48a518cf78

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:50 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 15:26:27 GMT
etag: W/"634ec5a3-1896"
server: cloudflare
cf-ray: 75dc11189c0fb4f9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 21 Oct 2022 20:30:50 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b712a95cbc491bfd3c18fd0ac61aa1e7
fc6c70828e66f5b1d42f35dc337575e5905740c1
262f8a309a1a75c66f9168020d4b1a69114ad63df1d8c87ded2808b7bce3f3d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "262F8A309A1A75C66F9168020D4B1A69114AD63DF1D8C87DED2808B7BCE3F3D8"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19093
Expires: Fri, 21 Oct 2022 23:49:04 GMT
Date: Fri, 21 Oct 2022 18:30:51 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e5037c7287e8f6c6569102e2dfd166c8
e3ef55836da1024eb394ed1812df7b508e3f0397
7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5129
Expires: Fri, 21 Oct 2022 19:56:20 GMT
Date: Fri, 21 Oct 2022 18:30:51 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e5037c7287e8f6c6569102e2dfd166c8
e3ef55836da1024eb394ed1812df7b508e3f0397
7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5129
Expires: Fri, 21 Oct 2022 19:56:20 GMT
Date: Fri, 21 Oct 2022 18:30:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 21 Oct 2022 17:43:40 GMT
Expires: Fri, 21 Oct 2022 17:56:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UT8gHkQ21WSZX7RZE-lHq1OPEQNf6P7Asri2FYP4Eh5scphitQDqrg==
Age: 2831

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=141335
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:51 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:46:26 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.191.210.155

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.210.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WHe9UFe1uW7G4JHiSvp4dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5N09UnWitbNF5U2DHGPe5oquteA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Fri, 21 Oct 2022 23:15:45 GMT
Date: Fri, 21 Oct 2022 18:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

504 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c553eb0e0da58846d4a8042dcb68cf63
8bf503d52158255e084bf4049de0c8e4f27ff911
77e43c2689eb6229c9130b571e26e8720a0be96ae164f6fcba06e17811bf85d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Fri, 21 Oct 2022 23:15:45 GMT
Date: Fri, 21 Oct 2022 18:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Fri, 21 Oct 2022 23:15:45 GMT
Date: Fri, 21 Oct 2022 18:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Fri, 21 Oct 2022 23:15:45 GMT
Date: Fri, 21 Oct 2022 18:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17092
Expires: Fri, 21 Oct 2022 23:15:45 GMT
Date: Fri, 21 Oct 2022 18:30:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9195 bytes)
Hash
d369f8641d3489521afd62e112136f5b
088a3290733195efeb1d79dcc995c22b603bece0
b18601499cbb7bbcc1eaa464cec12c0287f8fab52a89e97973bd78fcb26ea918

