wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
109.71.253.25301 Moved Permanently 369 B URL HTTP/1.1 wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
IP 109.71.253.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f622bed037465ed3674d78f37ff10650
4dbe47a25ab95176b0625a3e26d30173b3258449
98df7d9486323668ba4f32ea9fa91a12eab3851bbb57e87c8ea00c882c72e8c1
GET /hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8 HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 06:39:04 GMT
Server: Apache/2.4.38 (Debian)
Location: https://wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
Content-Length: 369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 06:12:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YpNvZZxGOwO_msLnAbi0tkmSFOkVgj98KnVtsg7oMRQ_0nideImDuQ==
Age: 1585
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16148
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 06:39:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKtVKcE0uQaWw_SP76dZxvQKmvggR5TD_ZAjE496hg_bMe-7oJCbjQ==
age: 7431
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 647534e935006517ebce9aa13214356b
f23af299d6b59383bc28441fdf1bcad5d216baa1
c2eee0aa572657b6275d960362e0df6bc8243e2aba80e919aedb135420186707
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EEE0AA572657B6275D960362E0DF6BC8243E2ABA80E919AEDB135420186707"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16314
Expires: Mon, 19 Sep 2022 11:10:59 GMT
Date: Mon, 19 Sep 2022 06:39:05 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 06:39:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
109.71.253.25302 Found 144 B URL HTTP/1.1 wbze.de/hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8
IP 109.71.253.25:0
File type HTML document, ASCII text, with no line terminators
Hash 16b1c51009fc7b71ee490fa720abd88c
c1ba3e7fadd2be6c19623039609fd62ee6d068f2
e5b70b9a02df60d32ce4c9abad0b390a1b86e0a5e607eb98a0ef133252eba10c
GET /hv3?fbclid=IwAR2BgE-EgzzciUf3D8wC6t32PUIa1MUJ98VVxBpOc1CbSiH7nLJn4P3_gT8 HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 06:39:05 GMT
Server: Apache/2.4.38 (Debian)
X-Powered-By: Express
Location: https://adsflix.xyz/id/tv/90957/mona-home-delivery
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 144
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 06:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 06:17:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AvsiN6hP-2DlzMvRPfmMdoolR-217vUDvEjl4JXJatkVexK28O-40g==
Age: 2143
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:39:05 GMT
Last-Modified: Mon, 19 Sep 2022 06:28:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gm0FV5PlZvtkw9H6nrkFfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rcYsWoFzsIheo5KCV3SsB3XtZpU=
image.tmdb.org/t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg
54.230.111.103200 OK 36 kB URL HTTP/2 image.tmdb.org/t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg
IP 54.230.111.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3\012- data
Hash 3386debee2e1d4cd107a121df8604a94
c9a733ba4eb178c11dfb8b035673de330edbdc17
f8d563eaf505ccedb8edc4861b6cb45bc939bfe37cf89081c07df2f90ed48bdd
GET /t/p/w780/qNbLUYu3zPIFsLd9pUXCnJcfC44.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36093
date: Thu, 08 Sep 2022 03:33:52 GMT
server: openresty
last-modified: Sun, 10 Jul 2022 12:12:35 GMT
cache-control: max-age=31449600
etag: "f3799e7571c2efbd469f5b26bd1b27f6"
expires: Thu, 07 Sep 2023 03:33:52 GMT
x-rack-cache: fresh
x-content-digest: c9a733ba4eb178c11dfb8b035673de330edbdc17
accept-ranges: bytes
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JPUxfrYoiHKrTvwAPIIcup4kjohdduqNYk3qwVGhFfUFZrJEuuB2jQ==
age: 961514
X-Firefox-Spdy: h2
cdn.fluidplayer.com/3.0.0/fluidplayer.min.js
