r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12356
Expires: Tue, 13 Sep 2022 22:28:15 GMT
Date: Tue, 13 Sep 2022 19:02:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 18:08:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AolBeL3OGulOe3UxZz8vHWzlpjxzh6BHqPMEH0cxHO8Vh7Y7WkdJBQ==
Age: 3208
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QuHTwLIjHoVvqk7zpfR6HUK04oRu_6lA-jBwC5aJpOg9kCDr5iXJ8w==
age: 52026
X-Firefox-Spdy: h2
ultracine.online/quebrando-regras-2/
301 Moved Permanently 162 B URL HTTP/1.1 ultracine.online/quebrando-regras-2/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /quebrando-regras-2/ HTTP/1.1
Host: ultracine.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 19:02:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ultracine.online/quebrando-regras-2/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cJyA1PXaTB%2BGd33kA0LO2p7w%2BsKKMcs5ZqoNwe5zX5xgF%2FYNKBHAP1Ei8KSU8RDPVq%2FtmuU7wiCBvKQ7ODrA5bRxhSSYu6WQj4tN%2BDad9i7c5jY39YUSYS5BdUNd6LKyI6%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74a322f5dc5a1c06-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash db200f597d08ca03c68d750d432b4978
18ccaa80959db0386c53dbb98f147b0add5ed446
932eea58915ec5d95a41065d19f788515a91f74629867e11fda454b2f7e4d983
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "932EEA58915EC5D95A41065D19F788515A91F74629867E11FDA454B2F7E4D983"
Last-Modified: Tue, 13 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13624
Expires: Tue, 13 Sep 2022 22:49:24 GMT
Date: Tue, 13 Sep 2022 19:02:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 18:03:22 GMT
Expires: Tue, 13 Sep 2022 18:15:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cYGDD3KMDIu7_dLo4QxCaQljEKS8-47Kda-kAAbhHfmGZcwCR_d7PA==
Age: 3538
ocsp.digicert.com/
200 OK 471 B IP
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:20 GMT
Last-Modified: Tue, 13 Sep 2022 17:44:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash db200f597d08ca03c68d750d432b4978
18ccaa80959db0386c53dbb98f147b0add5ed446
932eea58915ec5d95a41065d19f788515a91f74629867e11fda454b2f7e4d983
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "932EEA58915EC5D95A41065D19F788515A91F74629867E11FDA454B2F7E4D983"
Last-Modified: Tue, 13 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Tue, 13 Sep 2022 22:49:24 GMT
Date: Tue, 13 Sep 2022 19:02:21 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ffe/znNnBTmP/RVNjyY5+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u4YhG0iOLjhzJhs8eowWKGf/yVc=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/lazyload@2.0.0-beta.2/lazyload.min.js
200 OK 896 B URL HTTP/2 cdn.jsdelivr.net/npm/lazyload@2.0.0-beta.2/lazyload.min.js
IP
File type ASCII text, with very long lines (1932)
Hash 7337b1082c3a644c615e34a49cb29bca
6f8d7d501aa14dedc1ad846655323ee794bbe37b
1f7ef30e51984123c72a1fae4775b60ca7cde0389d10d651b2c3d0ece688c56e
GET /npm/lazyload@2.0.0-beta.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.0-beta.2
x-jsd-version-type: version
etag: W/"7dc-ZYDS+h6t41BWJ8GTlxqTzMLliKY"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 19:02:21 GMT
age: 3008016
x-served-by: cache-fra19151-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 896
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 56 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 164b977326598d470d299aa0a5e77eec
6e9de8c88ed42fdc0913d3aafd88de1a60df58ac
a08cbaeb15d68f6a0ad06fc2956f4583a56028c6f8c159cea99f11f5c9330593
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 19:02:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BCBE2F1407854DA94C4B08CE1A66250CC186976F"
Expires: Wed, 14 Sep 2022 06:00:00 GMT
Last-Modified: Tue, 13 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2117
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a322feaacfb4f9-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 37880
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 516493
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:21 GMT
expires: Thu, 07 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 516480
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:11:04 GMT
expires: Tue, 12 Sep 2023 21:11:04 GMT
cache-control: public, max-age=31536000
age: 78677
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Hash b919c02f6f8c3faa5287ec60186a5084
80ac1992c470d053b0c2957941d8d32dddb2ef1a
da1dd54c4be47ea77d97018426c0055e19b2efdf85cc1f74ac8ae813ee1767ce
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 02:02:22 GMT
expires: Sun, 10 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 320399
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:13:12 GMT
expires: Tue, 12 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 78549
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Hash 56b8af2487933bdf9859f423ff0c5845
9bf03fd5a8679bcc486e08449a2709f4f364da85
64e275a6db2693a8f3ebb8cc620c4cd588e3e2035e847c25fdfad0af87d401dc
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 516493
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=189079057&post=58349&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=1578&rand=0.6446753186707411
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=189079057&post=58349&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=1578&rand=0.6446753186707411
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.1&blog=189079057&post=58349&tz=-3&srv=ultracine.online&host=ultracine.online&ref=&fcp=1578&rand=0.6446753186707411 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
Hash 0c843d2cc83e382b17c81dee4b3683ce
a5e9b6b9c03b75f794b8e9f1831069894305fadd
45f6812b412e25c4e4bd10c932f9db3fedd89b66b2dc0b1cf355a7d5bbb991b1
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:17:40 GMT
expires: Wed, 06 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 593081
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f0784263d305debb2d8603396f97dfb
31978f7c69e0cb2ae7e872e1d850e6c066a01c6b
916315132ae744e6539aed3d6dc0c4f8b8780f90a3763da106508548a8813a75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "916315132AE744E6539AED3D6DC0C4F8B8780F90A3763DA106508548A8813A75"