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9195
x-amzn-requestid: e40418b8-2272-44a3-83d6-9465798793ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLEk4oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-34994aca1e13dcab306bf1a4;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ID2imzYYOzIjJNsz9xeprVEYldmsiabjTmoqORoIseqQRMzW7W3qJA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:46 GMT
age: 74287
etag: "088a3290733195efeb1d79dcc995c22b603bece0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4786 bytes)
Hash
b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7dvOHC_VGsnv75l5gV7ewKgRDgsXbO1XpnV3m8qf21TQaXsnNzvIeQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:52 GMT
age: 74281
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10799 bytes)
Hash
00f8ff57c0d15e1ce75a788b91dc0bd3
46445de659e1aa0623c7666c98b5f642ffeff89d
95eb2c3d2ab4643affffd59887814a013edacba9f73c633399905d9d0d397b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10799
x-amzn-requestid: 9b27131b-a0ca-426d-939c-78de0beac51c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLF9hIAMF97g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-76bf3c356f04a6a672e2f7a1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wOVWtGbvNohj7CotSEW3qamI01hNffsODahh60wBEqNkmS27llMk1Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:51 GMT
age: 74282
etag: "46445de659e1aa0623c7666c98b5f642ffeff89d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6551 bytes)
Hash
1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tUzBA20lqAqZvWHt_SJ2nSXqp1suoKPRgxDN99w33CdoKY0vPspg0A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:10:48 GMT
age: 40805
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10973 bytes)
Hash
6bd5e942443ffd011faf10dc88d92081
beff4ae9e24599addce8a961c955788045c56645
2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8HRcZnP8nrEFWU_vn1olwnkXdvlqUu2_w0YIED9MSXDtO3U2mKO-w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:36:05 GMT
age: 71688
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6730 bytes)
Hash
41720951bc9f58ea936fb65b472ef05a
b8739209bdacc59cbf87b49024f73650a9a0f113
9dd1c174c5a45cf4167c4c20752c2575ab4280f869f49dd9056907c9521afe36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6730
x-amzn-requestid: 97d867bc-a398-4b2b-8dda-2497a105845e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSsAnEP3oAMF2lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350f39d-3f56509c395ff64a396b5706;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 07:07:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 92JemdQ9iP0ZStmalSRrraqZJIAsZdDsaXdVwu-Q4PYnIBJ_IfcBag==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 06:21:47 GMT
age: 43746
etag: "b8739209bdacc59cbf87b49024f73650a9a0f113"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e5037c7287e8f6c6569102e2dfd166c8
e3ef55836da1024eb394ed1812df7b508e3f0397
7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5126
Expires: Fri, 21 Oct 2022 19:56:20 GMT
Date: Fri, 21 Oct 2022 18:30:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

17 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
17 kB (16695 bytes)
Hash
1afef531acafbd8555d33f01923b4a32
2d9a1d4cd8c20cfab3938de88abe7a0e6c6c0379
eeb6933ffdac79ba6fab9a9a574a56e27eafff936c1ced2401a875ff76592c3b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E65C82D561023076E69ACFBDCA7F172C79CBBEF8B24743C8F1FC32AC49C9916B"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19058
Expires: Fri, 21 Oct 2022 23:48:32 GMT
Date: Fri, 21 Oct 2022 18:30:54 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

37 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (36589 bytes)
Hash
5d3c6d5d5db4b65fd706dae518fc1e47
4d812fd92d8391f6b771351cc8e411dcf9e3ec57
4389d892aaaa31177a20c821eca37a76d4fd0de8773d8d965258aa1e7cf27adb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-174083888-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-174083888-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
45 kB (44625 bytes)
Hash
7f046558eb76dba6707f714939033562
f8a9ee42800cb32e2dfa41981dd49ecfbb2f4096
6b6aa484124df2aec47edf129d22a6073cba32444941589633813e4d594e081e

HTTP Headers

GET /gtag/js?id=UA-174083888-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 21 Oct 2022 18:30:54 GMT
expires: Fri, 21 Oct 2022 18:30:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7

194.242.11.186

301 Moved Permanently

113 B

URL HTTP/2
cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
e33d1c21496843349c928437d8678e87
329312ddae6e7a41dfdbac4c2bec5b12e064ca60
69534e7cdbdcafaabb5d69439c71adaf2d98061eed7d21db1345d58235b855ab

HTTP Headers

GET /admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 18:30:54 GMT
content-type: text/plain; charset=utf-8
content-length: 113
location: https://cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js
server: BunnyCDN-NO-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 44641
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 10/21/2022 18:30:54
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19144-FRA, cache-chi-kigq8000178-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 480b032d3dbf5046a7173b216ed6b816
cdn-cache: EXPIRED
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:54 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b994a7b39cdd76397c9735498b6c7aea
cdn-cache: HIT
cf-cache-status: HIT
age: 98185
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75dc112f9aca0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
75d533a77b75617c9581ea8cc86656b8
6dfc4966b1d382138a3c995871bb1333fa2e8590
d4067b97147fb19d2414407284bf05c225b9210f12348fdf274e7afed09d75ad

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D4067B97147FB19D2414407284BF05C225B9210F12348FDF274E7AFED09D75AD"
Last-Modified: Wed, 19 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Fri, 21 Oct 2022 20:07:35 GMT
Date: Fri, 21 Oct 2022 18:30:54 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22056, version 1.0\012- data
Size
22 kB (22056 bytes)
Hash
6837d478d967d755114a1e1cd66da217
26095c8e77890874b47ee5e897627c51776afaa7
d830e0afba0d363cc75a59792bab42fb2420073c59623135a291a25c10493bee