205.185.216.42200 OK 44 kB URL HTTP/1.1 cdn.fluidplayer.com/3.0.0/fluidplayer.min.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (62950)
Hash 94c58ef4f72b2e1b451edf60d104f0bd
f8c8310f212c36d982d0c0ae0b353f47cea2e9b7
f4ca1e18ce47e6bfa9d91331c3df02a07c7cab1169eee5d6826fc9dcebfde43c
GET /3.0.0/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 06:39:06 GMT
Connection: Keep-Alive
ETag: "1589966034"
Cache-Control: max-age=48470
Content-Encoding: gzip
Content-Length: 44191
Content-Type: application/javascript
Last-Modified: Wed, 20 May 2020 09:13:54 GMT
Accept-Ranges: bytes
X-HW: 1663569546.dop024.sk1.t,1663569546.cds256.sk1.shn,1663569546.dop024.sk1.t,1663569546.cds022.sk1.c
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash daec3ecb9766906099342e549b5f6194
5ccc4982754c0ee4f187d86fdfba98f8c1962f62
417bf68c200135d05328b68affe56a807b8aad3836283861992c92b13c3757f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 06:39:06 GMT
Last-Modified: Mon, 19 Sep 2022 05:26:16 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zsfh3kWbyPG8YYbnBlz2iVi3PfpzogdrbPebUy5yZ0BmQSVaUxVeog==
Age: 4371
r3.o.lencr.org/
23.36.76.226200 OK 1.5 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d44a08b53be998529c50b63d82312354
8e6669b3734faf77da43f8b356df7826dcc02a30
0e6ec17492fe3af8f8ac2afe7eb098afdd15ee2b6750d28f8d9bf791d0d16e37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 700 B IP 93.184.220.29:0
Hash 35f7f0a2bc238c0d4344eb0572c16a9e
54b4c625d263d13bbe89c27fcf07456c1c6fbe63
61f5c444a0d4d04780c86ce82a6acea28d67828f018135c389fdcf99311d8a95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:39:07 GMT
Last-Modified: Mon, 19 Sep 2022 06:25:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 675954666fb740ffa9ac63de5b6ec7a2
372d71d42ba1e17f23f581bd5bba446b642ff194
220d4ec963e30345d7a9ed4a8bc8e0d7583ea030ed56a55b8279c30e0be9b6d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c4bd4cc-8de2-4b7d-a032-51bb3bb2b62b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5382
x-amzn-requestid: d6368fc6-4cdf-4220-bf14-47fddd766c53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN-nERgIAMF8rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6327905d-59affa373e8b5be3522bacf3;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2AbUBl3vtA-6U2GBeHGsqMDlP6fEYPLYjmxVLDZ3OvWNsN7j68kU_w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 31606
etag: "372d71d42ba1e17f23f581bd5bba446b642ff194"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 19844
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04257e82bf07e6a862ce2d4bbdfc068f
7a462e8d05cd56531957436470a1814d982e282b
bbc0f0dd6244934098a0e8bfa34b8e07e8a424e309030c2f07d9e441b6f481ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 710bed7d-62c4-4b48-b16c-c94f1a15c1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpLIkHlZoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326bf03-375d74b4344cb7db4036e2b2;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 06:47:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AD7jWfvJngdXmqOJlo6HiLCUEZG_mgVFVaos0hwSPYpLVsGFBik37Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 11:10:34 GMT
age: 70113
etag: "7a462e8d05cd56531957436470a1814d982e282b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 31637
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qh4tZrSUApljhjyz5vgrbKiBdVSHyy8xjR4zBj4w_m283Fk2DtW57A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 08:42:57 GMT
age: 78970
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP 34.120.237.76:0
Hash 1c0d4f41634fad80b9281957b5f65db5
cd14ae8436589e87a0e6e75889cbeb0714c1bc06
fe3723d8ed1ab78d6ceb07bb519d003c2113428e4b8d69282826cfa514308c1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UPvPiYucU7q4x4t0X4tGF7XPXUy0D4F0gcXtWVx-MS-MOunPEWcVUA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:43 GMT
age: 31524
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rsms.me/inter/inter.css