Last-Modified: Tue, 13 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15008
Expires: Tue, 13 Sep 2022 23:12:29 GMT
Date: Tue, 13 Sep 2022 19:02:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a3aa2ad32cde8335d01c1dca90cf9309
729e35d86555bca0988ed7fe9916481668279792
fb2a1c019425933484bd7879d92ad313950fea2810b47aa9713b7ce2e70a74be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2A1C019425933484BD7879D92AD313950FEA2810B47AA9713B7CE2E70A74BE"
Last-Modified: Sun, 11 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15276
Expires: Tue, 13 Sep 2022 23:16:57 GMT
Date: Tue, 13 Sep 2022 19:02:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a3aa2ad32cde8335d01c1dca90cf9309
729e35d86555bca0988ed7fe9916481668279792
fb2a1c019425933484bd7879d92ad313950fea2810b47aa9713b7ce2e70a74be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2A1C019425933484BD7879D92AD313950FEA2810B47AA9713B7CE2E70A74BE"
Last-Modified: Sun, 11 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15276
Expires: Tue, 13 Sep 2022 23:16:57 GMT
Date: Tue, 13 Sep 2022 19:02:21 GMT
Connection: keep-alive
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
date: Tue, 13 Sep 2022 19:02:21 GMT
expires: Wed, 13 Sep 2023 19:02:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
200 OK 2.5 kB URL HTTP/2 fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (745)
Hash 68bb1f3ca5ba8123f6aecf53fe2c617e
79b3e8acd3df4226d646f164b530141a57f2c761
b398fcf162cb767e20d67fb294d85db4b1146f1840536f4cf0f9e215ae0edaa4
GET /filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8cqq1sqrgdoj48g9f8np4tui1k; path=/
popads=1; expires=Tue, 13-Sep-2022 19:04:21 GMT; Max-Age=120; path=/
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 2497
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w1280/9InVXZt8HKsprAKwDp2BYdVtaEt.jpg
200 OK 220 kB URL HTTP/2 image.tmdb.org/t/p/w1280/9InVXZt8HKsprAKwDp2BYdVtaEt.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size 220 kB (220012 bytes)
Hash 4ea51aa9b7a92e99dcbc22ae11c79d92
b483b5163135bfdcc67f96378916310ddfe43bd6
abca53c28377d4999908cd8e80d180d8a758fe6d6b9b332c30c34bc1d89bcfc0
GET /t/p/w1280/9InVXZt8HKsprAKwDp2BYdVtaEt.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: image/jpeg
content-length: 220012
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62ecfff7-35b6c"
last-modified: Fri, 05 Aug 2022 11:33:11 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 422
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/28/2022 05:24:35
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: a0d922a43f16aa362292f6db7e45e8a4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
arc.io/widget.min.js
200 OK 2.9 kB IP
File type ASCII text, with very long lines (7592), with no line terminators
Hash 44ac2a812e95272e6d9ed16c44ffda1c
9f8ecf1ae18ef55b4eb499eeef760cd424931c58
336091d383557244d60a67403e6a11906ed5f9be6b535a7dc2484b912bb82a57
GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2933
last-modified: Wed, 07 Sep 2022 18:00:43 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 13 Sep 2022 18:56:47 GMT
cache-control: public, max-age=3600, stale-while-revalidate=864000
etag: "6318dc4b-b75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6J0_Tc2vUQ8WoWBCd5nP5MWlQ9Ag6vDGrDlNEXDCSsz6peRrUCYvjw==
age: 334
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 27 kB IP
Hash b8bd539cb8137e0d8e4292356c1b365c
ce4320a9fb5ef292a5f8c8f7491d4fddb4c15a2f
db1874554abb03654ee54bcdc25a6a4ade9db4260b275f94ce208a0720a9cc66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-0SEMV10735
200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0SEMV10735
IP
File type ASCII text, with very long lines (20189)
Hash 7a6c6ef2fbdf3abb5e8dd286cafd80ad
85db8872af6ffc38c894801fc15887a45dd0efc4
39bef495742e69bdf4b1da26d78f357f1354bcb40df28b54b6bf1f8bab4dee76
GET /gtag/js?id=G-0SEMV10735 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
expires: Tue, 13 Sep 2022 19:02:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fshd.link/css/player.css?v=1.0.0.0
200 OK 1.8 kB URL HTTP/2 fshd.link/css/player.css?v=1.0.0.0
IP
File type ASCII text, with CRLF line terminators
Hash 49e570a34e1b70bd8215d9d81c61504f
903c8a8f47bf35be146323f4c98cd2aecc42ba24
00e6ea5aea14c79a9c2bc52abfb69f296ce5a764f64ff8b91f8b4d6871cf2aff
GET /css/player.css?v=1.0.0.0 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 19:02:21 GMT
etag: "23bd-62ef6610-b010a7;br"
last-modified: Sun, 07 Aug 2022 07:13:20 GMT
content-type: text/css
content-length: 1827
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fshd.link/css/lancaster_io.css?v=1.0.0.0
200 OK 201 B URL HTTP/2 fshd.link/css/lancaster_io.css?v=1.0.0.0
IP
File type ASCII text, with CRLF line terminators
Hash bde9d951c1847272de121c4c886869d2
217bddd75e52cc041e74a93e1c7f6ddfafa92073
3f69b56856b831acfe189fe654f4038dff381e85ff19e7e9a6d5fd60e2bf8ffe
GET /css/lancaster_io.css?v=1.0.0.0 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 19:02:21 GMT
etag: "271-62ef660f-b010a9;br"
last-modified: Sun, 07 Aug 2022 07:13:19 GMT
content-type: text/css
content-length: 201
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f0784263d305debb2d8603396f97dfb
31978f7c69e0cb2ae7e872e1d850e6c066a01c6b
916315132ae744e6539aed3d6dc0c4f8b8780f90a3763da106508548a8813a75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "916315132AE744E6539AED3D6DC0C4F8B8780F90A3763DA106508548A8813A75"
Last-Modified: Tue, 13 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15008
Expires: Tue, 13 Sep 2022 23:12:29 GMT
Date: Tue, 13 Sep 2022 19:02:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/fCLaZFD.png
200 OK 878 B IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e32cd36af2d2a9c1d437254908cc967
8d4e4e37d9a753e5088fc177cff0efea1dfe1fe6
41bb74ee705dd7679fe8407e17c4ad8fac76ef629b232a2d26b94aca8c6a7bc3
GET /fCLaZFD.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 26 Sep 2021 02:04:42 GMT
etag: "2e32cd36af2d2a9c1d437254908cc967"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 19:02:21 GMT
age: 3042905
x-served-by: cache-iad-kiad7000057-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663095742.880586,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 878