HTTP Headers

GET /s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 05:11:16 GMT
expires: Sun, 15 Oct 2023 05:11:16 GMT
cache-control: public, max-age=31536000
age: 566378
last-modified: Fri, 24 Jun 2022 18:40:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.195

200 OK

9.9 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9900, version 1.0\012- data
Size
9.9 kB (9900 bytes)
Hash
7256be46335261573e1ab1dc7f6539f0
abeac1b7890a903ac951c522bc9b3039ec6fa1f8
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 20:03:26 GMT
expires: Thu, 19 Oct 2023 20:03:26 GMT
cache-control: public, max-age=31536000
age: 167248
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.195

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10584, version 1.0\012- data
Size
11 kB (10584 bytes)
Hash
316fa1995ea53f41426fa3a7f3b2df39
0bda75704bc7d985f7b934b74f433c53299e06b2
00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 00:34:42 GMT
expires: Fri, 20 Oct 2023 00:34:42 GMT
cache-control: public, max-age=31536000
age: 150972
last-modified: Wed, 27 Apr 2022 16:02:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.195

200 OK

9.0 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9032, version 1.0\012- data
Size
9.0 kB (9032 bytes)
Hash
1420b4cb8aaedb5607ef10763bd4f608
430ab060799bb992c542d7f0d262cb685d3b921b
f35be424a435340fa1b6bf36b2482ed2178092f777824f6b00f03cad010fd44f

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:56:26 GMT
expires: Thu, 19 Oct 2023 19:56:26 GMT
cache-control: public, max-age=31536000
age: 167668
last-modified: Wed, 27 Apr 2022 16:02:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.195

200 OK

8.5 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8524, version 1.0\012- data
Size
8.5 kB (8524 bytes)
Hash
c3e912cae666af697127c092f09a513a
90d3316e235b660a99e16bec7d0c58b58b59c4a4
ff5afc2fb4dbd2ecb286ee9b121154abaa9709ae3d710d730a57702725bc28e4

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 20:01:39 GMT
expires: Thu, 19 Oct 2023 20:01:39 GMT
cache-control: public, max-age=31536000
age: 167355
last-modified: Wed, 27 Apr 2022 16:00:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js

151.101.85.229

200 OK

437 B

URL HTTP/2
cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
437 B (437 bytes)
Hash
4361936cf4c73b5a0c339b4be6ab6d3d
9695e1df7a7b0e8903d8f208f00d4056e10a4a4d
d31acb89066775afec071ee65c05ae0649d544ba0b4c93e5300fbf9c1adbcf16

HTTP Headers

GET /gh/admsev/jquery-play-sound@master/jquery.playSound.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.pics/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"390-5cOI3qPKGW/JVvByaf2H+opdYlk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 21 Oct 2022 18:30:54 GMT
age: 27422
x-served-by: cache-fra19145-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
a4033ccdad3d0a45c9182931cc599885
93ccc45a4e055f7132a45d65690b248bc057cf73
d9c08ee64ce2b62c81f2809dfe4fb8c1c492dbe435a064ced23aaf209ecfc18f

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 18:30:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A19CD5A112CBF5EFDAB397DAE58B2E46E3B1A443"
Expires: Sat, 22 Oct 2022 05:00:00 GMT
Last-Modified: Fri, 21 Oct 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3559
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dc1130cab4b4ff-OSL

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 21 Oct 2022 16:41:09 GMT
expires: Fri, 21 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6585
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1487147783&cid=23040214.1666377068&ul=en-us&sr=1280x1024&_s=1&sid=1666377067&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-the-hobbit-an-unexpected-journey-2012-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20The%20Hobbit%3A%20An%20Unexpected%20Journey%202012%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1487147783&cid=23040214.1666377068&ul=en-us&sr=1280x1024&_s=1&sid=1666377067&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-the-hobbit-an-unexpected-journey-2012-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20The%20Hobbit%3A%20An%20Unexpected%20Journey%202012%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1487147783&cid=23040214.1666377068&ul=en-us&sr=1280x1024&_s=1&sid=1666377067&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-the-hobbit-an-unexpected-journey-2012-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20The%20Hobbit%3A%20An%20Unexpected%20Journey%202012%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cima-club.pics
date: Fri, 21 Oct 2022 18:30:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gvadz.click/embed-di5wpdl6fpjh.html