172.67.223.193200 OK 1.1 kB IP 172.67.223.193:0
Hash 35734291ddd4edbb1f889f131551a65a
ed2f7e3d8e8e1c1794723cb063b8ed03aa989b0f
c8af2bc3a0eac71c879adcbbbb6716a8291803b357e4dc2b3fa055698f015c13
GET /inter/inter.css HTTP/1.1
Host: rsms.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Sun, 18 Sep 2022 23:00:38 GMT
access-control-allow-origin: *
etag: W/"6327a316-1490"
expires: Sun, 18 Sep 2022 23:12:04 GMT
cache-control: max-age=14400
x-proxy-cache: HIT
x-github-request-id: ACEC:414F:F41A75:14B69B6:6327A39D
via: 1.1 varnish
age: 422
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663542662.054704,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: b298cfd06988535de954ab307f8c8cc4c3681bb8
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNvcd4G4wob3gsFTlMiM96JO2mxY4uf1azCzR0pK4uXiO8U0qriw10YRUulxlnggT%2BxEXA1b46%2BNpZauxCLdrYn7RWRZ8zbvq0DNyTiULZMAfInXiN9jLg5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d052854ad6b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dd797c27509a18a980bc0af2a3282af
3e79d5e3f12ce4b755f8393b568cc4a3ab8f79cc
eb398ac9df7399da75073c2035424cb628b746e948bf4de3aaa422abb47dfc85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB398AC9DF7399DA75073C2035424CB628B746E948BF4DE3AAA422ABB47DFC85"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19254
Expires: Mon, 19 Sep 2022 12:00:01 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
192.243.61.227200 OK 20 kB URL HTTP/1.1 ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59414), with no line terminators
Hash d6aa60efdff8aadad5ff9bec4d0b0091
059b32042a7182d48de0e343ce916bcf5d2fafba
288341385e6d9403e76d81f860a7bb2bb90994e95fd74b2c98ad0af766dd4eca
Analyzer Verdict Alert quad9 Sinkholed
GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a33ba3534bea237c6bbab2acf934c6c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21235
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 12 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash af49fa797438bbbbc1afc36571c5680e
d4d287b7ff6717443acbf681dc553168857fa7bb
81309ed95f4bab525ea7580f1f0773f4e198efe33640024be367b9e0c56c8953
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 06:39:07 GMT
Last-Modified: Mon, 19 Sep 2022 04:58:24 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RZJnFofEMWD0Zu4nylvWtzJWHyWfSSATlNBcAks1E6RtAOBHl5vCXA==
Age: 6044
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
192.243.61.227200 OK 52 kB URL HTTP/1.1 ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash 209f1fcbe6e87f1af69a8f503f7a65fb
a2ff2902cd268bb59ffb0434218a4e251e4c06d6
ef3e50413da803945ce4df68574090c9d7b13af2a337e43f9f7a8ce25f8c56b6
Analyzer Verdict Alert quad9 Sinkholed
GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50fb96322baaf13ed48d03dcb1ab9687
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 58afa0b53e3de20e7f4fb7bb3bec7533
26160bf9487ff65be2e6809e37822ad702183d95
70737461f62efffb1999ff19593978cfb392552ab0f24ecbd766ff4a14a27357
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsflix.xyz
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adsflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=b49b707e-1037-45d3-9be9-1ba94c041b77:1:1; expires=Thu, 16 Sep 2032 06:39:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f62bad4f212b35d602ac03a202d0099
155d47397ee45dec8fa3da8e162947b9e6189ddb
6805e5e1d40cb8aeb488f0b3384959644b1d1a36652a66b0134e5f219a7cc2cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6805E5E1D40CB8AEB488F0B3384959644B1D1A36652A66B0134E5F219A7CC2CC"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9120
Expires: Mon, 19 Sep 2022 09:11:07 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 58afa0b53e3de20e7f4fb7bb3bec7533
26160bf9487ff65be2e6809e37822ad702183d95
70737461f62efffb1999ff19593978cfb392552ab0f24ecbd766ff4a14a27357