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300_and_h450_bestv2/dCTsgWyQKmrMopvtMHtnGA2tghW.jpg
200 OK 27 kB URL HTTP/2 image.tmdb.org/t/p/w300_and_h450_bestv2/dCTsgWyQKmrMopvtMHtnGA2tghW.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash e4bbbeed042ee6af396e726267fde411
d54a8a88146f8faa02f8856b34a3ae54eb1bd309
848da3a8178d1f3f13c6e3b0bb7f072bf10751c7b8c959260bc4723b4f942c66
GET /t/p/w300_and_h450_bestv2/dCTsgWyQKmrMopvtMHtnGA2tghW.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: image/jpeg
content-length: 26647
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "629bfd0e-6817"
last-modified: Sun, 05 Jun 2022 00:47:10 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 351
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 19:02:21
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 0a4595f638d777b747c82bc6d23dd222
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fshd.link/css/remixicon.css?v=1.0.0.0
200 OK 13 kB URL HTTP/2 fshd.link/css/remixicon.css?v=1.0.0.0
IP
Hash cbc44ae2079ceac2db351393ade3605d
aeb58990cdaa5ff0182e7f1b7b1f242e448195f5
3a9390f87a8e336c2cdcda4e753a4ba622414d7844f62dc37d14c8a99d25bfc8
GET /css/remixicon.css?v=1.0.0.0 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 19:02:21 GMT
etag: "1af8a-62ef6612-b010a6;br"
last-modified: Sun, 07 Aug 2022 07:13:22 GMT
content-type: text/css
content-length: 12947
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
https-www-cinefilmeshd-org.disqus.com/embed.js
200 OK 25 kB URL HTTP/1.1 https-www-cinefilmeshd-org.disqus.com/embed.js
IP
File type ASCII text, with very long lines (32091)
Hash adb3273cab9492ecf8a386d51be83326
b4e3053980fc69d3ad67636e6349625d59fa7cfb
8943fce429972ecef79c87693156c077707f2610980ceb342a3a5372b7a42dc8
GET /embed.js HTTP/1.1
Host: https-www-cinefilmeshd-org.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25376
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 19:02:21 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 026a604d3c0d81b1e4d77c80c771a686
e10720b1cb0ee04271cfb2876d98d96dfdf8a931
6bd580feae5e9443ae001e887bf37ce5168fc6e793bf8d95fef3764761a44042
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BD580FEAE5E9443AE001E887BF37CE5168FC6E793BF8D95FEF3764761A44042"
Last-Modified: Tue, 13 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Wed, 14 Sep 2022 01:01:51 GMT
Date: Tue, 13 Sep 2022 19:02:22 GMT
Connection: keep-alive
fshd.link/js/jquery.min.js?v=1.0.0.0
200 OK 30 kB URL HTTP/2 fshd.link/js/jquery.min.js?v=1.0.0.0
IP
File type ASCII text, with very long lines (65451)
Hash 1114c2c5603cbab60fed87d89198d75a
19aebd714c367b5a41ad74f5d2a832f00dd2b307
4f8d0558da6026e52af5b306c323cd4f081badd1ec231a6ee0065c4afde08564
GET /js/jquery.min.js?v=1.0.0.0 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 19:02:21 GMT
etag: "15d84-62ef6687-b01086;br"
last-modified: Sun, 07 Aug 2022 07:15:19 GMT
content-type: application/x-javascript
content-length: 30121
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fshd.link/js/rteam_native_notify.js?v=1.0.0.0
200 OK 482 B URL HTTP/2 fshd.link/js/rteam_native_notify.js?v=1.0.0.0
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7c1f216e1ebd60dac6ffdb41bc8580f4
d0cd89ffac73a7c0bd58fa9b7ba457dd8025bd84
0d70ea8842bd4a5e014c10269c8a92c5055bbbd6906272670785e0b12e597fea
GET /js/rteam_native_notify.js?v=1.0.0.0 HTTP/1.1
Host: fshd.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/filme/tt1754264?ref=93944f39cd9fb2175f98a06c081c20db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 19:02:21 GMT
etag: "4ab-62ef668b-b0108c;br"
last-modified: Sun, 07 Aug 2022 07:15:23 GMT
content-type: application/x-javascript
content-length: 482
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 19:02:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 737d6974045bcf166602c9de4e7fc276
9db0759ef609b35d807c9de2523be04e0d2dbb30
30688a587ed768799e274d862079028faa16498db993ebca282b80414e3f0fe5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 19:02:22 GMT
server: ESF
cache-control: private
content-length: 30918
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 440524
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c87e275edda8971c8ab5afae367edbd
d2286a0ac89c06a35f7c557229eafec442e7f629
1daec2692069545034b7f309680240e5f1cf59c7986a31f6c440ee72a0ccd871
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DAEC2692069545034B7F309680240E5F1CF59C7986A31F6C440EE72A0CCD871"
Last-Modified: Mon, 12 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15920
Expires: Tue, 13 Sep 2022 23:27:42 GMT
Date: Tue, 13 Sep 2022 19:02:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32d0b408ff566521fb9660ff8eebd74e
5b82edf34e247e956dbcd83157138450d149af8d
9c447b7e78b5c43e5d73be389d8bee0e66371043496ec221c27c11eca3cb7a7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C447B7E78B5C43E5D73BE389D8BEE0E66371043496EC221C27C11ECA3CB7A7C"
Last-Modified: Mon, 12 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16036
Expires: Tue, 13 Sep 2022 23:29:38 GMT
Date: Tue, 13 Sep 2022 19:02:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 19:02:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Tue, 13 Sep 2022 22:25:08 GMT
Date: Tue, 13 Sep 2022 19:02:22 GMT
Connection: keep-alive
static.arc.io/broker/js/broker.b281d075.js
200 OK 10 kB URL HTTP/2 static.arc.io/broker/js/broker.b281d075.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (24373), with no line terminators
Hash dfcff358408d5d176abb2f2b39a11695
09be8536bc92d6bee025982ae99e2917aa192db6
8bc15dc25887f0e93374e18c297ff735e0897458afa9c36528a9d12930a7995a
GET /broker/js/broker.b281d075.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 15mXd8XH2lx2CE03B29NPUH0DZY/LOqIKeKzeLqmQNgXs1snFjVDp9XICA09Vhudm/HuQ+kRbm0=
x-amz-request-id: 1BTZ9YPB4J9E9E0X
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aeb3593fc6a36fe0167c25cdc0f5727d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 56718
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.arc.io/broker/js/chunk-vendors.5e1d8045.js