104.21.47.62

200 OK

2.0 kB

URL HTTP/2
gvadz.click/embed-di5wpdl6fpjh.html
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (442)
Size
2.0 kB (1963 bytes)
Hash
a3ddf4fb929d88edf051a1b0860577c8
684ca44d5e4b08aa2a806f3618bd8d35c23ada8e
d5435f7b507ec100053c31ef779ad1be5675c680e0d6c7a6eb32fd634cb955cf

HTTP Headers

GET /embed-di5wpdl6fpjh.html HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 20 Oct 2022 18:30:56 GMT
set-cookie: lang=1; domain=.gvadz.click; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXIQO7Rff0kwF%2FJ8qhC6b%2F02FomlxpeXpZCjFXcphHtjsz7ZDG4FSLARIdNA4UacNJlTol0SXtraDsqLpybgSvu%2F80fYlkrcQvzCrxtminBxkszaxXz%2BuideFEjFsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75dc1130583bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d5fb2c15474b699aa1d94ab53c371cc0
5c1e7201d4b6177a10e9a5d9c1ef6e6d70f79091
96e65c12d3d516ce7cc3fabc97240028e947218df994bdd9c40a0a2413ac413a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "96E65C12D3D516CE7CC3FABC97240028E947218DF994BDD9C40A0A2413AC413A"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6452
Expires: Fri, 21 Oct 2022 20:18:28 GMT
Date: Fri, 21 Oct 2022 18:30:56 GMT
Connection: keep-alive

skyvid.cyou/js/dnsads.js

172.67.223.168

200 OK

30 B

URL HTTP/2
skyvid.cyou/js/dnsads.js
IP
172.67.223.168:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
1c57f7e83ceae8ee7d8707cf3eb91c2c
ca5b7c4bf30cbdb6a4680ee5345d5c68e90d0675
cdf19c04fc4fd1992d9cf69ee0ef7c83d03dfa4f6998f06c8d73611f5a6d1740

HTTP Headers

GET /js/dnsads.js HTTP/1.1
Host: skyvid.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 30
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=38
etag: "613f5716-26"
expires: Fri, 28 Oct 2022 12:25:06 GMT
last-modified: Mon, 13 Sep 2021 13:50:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu99yagmz3rWxfKEmMH9JrfGX0DaKVQuJaDVVc%2B1t3Gn8OWyTFLoJksiWfVsBJgtzyMU0eq8cirjICMlgrN8wOhWcK60GM54qfOYsBwvrbIxVosxA5CyxUZH%2BuKBBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc113a78380b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/player_clappr/clappr.min.js

104.21.47.62

200 OK

142 kB

URL HTTP/2
gvadz.click/player_clappr/clappr.min.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
142 kB (141938 bytes)
Hash
858df3aa047a9227b0944f24ba7ae034
f73ff0b8d269c6a7d49c1e964f8323cd77b1bfd4
9efff0ac769f5575cb45294e4c9c7cc25b0fea480a640af968ed9cdd0774c070

HTTP Headers

GET /player_clappr/clappr.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Sep 2021 08:04:26 GMT
etag: W/"80319-5caea83cd9680"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qwq8T5q%2Bd0a7kHgOVY276aFg0SMWC19enSh09inWBINsdNCckSFfSGh3BXNRY7eWNH02HlFAvVzHfW4teU5b%2BVRchACvHqPpN11w3qralahG%2FpTFIHPq5xMiu2DuOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139edf9b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c903381120129f6c0c064b2e260a78f4
28f07ccb209ad9aad65d0dc80e6e9700c4773d64
9e8f5be93136280754bdbb506d55a78f246f1af64220a75ce73f79d90c218e76