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsflix.xyz
Connection: keep-alive
Referer: https://adsflix.xyz/
Cookie: uid_id2=b49b707e-1037-45d3-9be9-1ba94c041b77:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adsflix.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21235
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 06:39:07 GMT
Connection: keep-alive
governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
192.243.59.13200 OK 0 B URL HTTP/1.1 governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: governessmagnituderecoil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
192.243.61.227200 OK 20 kB URL HTTP/1.1 ministryensuetribute.com/45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59390), with no line terminators
Hash e497d763ad8c28e089dbadbdc7d1dd1d
889376319499d23bf96bd3583c70dca3633fe3da
6f7d0b87c5210ac4589fd4ed5aac3b6a69491fcf607c196d8581bb0667c18717
Analyzer Verdict Alert quad9 Sinkholed
GET /45/ee/94/45ee9430de5ecdb0ce1a5cfa75776176.js HTTP/1.1
Host: ministryensuetribute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 279dbf49b523ef2e8cd405840fc84844
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 800468db07080b445e518dbd1440d97f
9a3a4e077111aab062843d7a8a1870e8ba8d5432
bcfc17d6ff1c8669a3bf17f1c1fce48da19e7b06a497a8d05f7431926fd1cff8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFC17D6FF1C8669A3BF17F1C1FCE48DA19E7B06A497A8D05F7431926FD1CFF8"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14883
Expires: Mon, 19 Sep 2022 10:47:11 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35ba9e83960ea3b9595f95c4ef5af817
c3fb9c01ff6cc4a40debf45837ab9a7cbe396415
85859320096816356bcf190bc6fc9e6279440eb4cb399ac399da76d390240260
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85859320096816356BCF190BC6FC9E6279440EB4CB399AC399DA76D390240260"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10598
Expires: Mon, 19 Sep 2022 09:35:46 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive
refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2905&rd=2905&fd=878&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35807817a6d98225bf3a1e6cb31a99cb
c7bec743e5a30c9c51974b4fc547eb5edc81b0e2
9bd30f184f40a16170e43afdc8d54ecc33ed2de20518a5543b1a9c37bbf97b28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD30F184F40A16170E43AFDC8D54ECC33ED2DE20518A5543B1A9C37BBF97B28"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2906
Expires: Mon, 19 Sep 2022 07:27:34 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35807817a6d98225bf3a1e6cb31a99cb
c7bec743e5a30c9c51974b4fc547eb5edc81b0e2
9bd30f184f40a16170e43afdc8d54ecc33ed2de20518a5543b1a9c37bbf97b28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD30F184F40A16170E43AFDC8D54ECC33ED2DE20518A5543B1A9C37BBF97B28"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2906
Expires: Mon, 19 Sep 2022 07:27:34 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18bc6d8114f7e8379159a54601b308b4
b52366f769a90a056925001e69f0f55257241b42
26dcb05c9fdb4839ffb0730d37af77b55207a6a27b444cd2912ad07f4c52544a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26DCB05C9FDB4839FFB0730D37AF77B55207A6A27B444CD2912AD07F4C52544A"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13455
Expires: Mon, 19 Sep 2022 10:23:23 GMT
Date: Mon, 19 Sep 2022 06:39:08 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ac2c17f89029c34263f86c28092c2c2
Strict-Transport-Security: max-age=0; includeSubdomains
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:38:45 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 499254066
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46526c8e8e71264bae99127880374cba
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 06:39:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1bdabadc419050902120268654a879b