200 OK 20 kB URL HTTP/2 static.arc.io/broker/js/chunk-vendors.5e1d8045.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (36366)
Hash c45854db66d2aa36c4681e872be7244c
e5531701b9e84fe9e7f3c5c3fa7f8c03a1cf72ad
6313723c31b30f3c5fa8c94b8f7ca76ed2c024df97d17054343399987eeacb2e
GET /broker/js/chunk-vendors.5e1d8045.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: Lg09pm0SMLA2gDpgvbsYLOJ6t8VM7iye6bHwugpdkzqKL5tqPfuDc6xQsPbM2BumjX36g9SpKpc=
x-amz-request-id: K2YYHZ7GZXR992N5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 06/29/2022 22:31:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f82094ccd813d7a1e92a7341d348e835
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 76830
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 75903
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 9d4f8b01-c36c-4378-9c9d-5660084b781f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxNlNGmZIAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63105c87-33f69c990fc7a6073eb5a63a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:17:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3cLpeRf1RAA79G5O1p1xmgDHk_o9Ba-F9KnZqS_X_2kr1543CwnMg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:02:59 GMT
age: 35963
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 76008
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 76001
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
image.tmdb.org/t/p/originalhttps://www.themoviedb.org/t/p/original/mgstAcEIqF3RIWVqP4jICEy3q9F.jpg
200 OK 102 kB URL HTTP/2 image.tmdb.org/t/p/originalhttps://www.themoviedb.org/t/p/original/mgstAcEIqF3RIWVqP4jICEy3q9F.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 102 kB (102449 bytes)
Hash 0456226b842539dc7d2d4b4599950302
5b8001a8053b869255eb610c8168e5feaa0d3a3c
7720f515cfaed0dbf0d8802917bf5007bb4d35ec60702e71133cdb398dc1b378
GET /t/p/originalhttps://www.themoviedb.org/t/p/original/mgstAcEIqF3RIWVqP4jICEy3q9F.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: image/jpeg
content-length: 102449
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62993386-19031"
last-modified: Thu, 02 Jun 2022 22:02:46 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 246
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 19:02:22
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 1077b4c9b4a06018a4e977f613029f16
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c373fd4ae5bb48ee5a0e3210c405f56
b772ddcfe8352b96bc507c9c884b5c679a8db938
8e5edfb4c0d99beffd0b676bfe7c2619e7bf5be0655a947ac49ea20d790a9ef7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E5EDFB4C0D99BEFFD0B676BFE7C2619E7BF5BE0655A947AC49EA20D790A9EF7"
Last-Modified: Tue, 13 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17956
Expires: Wed, 14 Sep 2022 00:01:38 GMT
Date: Tue, 13 Sep 2022 19:02:22 GMT
Connection: keep-alive
static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
200 OK 55 kB URL HTTP/2 static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (63194)
Hash f4ec2c3ed8386fd3e06257d22c094af0
eae234998db6e9b3dd06459bb3b6fa1322712477
987221eef92aed3373db42516798c3692e26668ade0f128ef6de19fa6038b13a
GET /widget/js/vendors~widget-ui.js?c9b0de53 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: A9pqjKPrqIQflyxmXrVwzuzToR7cxaWclWx6NjnAerAt8ogrYlvolAtqoGvvdIsvqEeqAzY1AX0=
x-amz-request-id: 6ACY3P80RJNPZB5G
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cbe0075f43b61d4742288540534a0f73
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 41f9179e59a25f47d57ee44aedba74e7
0fc36a87fcedb98f3748739cc0718470de2f59c2
b4a615e3b1606fa2e99cbfca9a7a7b93257ebcf5957c308cfbaf7f8d4f37415a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 19:02:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:21:26 GMT
Expires: Tue, 20 Sep 2022 01:21:25 GMT
Etag: "0fc36a87fcedb98f3748739cc0718470de2f59c2"
Cache-Control: max-age=540542,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a32305cd14b4f3-OSL
my.rtmark.net/gid.js?userId=4e4d98e9f0764b1f93a17090fad818c3
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=4e4d98e9f0764b1f93a17090fad818c3
IP
File type JSON data\012- , ASCII text
Hash ccbe4159ec26c87cb09c2ada83756b4b
851bb41fce3d9cdbac9c2c9c1346002fb99b217e
2243b44deee37123c357e7acb7a93a26b13a00c9d3ac20b3b31ceb076075570b
GET /gid.js?userId=4e4d98e9f0764b1f93a17090fad818c3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fshd.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4e4d98e9f0764b1f93a17090fad818c3; expires=Wed, 13 Sep 2023 19:02:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 15b95723633595ad67c9780c20a13b6a
484d7e07fece945b89a75a9db452aa5f0a7717ff
3e00e27ee37e5570de48109ec3d15a7804e4909a9163c55126b39a348ae18760
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 19:02:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 13:52:28 GMT
Expires: Mon, 19 Sep 2022 13:52:27 GMT
Etag: "484d7e07fece945b89a75a9db452aa5f0a7717ff"
Cache-Control: max-age=499204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a323071fbeb4f3-OSL
t.dtscout.com/i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F
200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F
IP
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&j=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 13 Sep 2022 19:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Tue, 13-Sep-2022 20:25:42 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 13-Sep-2022 23:02:22 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1663095742; Domain=dtscout.com; Expires=Thu, 22-Dec-2022 19:02:22 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.677
Expires: Tue, 13 Sep 2022 19:02:21 GMT
Cache-Control: no-cache
static.arc.io/broker/js/lazy-modules.a169b1ec.js
200 OK 18 kB URL HTTP/2 static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (25027)
Hash 2a9e5d1591449dd9dc1d80606e55a17d
111e3851cfb9128a68a50a550663130269c50940
c76bf7bf94b75d1eef96613aba70957ae6d7c119d4946ae92576a84f8e6da513
GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 1HPOvli1UWDpUZXFWu6CwdlYyQUcdV4wPGgPy4nfB7B6fDlC7Q604ob7CUR3XzVeynp2AAE8mww=