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E8F5BE93136280754BDBB506D55A78F246F1AF64220A75CE73F79D90C218E76"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6024
Expires: Fri, 21 Oct 2022 20:11:20 GMT
Date: Fri, 21 Oct 2022 18:30:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c903381120129f6c0c064b2e260a78f4
28f07ccb209ad9aad65d0dc80e6e9700c4773d64
9e8f5be93136280754bdbb506d55a78f246f1af64220a75ce73f79d90c218e76

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E8F5BE93136280754BDBB506D55A78F246F1AF64220A75CE73F79D90C218E76"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6066
Expires: Fri, 21 Oct 2022 20:12:02 GMT
Date: Fri, 21 Oct 2022 18:30:56 GMT
Connection: keep-alive

captinzizo44492282022.skyvids.cyou/i/02/00007/di5wpdl6fpjh.jpg

65.109.25.73

200 OK

29 kB

URL HTTP/1.1
captinzizo44492282022.skyvids.cyou/i/02/00007/di5wpdl6fpjh.jpg
IP
65.109.25.73:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 604x603, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 720x302, components 3\012- data
Size
29 kB (28813 bytes)
Hash
143e892c477339289629b06224b30848
379fb411f1cbfdd99a714930b339a2a528275029
a4204e8cb2e7e7a879af53c017c52babc31288ed9a7b398f1b754b5e8f6c4a27

HTTP Headers

GET /i/02/00007/di5wpdl6fpjh.jpg HTTP/1.1
Host: captinzizo44492282022.skyvids.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 18:30:56 GMT
Content-Type: image/jpeg
Content-Length: 28813
Last-Modified: Mon, 22 Aug 2022 16:51:43 GMT
Connection: keep-alive
ETag: "6303b41f-708d"
Expires: Fri, 04 Nov 2022 18:30:56 GMT
Cache-Control: max-age=1209600
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49278717c4c7b9d2858b8e5d8dcdadcd
73a93cfa6838ba12ca70eb1a296a95d97b87f8d2
c4230edd18637eb973d9d6316364f71ca21028d0cf5004414630cdaa3f1bcccf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4230EDD18637EB973D9D6316364F71CA21028D0CF5004414630CDAA3F1BCCCF"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Fri, 21 Oct 2022 22:14:08 GMT
Date: Fri, 21 Oct 2022 18:30:56 GMT
Connection: keep-alive

marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js

173.233.139.164

200 OK

20 kB

URL HTTP/1.1
marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (59391), with no line terminators
Size
20 kB (20321 bytes)
Hash
4b2f8aa97680c900651af960ce52eb3e
a5123e1208df35a6765dd734a853667011ade69f
690dddf1c47cd1c0bf1067e1f9568ec946905d8643805830520ae9fc572d1ae7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js HTTP/1.1
Host: marinegruffexpecting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 21 Oct 2022 18:30:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abfa6c7f0b75b2b4bb0f2ed2f23a33d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
360379c244ec6d835605c934f1b5c1fd
d0ef095c0e3f94d99f1424b2e9ee44a76d929ded
68fa2fc9d68fb8fdb5c7a5402c2bdf2511bb2b4f8645fe98619264fc5cacf957

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "68FA2FC9D68FB8FDB5C7A5402C2BDF2511BB2B4F8645FE98619264FC5CACF957"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16748
Expires: Fri, 21 Oct 2022 23:10:05 GMT
Date: Fri, 21 Oct 2022 18:30:57 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1647305d7c5ecd8c16222c5a5103aa76
546bac97846c8b5ef19821c092318cad85858196
01ac75ce5f31d9129ef38c4f02bd89899a9137e6a96015fc2cdf7def9125347f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152241
Date: Fri, 21 Oct 2022 18:30:57 GMT
Etag: "63529103-1d7"
Expires: Sun, 23 Oct 2022 12:48:18 GMT
Last-Modified: Fri, 21 Oct 2022 12:30:59 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2mSXg6MGtqd8-RsdcWV5JsxfyB3AV5PGFLvBVYNtqYjWAKa6xkm_wQ==
Age: 1039

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ba1b23a4ff7876c02c5198373904f208
ac034e7485ef30341e2eae64c7addad255787526
48a19edb1de127533b40e4c5d2b75a4629f9417c3adcf9f6691a66e45ef9f612