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w
158.69.251.190200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w
IP 158.69.251.190:0
File type ASCII text, with no line terminators
Hash 260634a86e768c30e16d901b4682dcc1
e4262e5639daf297c616140ba22129e06e3b6555
7c0b191364c9914732e2238d2c7a6f548f8cf681c24ccaacb21fc87227132aaa
GET /stats/0.php?4665787&@f16&@g1&@h1&@i1&@j1663569529705&@k0&@l1&@mTonton%20Mona%20Home%20Delivery%20Acara%20TV%20Gratis%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-151929748&@b3:1663569530&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fadsflix.xyz%2Fid%2Ftv%2F90957%2Fmona-home-delivery&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 06:39:09 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4071dd6fc65797cae7ab7404de4d25a
194d9d01ee408dbe1289b5d644e257e5f7480aae
eebb25d0f994ca71687c840dcc31dd88d5dba35cdedaf567ee8a370786100f8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEBB25D0F994CA71687C840DCC31DD88D5DBA35CDEDAF567EE8A370786100F8F"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7673
Expires: Mon, 19 Sep 2022 08:47:02 GMT
Date: Mon, 19 Sep 2022 06:39:09 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b49b707e-1037-45d3-9be9-1ba94c041b77&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=45ee9430de5ecdb0ce1a5cfa75776176&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 06:39:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2988e9081ec09741b30f7c72d830b043
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 31612
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6f64159efd735ea31cdbae3dc9b84a9b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 06:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqXtF%2BQAVnxuZ2cw8r7B0moaQSaSxuHyBFttAU%2FDYFdh4NI%2BjCf9NEQLFVNIhV8iAnfnkOuToOfSv1w3IUI9JeTaWAulk908sn6xS%2Fi%2FVZwMv7BiP0e3fGGfq%2Bc5mFDExfkB1Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d052886d28887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsflix.xyz/id/tv/90957/mona-home-delivery
172.67.199.178200 OK 0 B URL HTTP/2 adsflix.xyz/id/tv/90957/mona-home-delivery
IP 172.67.199.178:0
GET /id/tv/90957/mona-home-delivery HTTP/1.1
Host: adsflix.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:39:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: locale=eyJpdiI6ImVwR2FZeWZkZ015WVFWd1VrZVlJZUE9PSIsInZhbHVlIjoiWDNGRFZZSTJqQ2lQMXVkYVVPK3VXbDg4Ty9iUlFPNG5NcllXVUVHYmJOY3dCU3BuTUJQLzRKWXc1K04yK214VSIsIm1hYyI6IjBkZWQxM2MxNjk4NDFjYTRiNjU1M2E0OTRmNDA1Y2U0Y2RjYWUxNzY5OWNiZjRjYWNmMWM3NGNlMjZhZmJkOGYiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 18-Sep-2027 06:39:06 GMT; Max-Age=157680000; path=/; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6ImdYNm5OTlBlanBpei9xNWc1K1FjSVE9PSIsInZhbHVlIjoiK3oxRjZEeG1sTmVva1EwSUdZbUg0NnQxUzdkR2dYNGxaL1lvZVNrWHBSalBDRU9Dbm1ZNjBxUm43WldrYktRYWdpRnRIV0xKTnJKYzhNNmFLSnc3dys3THY2SjNDbzVnMG8rcUpsUVZ4S3dRVE5JVmVNK3dHMlptSVkxeFBEWTIiLCJtYWMiOiJhNmRkZDA3NzdlZjNmNTU5ZDYyMGY3Zjc5MjQxNmQ4M2FhNWZjOTVlYjJjNjJhMjUwZjQ1ZWU1ODk5MjUzYjA2IiwidGFnIjoiIn0%3D; expires=Mon, 19-Sep-2022 08:39:06 GMT; Max-Age=7200; path=/; samesite=lax
movos_session=eyJpdiI6InZGRW5yN0gvNk5JdUFMQ2I5aThwSXc9PSIsInZhbHVlIjoiR2VTait4Q081cWs3V21qNzYwajkraERUSm8wT040cTBtbVd2VUxlcFd6Z1Y5MEVZSWlUdjVOOG96TlBiRHdpeGQyR0Q2bnY1SmNTSFMzOHBncktPamRRVVVuK3hDYVhvRlhXV2tiY3RUb0d1NzZseDZ1eHhwU1dVL3UzSm5wK0EiLCJtYWMiOiJlMTU0NzBkZGExNTlhN2QwYjY5YmE0MjFiNTY1ZmMwMjMyN2IyYmRjMzcxMDk2OTgxOTU1ZmFkNzQ0NTFkOTJmIiwidGFnIjoiIn0%3D; expires=Mon, 19-Sep-2022 08:39:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZJx4h9B2joMpExNAMjjq%2BI7KUAVKDqb1ca%2FnuFhfhxUyZoZRCDfIIHC%2Fn43J5E5a33beonjsrinY5qNr2rMiz%2FuL%2FmuA70ykqMESNW2mtcz9WqAEbJ5ewkfKRzO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d052795dab0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2