x-amz-request-id: ST1DTDBD2C8CBP39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:43:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6c152ee420fad02c033d87371b1ae9b8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js
200 OK 495 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js
IP
File type ASCII text, with very long lines (958), with no line terminators
Hash 64d31c78ba756456d69bdb54e6860b8e
5ce3de41f4cc04435b0b2e085ac408862c12a466
c86c0bc6b75532ab48f900337724348591e4015ce307d1949e52f101afd2226b
GET /next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 495
date: Mon, 12 Sep 2022 19:34:10 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-1ef"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MmQdGERlzGf8Yg3ulzImEs81UtwXcYkyOiNHMtZBOrI4XTP15zxDNQ==
age: 84492
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash bce4b35595c4db830e88f008b19592db
64f35ef6ff1399d5800ea0f2a5d4e5f6645c2e7c
29bd97e7033a6b446a8f901bf1de4a45235e9c6a99c4668076d8e2a8a51c7f4d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 19:02:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 05:02:26 GMT
Expires: Tue, 20 Sep 2022 05:02:25 GMT
Etag: "64f35ef6ff1399d5800ea0f2a5d4e5f6645c2e7c"
Cache-Control: max-age=553802,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a3230849ccb4f3-OSL
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hqHmCXltXwT9ldGRQLUv2i1eRhNTSfsGeXfw1eHjV2rJyFyoXLiILQ==
age: 4369254
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Content-Type: text/plain;charset=UTF-8
Origin: https://fshd.link
Content-Length: 1582
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 13 Sep 2022 19:02:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://fshd.link
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
t.dtscout.com/pv/?_a=v&_h=fshd.link&_ss=37pcc51d7s&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2w&_cb=_dtspv.c
200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=fshd.link&_ss=37pcc51d7s&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2w&_cb=_dtspv.c
IP
File type ASCII text, with no line terminators
Hash ad839dea64370875c3576d93f977e045
ddd7b850122ab0ac1e90b2b22a854757f12408ec
12e55c8ecf0881177440a0ce8b3bc741d507c37948b951a2e86f9ccb4dee966a
GET /pv/?_a=v&_h=fshd.link&_ss=37pcc51d7s&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6t2w&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Cookie: m=1; oa=1; df=1663095742
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 13 Sep 2022 19:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.216
X-C: 0
Expires: Tue, 13 Sep 2022 19:02:22 GMT
Cache-Control: no-cache
c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
IP
File type ASCII text, with very long lines (65469)
Hash 4ce72b6a8aa2f41bee77d2e9368008a3
5bcae35b33d95af653f83d0435bfb8b590a06254
4fbb9394a919e5b087e3d63b77781758489f02be847eb899e977518576a906cb
GET /next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26136
date: Mon, 12 Sep 2022 19:34:09 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-6618"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: azDcOYZVy3Btw-mueU56etKrtD0-j6Nic2bik9mFc23XvDUOmDUtvA==
age: 84494
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js
200 OK 124 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js
IP
File type ASCII text, with very long lines (32035)
Size 124 kB (124008 bytes)
Hash c2be67ea36262afa1d757cce4842b658
a18b815d368d6b9d16836aa3e51fcebf10e74f42
93d5b2c272e433fe2f9128218e4b55babd694f884fd4ab59f88aa15e754dd41f
GET /next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 124008
date: Mon, 12 Sep 2022 19:34:09 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-1e468"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zBUCb8BlyyJq2gPMXAGRYTkW8QQxx02vOGb9GbTgmp2bSCxcOcfnFw==
age: 84494
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c8fdc62bb318e0b60c57a2e46d0ccdea
a61e2ebe2f4e6c8bd3470fe39ec54e60b1ef329e
ab5679e657f708164a053c23602d3e3c3b700bf82ea3df57c23ea3be85e059c4
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 850
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 19:02:23 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=w5qo830417jq199878051e1l6cbqm573
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=w5qo830417jq199878051e1l6cbqm573
IP
File type JSON data\012- , ASCII text
Hash ccbe4159ec26c87cb09c2ada83756b4b
851bb41fce3d9cdbac9c2c9c1346002fb99b217e
2243b44deee37123c357e7acb7a93a26b13a00c9d3ac20b3b31ceb076075570b
GET /gid.js?userId=w5qo830417jq199878051e1l6cbqm573 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: ID=4e4d98e9f0764b1f93a17090fad818c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fshd.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4e4d98e9f0764b1f93a17090fad818c3; expires=Wed, 13 Sep 2023 19:02:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=0x34535a&t=Quebrando%20Regras%202%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1821
200 OK 11 kB URL HTTP/2 whos.amung.us/pingjs/?k=0x34535a&t=Quebrando%20Regras%202%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1821
IP
File type Unicode text, UTF-8 text, with very long lines (26494), with no line terminators
Hash fed960839a43c9dda117953852458c0f
815037e8fe2b95599b2f4a400354e1f1edbfe3e8
860ebd517476e8d22fce83e4e4eb4c44f37f6d17c10ef3714d2ca2b6001d4a95
GET /pingjs/?k=0x34535a&t=Quebrando%20Regras%202%20-%20FSHD&c=d&x=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&y=https%3A%2F%2Fultracine.online%2F&a=0&v=27&r=1821 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a3230a9cbf1665-ARN
X-Firefox-Spdy: h2
ossnatuer.com/500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 0 B URL HTTP/2 ossnatuer.com/500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fshd.link/
Origin: https://fshd.link
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fshd.link
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8ONIXDYE6wgi7i7Q9e0yrLpLLfs-bCqHR2QbMrlVoTOSShAM9TlxBQ==
age: 4369253
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MSudwgsWqOZINHVjo7T1O8ifzthDrmnjOS0IA7TLujuXFo0UqxquwA==
age: 4369253
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-1edc"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8hd_Y8j_Um5HoLo8x8Sx2nHJKhJfni050TvFbFoUH9zfLXdjlJmWLw==