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gvadz.click
access-control-allow-credentials: true
set-cookie: uid_id2=696a52ab-8c20-4bd8-b402-0180c9031df8:1:1; expires=Mon, 18 Oct 2032 18:30:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
360379c244ec6d835605c934f1b5c1fd
d0ef095c0e3f94d99f1424b2e9ee44a76d929ded
68fa2fc9d68fb8fdb5c7a5402c2bdf2511bb2b4f8645fe98619264fc5cacf957

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "68FA2FC9D68FB8FDB5C7A5402C2BDF2511BB2B4F8645FE98619264FC5CACF957"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16748
Expires: Fri, 21 Oct 2022 23:10:05 GMT
Date: Fri, 21 Oct 2022 18:30:57 GMT
Connection: keep-alive

addresseepaper.com/sfp.js

172.64.101.4

200 OK

27 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.101.4:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
27 kB (27121 bytes)
Hash
72ab81a33851a3b0f509fed70e9a9c6b
84113b70f36308ac80394472d5601a257075a9fc
ec7b2a8a505aece91774d9b9c38896cfcc29a50c9225f2ea316c134f0811d35a

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e859b1084f49461fac0cb495166d7f41
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 21 Oct 2022 18:30:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwRoMmWF8DDVFyhiFDXDpPIiwMnmfcNvqicU1aP%2FVQJ8glywUyea6r%2BSqy%2Fpu2WQanVyO2sEVCMlswI7c1CmSJ3p5OvW%2BOMViATAwSm6gXFH5Vqd0z6AR436HvgmVV%2FZj%2FO95IQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc113f9e1c7423-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aa7e58ca9155f83b8c3d5527bda903ab
d0d5d33e6596c7e1d0a5ed0f8f085594b6aade6e
a4cb6fa18934a31357db4c75c67cb3a8c8f3dd9c6ea3096212154e8da2fa59a8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4CB6FA18934A31357DB4C75C67CB3A8C8F3DD9C6EA3096212154E8DA2FA59A8"
Last-Modified: Fri, 21 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8415
Expires: Fri, 21 Oct 2022 20:51:12 GMT
Date: Fri, 21 Oct 2022 18:30:57 GMT
Connection: keep-alive

gvadz.click/js/jquery.min.js

104.21.47.62

200 OK

48 kB

URL HTTP/2
gvadz.click/js/jquery.min.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
48 kB (48527 bytes)
Hash
5051f05cb2c9475644a388b50578c9a9
575b390109fc7b5ede63e29b802a563bbf7fe032
41f79e22a94caa1b65f2bff10c621ad4ffbe6a8a6f17be84d89ee5b51ff2cb1d

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 23:27:20 GMT
etag: W/"603ec9d8-15d9d"
expires: Thu, 27 Oct 2022 22:16:08 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 72888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guu%2F1NedDpitOai94YDnOqJVyWwncFW0Kq6Isxti8njv6ngqmA3SKXZLbuFSd9CYkcN14nuPA0sMcsi8bomDe16CW%2BfGR6ufwM72sO4eQMCXRc08glNxTXRKdjO3bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139ddf1b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=1346111351.1666377070&jid=126419023&gjid=117710206&_gid=1113045509.1666377070&_u=YEBAAUAAAAAAACAAIC~&z=1719552794

173.194.222.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=1346111351.1666377070&jid=126419023&gjid=117710206&_gid=1113045509.1666377070&_u=YEBAAUAAAAAAACAAIC~&z=1719552794
IP
173.194.222.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=1346111351.1666377070&jid=126419023&gjid=117710206&_gid=1113045509.1666377070&_u=YEBAAUAAAAAAACAAIC~&z=1719552794 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://gvadz.click
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Oct 2022 18:30:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 18:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

literalcorpulent.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=787&bv=22.8.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
literalcorpulent.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=787&bv=22.8.v.1&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=787&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 21 Oct 2022 18:30:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ba1b23a4ff7876c02c5198373904f208
ac034e7485ef30341e2eae64c7addad255787526
48a19edb1de127533b40e4c5d2b75a4629f9417c3adcf9f6691a66e45ef9f612

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Cookie: uid_id2=696a52ab-8c20-4bd8-b402-0180c9031df8:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gvadz.click
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dd3e1f5c56726d6f8ef0a0c18d6ff954
7cac8e0d69bee51a2d545b5994854f03391210e3
22b0996b33df9cac69ad762217fba1f90531967bac1a6ca4d7b16fb3ad95439d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B0996B33DF9CAC69AD762217FBA1F90531967BAC1A6CA4D7B16FB3AD95439D"
Last-Modified: Wed, 19 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16652
Expires: Fri, 21 Oct 2022 23:08:30 GMT
Date: Fri, 21 Oct 2022 18:30:58 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=696a52ab-8c20-4bd8-b402-0180c9031df8&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=d318fa08f9d0af3f53ed4dad0b4564e8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=696a52ab-8c20-4bd8-b402-0180c9031df8&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=d318fa08f9d0af3f53ed4dad0b4564e8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=696a52ab-8c20-4bd8-b402-0180c9031df8&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=d318fa08f9d0af3f53ed4dad0b4564e8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 21 Oct 2022 18:30:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fffa50d768539f358a9f617d39a0bcca
Strict-Transport-Security: max-age=0; includeSubdomains

cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75dc1116ea05b4f9

104.26.12.236

200 OK

0 B

URL HTTP/2
cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75dc1116ea05b4f9
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75dc1116ea05b4f9 HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85?__cf_chl_rt_tk=x8RcggVA.8lCeYBGdUWVFK9Eh7dJmkMYSZ0PjnTCLAE-1666377050-0-gaNycGzNCD0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1UZmvXBKInXOuVZimE9ovr0cIDqaraTaFAh5k4IamRH3AIes8UBBioSpnbrmm9WmRYZi8ZpDuDJbxcQJv2ID9jFix8HC3bLxd3910TRGME1x86Aog%2Fw1qcbBex1qv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75dc1118dc54b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4f7ed69392ae801e60d1feb061dea261
cdn-cache: HIT
cf-cache-status: HIT
age: 98428
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75dc112e09790afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/js/jquery.cookie.js

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/js/jquery.cookie.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=4331
etag: W/"4de4c8c4-10eb"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Tue, 31 May 2011 10:53:56 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 72888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys8%2FCcEDpq90GxTxrvNQgnIz3kET7SBIINGaEpEwLvEH9qx%2FGfa3XV5skIfxzMKnUqP6RMZceHFcfYDJQ3vigm9RqPKWh7bia92LNLx7D8WQHFQqKg3vXSSohT6XSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139ddf7b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/js/xupload.js

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/js/xupload.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/xupload.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=10867
etag: W/"610a7d00-2a73"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Wed, 04 Aug 2021 11:41:52 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 72888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWf7ULRdcyKJCV42JgSIlfIIGyJ0o4Orp1L06yfru0%2Fx2h%2BmXfSLT1jbod2f4mVBy2BvWN6GJUmnFjQSekUZkdXK99L0d2VBMHisuaEuUofroudgM06U%2BcrXJdxhbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139ddf3b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.cam/favicon.ico

104.26.12.236

302 Found

0 B

URL HTTP/2
cima-club.cam/favicon.ico
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 21 Oct 2022 18:30:50 GMT
content-type: text/html
location: https://cima-club.pics/favicon.ico
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h9QrM52gtUQ17Dseh5NBM2tiWNqgauo30mfdOHUHvl0QhZUHgYInCdYMTsdcKDHZVu4MffmTE6t90xdvi8z6mO4ZCe8o0qlORzWXC5MU01ddjPPBg%2Fb1sihfpPwZWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc11189c12b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player_clappr/clappr-playback-rate-plugin.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Sep 2021 09:07:22 GMT
etag: W/"7d6a-5caeb64dec680"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBnLHPCb6Ub%2Bq5m%2BwKMvyVnzds4FifbII6CaytvmUvl16p94jZitL4D6ct0%2B%2B0S7b7sCqJ%2Bcce4imH0WZheuRE5kM0bHlUP1v%2FYU1PKGlt9rFj%2Fkw7TlVhTuG4OJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139edffb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