age: 4369253
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.2 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
File type JSON data\012- , ASCII text, with very long lines (3200), with no line terminators
Hash 44a163d85d245061f6f5e1177866b6dc
3dc55d4471da0ec492aa2b40d47a082ab80db483
c24e7548abd69de4e6c895bbf55cd7fd2f84d5eea77be57c540d2ee75cbba41e
GET /api/3.0/forums/details?forum=https-www-cinefilmeshd-org&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Fquebrando-regras-2%2F&t_d=Assistir%20Quebrando%20Regras%202%20Online%20-%20UltraCine&t_t=Assistir%20Quebrando%20Regras%202%20Online%20-%20UltraCine&s_o=default&l=pt
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3200
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 13 Sep 2022 19:02:23 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
cdn.tynt.com/tc.js
200 OK 8.3 kB IP
Hash 5b7186530a4ffcebb7255502e9ae163a
1c124d91b4f4b39dbc5100dd4e4ef50f6222a7d0
973b9755bf3fd6846782e6b87c142ab74f6d5aa902eff85f4eb3ade7a97e7ba4
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 13696
expires: Fri, 16 Sep 2022 19:02:23 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 74a3230c6a221c12-OSL
X-Firefox-Spdy: h2
ossnatuer.com/500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
200 OK 28 kB URL HTTP/2 ossnatuer.com/500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (33474)
Hash 9cc32706fda59d24d98cf815e9bd8ec6
376b7f8ded2d3bc073daf20330ce461f4d656b69
108f0f60cea497836278a904a8024eed26dbbf03e97b70cc68ebd7b25eb99938
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5294569?excludes=&oaid=w5qo830417jq199878051e1l6cbqm573&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=4&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: OAID=9930cf9e9e3244b2a801498997b35e01
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/javascript
x-trace-id: a0fb667c01edd9dd52d10ec1d04d152a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://fshd.link
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=w5qo830417jq199878051e1l6cbqm573; expires=Wed, 13 Sep 2023 19:02:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=w5qo830417jq199878051e1l6cbqm573
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=w5qo830417jq199878051e1l6cbqm573
IP
File type JSON data\012- , ASCII text
Hash ccbe4159ec26c87cb09c2ada83756b4b
851bb41fce3d9cdbac9c2c9c1346002fb99b217e
2243b44deee37123c357e7acb7a93a26b13a00c9d3ac20b3b31ceb076075570b
GET /gid.js?userId=w5qo830417jq199878051e1l6cbqm573 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fshd.link
Connection: keep-alive
Referer: https://fshd.link/
Cookie: ID=4e4d98e9f0764b1f93a17090fad818c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fshd.link
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4e4d98e9f0764b1f93a17090fad818c3; expires=Wed, 13 Sep 2023 19:02:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=1.590723670452252
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=2&rn=1.590723670452252
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=1.590723670452252 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a3230deb9eb509-OSL
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=1&rn=1.590723670452252
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=1&rn=1.590723670452252
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=1.590723670452252 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a3230deb9cb509-OSL
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/telemetry/lounge_dynamic.gif?embed=686&frame=457&asset=211&render=34&total=756&frame_rtt=60&config_rtt=23
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/telemetry/lounge_dynamic.gif?embed=686&frame=457&asset=211&render=34&total=756&frame_rtt=60&config_rtt=23
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/telemetry/lounge_dynamic.gif?embed=686&frame=457&asset=211&render=34&total=756&frame_rtt=60&config_rtt=23 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=https-www-cinefilmeshd-org&t_u=https%3A%2F%2Fultracine.online%2Fquebrando-regras-2%2F&t_d=Assistir%20Quebrando%20Regras%202%20Online%20-%20UltraCine&t_t=Assistir%20Quebrando%20Regras%202%20Online%20-%20UltraCine&s_o=default&l=pt
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Tue, 13 Sep 2022 19:02:23 GMT
Cross-Origin-Resource-Policy: cross-origin
cdn.itskiddoan.club/apu.php?zoneid=5351742
200 OK 29 kB URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5351742
IP
Hash 956cf5b8c53c42df57160954b5244fb8
0f8899a21bea70926277654f3e5dacee7d6f0138
3ef2d71266297047d35e798e206c4e3f16d3a889290021f2131487036c2a8c85
GET /apu.php?zoneid=5351742 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/javascript
x-trace-id: b249bbb26190e98d31fd434b8aaa524b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=03023475c5d5406985ae5fd74e0b0a17; expires=Wed, 13 Sep 2023 19:02:23 GMT; path=/; secure; SameSite=None
oaidts=1663095743; expires=Wed, 13 Sep 2023 19:02:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
200 OK 66 kB URL HTTP/2 offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Wed, 14 Sep 2022 12:50:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 22305
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a3230ed9e8f13e-ARN
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F&t=Quebrando%20Regras%202%20-%20FSHD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!0x34535a&dn=TC&cc=1&r=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Wed, 14 Sep 2022 19:02:24 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Tue, 13 Sep 2022 19:02:23 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1&r=https%3A%2F%2Fultracine.online%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
links.services.disqus.com/api/ping
200 OK 316 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP
File type ASCII text, with very long lines (316), with no line terminators
Hash 62828596d541b29ea1a660c5eb8931f5
7e1652082629a4cf1e1886c2c263d733daef2ccf
fee43b99c2b50aca58f661cef06e582c8a237986f840dbe5f0e4286e559ff36b
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 153
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 316
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ultracine.online
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Tue, 13 Sep 2022 19:02:24 GMT
Set-Cookie: vglnk.Agent.p=54ed582257389744bb60fbbbde2909d7; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Tue, 13 Sep 2022 19:02:24 GMT
Set-Cookie: vglnk.Agent.p=ef7b6b3202d04b242ada539eae94f9ab; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
links.services.disqus.com/api/domains
200 OK 41 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 731976aa8612588523466c56b1af0463
26d3f1efb59d10f8a619a8855104d718a3329bf2
73876aefd332f387581af04161ec0e0eccddb2528aa39b59150798c5580051d9
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 275
Origin: https://ultracine.online
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ultracine.online
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Tue, 13 Sep 2022 19:02:24 GMT
Set-Cookie: vglnk.Agent.p=bdb04770e2ef366d4f22c61c32b2946a; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Wed, 13 Sep 2023 19:02:24 GMT; path=/
ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!0x34535a&lm=3&ts=1663095730293&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 13 Sep 2022 19:02:24 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
200 OK 631 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
IP
File type ASCII text, with very long lines (1796)
Hash c27520fe60c6f5f7cba22d6912e04494
59bdd4f097d44825326bfa7fdf075669deabaa09
bfbb841e763e8cd7a378b0a6bb83b08251eb3ee0afd7bfcb6d55dae63f6f514d
GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:24 GMT
content-type: text/css; charset=utf-8
content-length: 631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2b-732"
last-modified: Mon, 04 May 2020 16:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 832200
expires: Sun, 03 Sep 2023 19:02:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1yRd4YviGMc4BWdZay55JTNONJGK%2BkqkbewPgtt58hk8xNOHcuzdq4ZzZ65Reih5%2FNA%2F5jtGKkr9GWHK8%2BLHowJCRZ%2FkqViGsEkyjhb0T4IeFHFvmC2x4HJKATzGVwn%2B7FvcRx6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a32313cd061bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f60f2ef05ae6820e4eca8ea043255f70
7a14d1fc571d2843344adb408a796b1e9548cee6
d82fe496080bab2a36097f793e5d584f2d92bccc34b782d381075de30771c5a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82FE496080BAB2A36097F793E5D584F2D92BCCC34B782D381075DE30771C5A7"
Last-Modified: Mon, 12 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5557
Expires: Tue, 13 Sep 2022 20:35:01 GMT
Date: Tue, 13 Sep 2022 19:02:24 GMT
Connection: keep-alive
warden.arc.io/mailbox/nodes/MWDAFXZav9oadMLqvc16G5
204 No Content 0 B URL HTTP/2 warden.arc.io/mailbox/nodes/MWDAFXZav9oadMLqvc16G5
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mailbox/nodes/MWDAFXZav9oadMLqvc16G5 HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Content-Type: text/plain;charset=UTF-8
Origin: https://fshd.link
Content-Length: 284
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 13 Sep 2022 19:02:25 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.google-analytics.com/batch
200 OK 35 B URL HTTP/2 www.google-analytics.com/batch
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /batch HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Content-Type: text/plain;charset=UTF-8
Origin: https://fshd.link
Content-Length: 185
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://fshd.link
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-iwc.9b430e25.js
200 OK 4.8 kB URL HTTP/2 static.arc.io/broker/js/lazy-iwc.9b430e25.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (14147), with no line terminators
Hash 3082db284ce70e556d051355801c2849
9d9d76672fc3c3fc6e241532fd9f98a3b29e1525
5cfe9aef878c7f95e66911311d0e32ebbc2aa58d0cb10ecb0ed455c7ac60c0ae
GET /broker/js/lazy-iwc.9b430e25.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:24 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 0pqtvhmktNzG/kuXS+f70yU/1nrs8NiaC5jbPx0Ogn1zHjS1MBw3Ld9u+2vBvs1RgznasANnNaM=
x-amz-request-id: P7W24ZM6DAWWT664
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/30/2022 16:48:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3b4d4ca6fd4df5ce716b09c2d9c79f4a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700
IP
GET /css?family=Open%20Sans:300,400,500,700|Roboto:400,500,600,700,300,800|Nunito:300,400,500,600,700,800,900|Raleway:500,600,700,800|Roboto%20Condensed:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 19:02:21 GMT
date: Tue, 13 Sep 2022 19:02:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
200 OK 0 B URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 568720
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-ui.js?784632c0
200 OK 0 B URL HTTP/2 static.arc.io/widget/js/widget-ui.js?784632c0
IP
ASN #34989 ServeTheWorld AS
GET /widget/js/widget-ui.js?784632c0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a73f3541e2967496e64ca888ab4a2ed7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
unvanilluxer.com/?rb=Cfil1tT213MlYZq2domehSuwG58vLQFterMB0hL6KlgQlYxJgH8ptZX4ULn49cRv2Fni15k8lP4uxYziG7am33HIwMr7YYrHXqtco0LKTDnmBVlkesbbRQMERdDWhI9pXWuknYtpLDD_msIpPcd5BjjDvqU18ToJv6QAXMDLWN-9MowdgNvgeWyZ_m3DFVTR2mxhF-F4rCoTXw_8sVw-fA%3D%3D&request_ab2=0&zoneid=5294376&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=3&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.426.0&bs=7ce366ac-4720-4e20-8e1a-d53026932851&userId=w5qo830417jq199878051e1l6cbqm573&m=link
200 OK 0 B URL HTTP/2 unvanilluxer.com/?rb=Cfil1tT213MlYZq2domehSuwG58vLQFterMB0hL6KlgQlYxJgH8ptZX4ULn49cRv2Fni15k8lP4uxYziG7am33HIwMr7YYrHXqtco0LKTDnmBVlkesbbRQMERdDWhI9pXWuknYtpLDD_msIpPcd5BjjDvqU18ToJv6QAXMDLWN-9MowdgNvgeWyZ_m3DFVTR2mxhF-F4rCoTXw_8sVw-fA%3D%3D&request_ab2=0&zoneid=5294376&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=3&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.426.0&bs=7ce366ac-4720-4e20-8e1a-d53026932851&userId=w5qo830417jq199878051e1l6cbqm573&m=link
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=Cfil1tT213MlYZq2domehSuwG58vLQFterMB0hL6KlgQlYxJgH8ptZX4ULn49cRv2Fni15k8lP4uxYziG7am33HIwMr7YYrHXqtco0LKTDnmBVlkesbbRQMERdDWhI9pXWuknYtpLDD_msIpPcd5BjjDvqU18ToJv6QAXMDLWN-9MowdgNvgeWyZ_m3DFVTR2mxhF-F4rCoTXw_8sVw-fA%3D%3D&request_ab2=0&zoneid=5294376&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1148&wiw=1148&wih=600&wfc=3&pl=https%3A%2F%2Ffshd.link%2Ffilme%2Ftt1754264%3Fref%3D93944f39cd9fb2175f98a06c081c20db&drf=https%3A%2F%2Fultracine.online%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.426.0&bs=7ce366ac-4720-4e20-8e1a-d53026932851&userId=w5qo830417jq199878051e1l6cbqm573&m=link HTTP/1.1
Host: unvanilluxer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fshd.link/
Origin: https://fshd.link
Connection: keep-alive
Cookie: OAID=4e4d98e9f0764b1f93a17090fad818c3; oaidts=1663095742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:23 GMT
content-type: application/json
x-trace-id: f2a72de7e08e2f3b2caf9ff2d380e29c
access-control-allow-origin: https://fshd.link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=w5qo830417jq199878051e1l6cbqm573; expires=Wed, 13 Sep 2023 19:02:23 GMT; path=/; secure; SameSite=None
oaidts=1663095743; expires=Wed, 13 Sep 2023 19:02:23 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 20 Sep 2022 19:02:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ultracine.online/quebrando-regras-2/
200 OK 0 B URL HTTP/2 ultracine.online/quebrando-regras-2/
IP
GET /quebrando-regras-2/ HTTP/1.1
Host: ultracine.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://ultracine.online/xmlrpc.php
link: <https://ultracine.online/wp-json/>; rel="https://api.w.org/", <https://ultracine.online/wp-json/wp/v2/posts/58349>; rel="alternate"; type="application/json", <https://ultracine.online/?p=58349>; rel=shortlink
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJzGhFnMb5PAy1UMcj2XHUYIdy3FuJUiiw6wyDCat0gAYZ%2BrXjmeBbCzxpw4cXhCPChIjy6zOnWpFdvmex5pybMnYwK8NPoSiC%2FfEOWIHshnvNloFwlhrjJDYObdoOd%2BMqqA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a322f8c9dab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unvanilluxer.com/5/5294376
200 OK 0 B URL HTTP/2 unvanilluxer.com/5/5294376
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5294376 HTTP/1.1
Host: unvanilluxer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
x-trace-id: f8ecf84a84593ef7b80de1d8457d0491
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4e4d98e9f0764b1f93a17090fad818c3; expires=Wed, 13 Sep 2023 19:02:22 GMT; path=/; secure; SameSite=None
oaidts=1663095742; expires=Wed, 13 Sep 2023 19:02:22 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
core.arc.io/broker.html?62de60f
200 OK 0 B URL HTTP/2 core.arc.io/broker.html?62de60f
IP
ASN #34989 ServeTheWorld AS
GET /broker.html?62de60f HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"61e89f9d-612"
expires: Fri, 07 Oct 2022 18:32:37 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d89d70ac93d50bf9878b1c1029f15b44
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6BzFIASvmkFrr0XSNw8eOZnYeJqsqMF5EwuDOgNqPgIdfWvuvExdVpkjC5HwhMDrQJiTooK5nkrNkvUqfkGT1aLEnEObCSTV9C9aYMoBFLJJqDzN9czDdvyhKtNog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a32307de54b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.wp.com/e-202237.js
200 OK 0 B IP
GET /e-202237.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Sep 2023 22:56:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
static.arc.io/widget/css/widget.css?62de60f
200 OK 0 B URL HTTP/2 static.arc.io/widget/css/widget.css?62de60f
IP
ASN #34989 ServeTheWorld AS
GET /widget/css/widget.css?62de60f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
last-modified: Wed, 07 Sep 2022 18:01:07 GMT
x-amz-id-2: BlpzaVDecI0+GAGIKkovvMZc5hlztxkjuNCMQgTwPr7vuqkvNvzRZTk7f5ud3fOf/rctCQF31BA=
x-amz-request-id: VQD42AGSHTDE3RVA
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 09a5e8f79c384ac63d6075fd36eaf4ef
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
waust.at/d.js
200 OK 0 B IP
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:57 GMT
etag: W/"630d01a9-397a"
expires: Wed, 14 Sep 2022 18:09:20 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 3181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtQP6j%2BhcJS79yGzF72QN1vHNoOKatwZpLjhlX8uRq%2BQOCAF1Zlauz6ULIe52Gq81TBn25uN9hkmw0PtR%2BtvnfYIaz36QxgFhvIn1aSTAKv2MHjxUw8SPM5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a323022b1a1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w1280/20p0bMWormdEYqMeC0cyJgtS5Br.jpg
200 OK 0 B URL HTTP/2 image.tmdb.org/t/p/w1280/20p0bMWormdEYqMeC0cyJgtS5Br.jpg
IP
ASN #60068 Datacamp Limited
GET /t/p/w1280/20p0bMWormdEYqMeC0cyJgtS5Br.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 19:02:21 GMT
content-type: image/jpeg
content-length: 87349
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62742530-15535"
last-modified: Thu, 05 May 2022 19:27:44 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 305
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/31/2022 19:24:57
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 81a8a4c300a34b9fd64e01bd9814a6ca
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ossnatuer.com/400/5294569
200 OK 0 B URL HTTP/2 ossnatuer.com/400/5294569
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5294569 HTTP/1.1
Host: ossnatuer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fshd.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 19:02:22 GMT
content-type: application/javascript
x-trace-id: 5e5d8f91721b611ca83502c5078046a7
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9930cf9e9e3244b2a801498997b35e01; expires=Wed, 13 Sep 2023 19:02:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/cTjQDz-MdKM?autoplay=0&rel=0&showinfo=0
200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/cTjQDz-MdKM?autoplay=0&rel=0&showinfo=0
IP
GET /embed/cTjQDz-MdKM?autoplay=0&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultracine.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 19:02:21 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+194; expires=Thu, 12-Sep-2024 19:02:21 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
104.21.6.140
158.69.139.238
34.117.237.239
93.184.220.29
151.101.85.229
104.18.21.226
194.242.11.186
89.187.169.39