104.21.48.90

301 Moved Permanently

0 B

URL HTTP/2
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
104.21.48.90:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 18:30:50 GMT
content-type: text/html
location: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0hw%2FSWoimLgYvzIRxSlqK%2BLxnksn5ZB3J38cBAJ3LIweO1Va%2Bul3OgPXC13oqyn40FOFF0Dyk27K1ccIQ63bRrdS2MCbiFhavkRjdK1dKtxRJlPec%2BA0oMPLWkA%2F%2BwX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75dc11167afab4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

172.67.166.96

200 OK

0 B

URL HTTP/2
cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
172.67.166.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-the-hobbit-an-unexpected-journey-2012-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.cam/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:54 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkhlRWJ3WEk1N1ZBYmFaeTNNTUFjdlE9PSIsInZhbHVlIjoiWmdPaGljNEZXc3h1QU5kNDJ2dUdlM2t0MU5rVjd3WDNOclNaTWI4SDd2VTZjVFowRWJBeklZTkhYWml2WnVFRyIsIm1hYyI6Ijc4MzJlNGEyMjUwNjUzYWQxNTg3NjAwMDRlNjE1NDMyZjA3MThmZjM5MDZiNmVkYTJiNjFkNDczNWIwMGI0YTkifQ%3D%3D; expires=Sat, 22-Oct-2022 04:30:54 GMT; Max-Age=36000; path=/
cimaclub_session=eyJpdiI6InY2bUVaWmZrXC9HY3dSaDkrU0NNWjhnPT0iLCJ2YWx1ZSI6Im9rYlZkaVNWTkxhTll5WXZPNnErUHJMNDdOSlhFOTg5dXlhdjdsRGhSZXpSRDh1VDB4XC91WEpHVkljNnVaZDM1IiwibWFjIjoiMzZjMmEyNGE5ZjZmYzljNjZlYWY4YzhjOGNjZGI1Zjc5NzdkZWE3ODc1MTliNGMwYTk3YWYwMjdhZDBiOTk5NyJ9; expires=Sat, 22-Oct-2022 04:30:54 GMT; Max-Age=36000; path=/; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08DrU%2Fb6uKQ%2BO%2BnflZh0qgUN%2Bd3spgT2ukreDKHsZgcBmOX%2BPXiJwCmLeQE%2FaqSNJm6pfv9y94QTqztDXjooPAwu5XcwZrWiCuVITjUIxSjBt5HasFml853yqDy0h3uH4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75dc112c6a33b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 18:30:54 GMT
date: Fri, 21 Oct 2022 18:30:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Righteous&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Righteous&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Righteous&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 18:30:54 GMT
date: Fri, 21 Oct 2022 18:30:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Tajawal:500,800&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 18:30:54 GMT
date: Fri, 21 Oct 2022 18:30:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gvadz.click/css/main.css

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/css/main.css
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/main.css HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: text/css
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=49270
etag: W/"615bff04-c076"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Tue, 05 Oct 2021 07:30:12 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 72888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smOM8QCVmKWa%2BOhd6QLYH5IGm3hH1ihqCVm4HX%2FNZFxCVldo5OLNVAybkP0X7cVFJNA%2Fg3SrLU%2FyIjrQ8MaVbosJFh%2FA8aD5Jl0oEoU8AKE1dZDMZHOPzHfqQ6qRVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139ddefb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/player_clappr/clappr-chromecast-plugin.min.js

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/player_clappr/clappr-chromecast-plugin.min.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player_clappr/clappr-chromecast-plugin.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-di5wpdl6fpjh.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 18:30:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 09 Feb 2019 03:27:44 GMT
etag: W/"6368-5816da89f8c00"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnTQUu9FOFdOK9yvoyIfQC9x1DMAuGnKg8GuE1qm846LERVc5kRda7sd1tlrFU9G2vtiVrIW4DhWVDFvKMNFgiVXtol1ffNSNjznt1VWzn9oCyklHbgakNHbH1QNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dc1139edfdb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations