Overview

URL extramovies.skin/in-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip/
IP104.21.81.231
ASNCLOUDFLARENET
Location
Report completed2022-09-29 09:16:28 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 plainmarshyaltered.com/b0/49/99/b049995ec8a9cc88536c8c33226ef8cd.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 plainmarshyaltered.com Sinkholed
2022-09-29 2 plainmarshyaltered.com Sinkholed
2022-09-29 2 unseenreport.com Sinkholed


Files

No files detected



Passive DNS (40)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-09-29 04:42:01 UTC 216.58.211.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-28 23:18:11 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-29 07:39:56 UTC 142.250.74.10
mnemonic passive DNS ocsp.pki.goog (20) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS 1.bp.blogspot.com (1) 8403 2013-05-06 20:18:52 UTC 2022-09-29 05:12:29 UTC 142.250.74.161
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-29 06:41:52 UTC 172.64.155.188
mnemonic passive DNS feeds.feedburner.com (1) 12807 2013-07-16 03:17:19 UTC 2022-09-29 05:00:50 UTC 216.58.207.206
mnemonic passive DNS awsind.site (1) 0 2022-06-18 08:34:35 UTC 2022-09-24 06:41:29 UTC 104.21.46.53 Unknown ranking
mnemonic passive DNS extramovies.skin (2) 0 2022-09-24 07:01:33 UTC 2022-09-27 19:33:08 UTC 104.21.81.231 Unknown ranking
mnemonic passive DNS 3.bp.blogspot.com (1) 11048 2013-07-04 04:18:40 UTC 2022-09-28 21:47:43 UTC 142.250.74.161
mnemonic passive DNS unbuttondeferinstalment.com (1) 0 2020-08-25 09:27:39 UTC 2022-09-19 17:54:45 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS cdn.jsdelivr.net (3) 439 2012-09-30 00:15:09 UTC 2022-09-29 04:13:14 UTC 151.101.85.229
mnemonic passive DNS aj2178.online (5) 99314 2020-06-25 13:50:30 UTC 2022-09-28 12:52:58 UTC 23.88.0.234
mnemonic passive DNS aws-ind-tv-1233.online (8) 0 2022-09-22 13:26:57 UTC 2022-09-28 16:46:13 UTC 213.183.62.122 Unknown ranking
mnemonic passive DNS plainmarshyaltered.com (2) 0 2022-09-19 04:19:41 UTC 2022-09-29 07:51:51 UTC 173.233.137.52 Unknown ranking
mnemonic passive DNS amd-cdn-1.aws-ind-tv-1233.online (2) 0 2022-09-24 16:47:03 UTC 2022-09-28 16:46:05 UTC 50.7.24.35 Unknown ranking
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-29 06:32:58 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.115
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-09-29 04:57:37 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 143.204.55.25
mnemonic passive DNS konyakanguid.com (1) 0 2022-02-15 12:01:04 UTC 2022-09-21 09:30:22 UTC 23.109.82.121 Unknown ranking
mnemonic passive DNS aj1907.online (9) 63697 2019-07-07 10:05:24 UTC 2022-09-28 12:52:58 UTC 88.198.6.88
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-29 05:06:32 UTC 34.212.166.60
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-29 05:54:54 UTC 23.36.76.226
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-29 04:57:11 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-09-28 18:41:58 UTC 172.64.193.5
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-29 03:20:00 UTC 142.250.74.174
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-29 07:51:29 UTC 45.133.44.9
mnemonic passive DNS cdn4507.aws-ind-tv-1233.online (2) 0 No data No data 50.7.22.52 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-29 04:56:09 UTC 34.117.237.239
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-29 04:57:31 UTC 139.45.195.8
mnemonic passive DNS ad.a-ads.com (1) 26970 2013-04-19 21:54:57 UTC 2022-09-29 06:30:22 UTC 178.63.97.71
mnemonic passive DNS blogger.googleusercontent.com (5) 16485 2012-05-25 17:41:01 UTC 2022-09-28 20:39:14 UTC 142.250.74.1
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-28 18:56:57 UTC 52.29.95.124 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-29 04:32:01 UTC 104.18.21.226
mnemonic passive DNS thaudray.com (2) 44646 2021-04-01 17:13:08 UTC 2022-09-28 16:32:16 UTC 139.45.197.237
mnemonic passive DNS i-cdn-0.aws-ind-tv-1233.online (2) 0 No data No data 213.183.62.122 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.81.231

Date UQ / IDS / BL URL IP
2022-11-14 20:35:44 +0000
0 - 0 - 29 escrowauthorizedseo.directory/?xid=131df2874c (...) 104.21.81.231
2022-09-29 09:16:28 +0000
0 - 0 - 4 extramovies.skin/in-our-prime-2022-full-movie (...) 104.21.81.231

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-01 14:42:30 +0000
0 - 0 - 2 arithmeticinborn.top/ 104.21.13.102
2022-12-01 14:42:16 +0000
8 - 0 - 10 portlandpogies.com/c9913e9902759477d84f2156d4 (...) 104.21.24.87
2022-12-01 14:41:53 +0000
11 - 0 - 57 ctzacv.com/ 104.16.244.78
2022-12-01 14:41:33 +0000
6 - 0 - 4 galvanizedsquaresteel.com/335cf4508dd597be4bf (...) 104.21.77.157
2022-12-01 14:41:15 +0000
8 - 0 - 4 galvanizedsquaresteel.com/4a548addbfb239bbd12 (...) 172.67.209.149

Last 1 reports on domain: extramovies.skin

Date UQ / IDS / BL URL IP
2022-09-29 09:16:28 +0000
0 - 0 - 4 extramovies.skin/in-our-prime-2022-full-movie (...) 104.21.81.231

No other reports with similar screenshot



JavaScript

Executed Scripts (41)


Executed Evals (12)

#1 JavaScript::Eval (size: 70, repeated: 1) - SHA256: e9cb6812859f712b24e1f142a6df6ef7e5e775c1736d446f2f27ffabd7f39d27

                                        HDVBPlayerEvents('playlist', 'player-8526e5d4095ebc9a66c97fcfa5a73924')
                                    

#2 JavaScript::Eval (size: 74, repeated: 1) - SHA256: f1b60fc913b20dbc8ed5c32df68c0b74dcac1a902efc59401dbf1efd3cfae43b

                                        HDVBPlayerEvents('volume', 'player-8526e5d4095ebc9a66c97fcfa5a73924', '0.8')
                                    

#3 JavaScript::Eval (size: 76, repeated: 1) - SHA256: 6e28be5132ac1f2d78dfbc0c7c81ecf39b88bc9380093ee4f8340287a023c8c4

                                        HDVBPlayerEvents('visibility', 'player-8526e5d4095ebc9a66c97fcfa5a73924', '0')
                                    

#4 JavaScript::Eval (size: 66, repeated: 1) - SHA256: f4657922f8eca777f26614243a66d39abe447be7618eaaa2c6743e73bc2ad6db

                                        HDVBPlayerEvents('init', 'player-8526e5d4095ebc9a66c97fcfa5a73924')
                                    

#5 JavaScript::Eval (size: 2102, repeated: 1) - SHA256: f633d222ffed601a2b4e9adb083b172871993d844814aa924f16ce03ec4fa604

                                                       (function() {
                   var bn;
                   if (bn = document.getElementById('atLink-52f60c40d18cf10a42083b11716e05e0')) {
                       var callback = function() {
                           (new Image()).src = '//plainmarshyaltered.com/clk.gif?landing_id=3667900&placement_id=17163858&sid=H4sIAAAAAAAC%2F1RTTYgc1Rq9lTfvweOtngRERGnEhYIzc2%2F9l1mIMY4ExyQkirqS%2Bzu5TnVVUbeqqzOrYECCuBhQ9zVnJglqULNwp1F6AoIBodvVLJyluHAnxK30ONj6bb5zvvMtzr2c792d9pBQtPzgzCvlls1zvhqt0MFTbzB2arBui3Y8GKfxW3F4alCPns3iFfr04CUtN8tVnzJKGWWDNVtrU45X5yJsdTtjKxldCf0VFoUY1%2F%2FkrvXguAc1OiQPwarZ0j3vJKycoBh%2BcUa7zaasnnlx2Oa8KWuM1K3Xis2i7AoMF9DUHkxx63gbpZuu3UVZ3Diyi3L016KwM%2BJ9dxeiuHVsEmK0d%2BRT5NAFhPofutEEOp%2FA8glkeQ1WTQkgFc6dRzG8ea6sO37lT5XP1RlZevAbbDcjSz%2BdRDH87HRux4NLZd42tiwcxqaHHU9gNyao2n00Wydgu33I5h1Y9QNZfbCOYrh33uUlrDp4UmiTsdiI5SzTYjmUAV8WOubL1DdaZFFAfaaPPsjaCayZINfb4O4EWuehtR5a46GtPAzVwUAyxhKqJKdpJmWgEi1iRRlPDOOMxilaOX%2FDNppqGzLfhqyvoqqvYtN%2BNG3fnHrvT733pt6HU%2FoE6vZbuMsH90I%2Fo0nKWKATHTOmE2MiSjMeqywMY1%2FzVBgaqlj6gqosMErFQgcRjUxGtQqNlDoJdGRiX%2FA0YCI0MpEyTGIVp1oGKqNpYhJKfRGwVAWRb0xMWZDyMFO%2Bn9JQaakZ47GhmW%2BkTqSMExNSqfyYpllqMsF5IIOIhX7gR0JKniVJTKPYZCyRXIRcwCkPriEYqR6dJugcQccJOkvQNQTdqL%2Bhcue7%2FqbKXSvYcfePe9Dvls3GDr9RNhu6IDvVIfn%2FPAzev3%2B%2BiE19MIh8E1MZUsVSaRjloU%2FTQDCWsFjTSFM428O6E%2BDOw5adkUd%2FjVDZGSHffAnB9%2BHyfUjrgbcPg3e7iZ%2BCX0ZGsVV8rsdNzYflyGq30ugcquxRNUtorng7%2BSF55CiWye9fQcv75Lgg6x5V3eNte49gI7%2B%2Be7HsyN7FsnPkzvmqsUO7xeeRvdTwRv%2Fnk5f1la6s1dkzbvvj5%2BVcmMPbr2rXrPNC2WLDkU9PW6V0vVbWUpOvz7rXtbjQusun27poq%2FULL6ydHVa1ds6WxQTcTvX3kHZG%2FvvLnaNbfOyDFraeoG57DNuFU1tOIKurcNVi5kqCOl9wURF0bb9b%2B2IxzC1Brhecix7ub1ws8I67jo36cfDmGophj1HdY5T34Pk2XPuv3aaq7z%2F3Y3BUELm3K%2FKa7Im8nuv2YBBGYRSbIJFhrFKVRAHNuNLMZCoMwsQYNG4mI6H%2BAAAA%2F%2F8BAAD%2F%2Fys4x5xRBQAA&psid=';
                       };
                       if (bn.addEventListener) bn.addEventListener('click', callback, false);
                       else if (bn.attachEvent) bn.attachEvent('onclick', callback);
                       else bn.onclick = callback;
                   }
               })();
                                    

#6 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111

                                        f
                                    

#7 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 4937f2fdc1304a33f286c67e5a071dc357dfaaaabb69dd1042667293be2711bc

                                        fbg
                                    

#8 JavaScript::Eval (size: 4, repeated: 1) - SHA256: f705940e69387bd285eacb7fac7d6a6969b75e6e01d037bbca0d5d6fb8ad5fc2

                                        fimg
                                    

#9 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 0d25cde547c9643a2bac679d57b2f792ac3f3762793ad0cee1dfcaba5fd2fe04

                                        ftitle
                                    

#10 JavaScript::Eval (size: 6, repeated: 1) - SHA256: f770ac95d53de5e43a57677f4decfc98d20c611cdd1705fbe56db71ab9836580

                                        fvalue
                                    

#11 JavaScript::Eval (size: 76, repeated: 1) - SHA256: 636068a6e4b755e1967aaaa29f9c865ec0de7b9e84df9c38b8ae9ea7d9e71c16

                                        HDVBPlayerEvents('visibility', 'player-8526e5d4095ebc9a66c97fcfa5a73924', '7')
                                    

#12 JavaScript::Eval (size: 78, repeated: 1) - SHA256: 5b770628bdf122e559717281be8754ff6a092094b8e778f01260b8b7045ab9c7

                                        HDVBPlayerEvents('resize', 'player-8526e5d4095ebc9a66c97fcfa5a73924', '610,370')
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 125, repeated: 1) - SHA256: 617a65d817cc83e1ce3643dcb8979e973eea79a7aa97463c8f4f2f348b0c0976

                                        < script type = "text/javascript"
src = "https://unbuttondeferinstalment.com/52f60c40d18cf10a42083b11716e05e0/invoke.js" > < /script>
                                    


HTTP Transactions (112)


Request Response
                                        
                                            GET /in-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip/ HTTP/1.1 
Host: extramovies.skin
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.81.231
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 29 Sep 2022 10:16:17 GMT
Location: https://extramovies.skin/in-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGF8yzBLleXZHsTdbGXa1kT%2BaKUHIBa5lBSr2NKmLK92njwPliCay5rIXz7tgtI6MqyQuXUSDycLRuV6XqCE9rXs9iBYZmbaNZ0HW7EyWA8vyO%2BannbTfLKbuaysfmMTsxPy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75239e7eefb4b506-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 09:06:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rdlFLiMvYpgOsntODloTdAbL74jmeQZ_E2wi_CPpbCrSsZ6YxyxQJg==
Age: 560


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11791
Expires: Thu, 29 Sep 2022 12:32:48 GMT
Date: Thu, 29 Sep 2022 09:16:17 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5raayAwKvH-TtXxmoE-e0TH5jiHNOFbZwjO6TQ-pukxMYAgwcOoyeg==
age: 13670
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST /s/gts1p5/b9oZ9oFU7g0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1p5/b9oZ9oFU7g0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:17 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 20:24:33 GMT
expires: Mon, 25 Sep 2023 20:24:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 305504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29707
Md5:    f16500423cc2867eff8b773df637c48f
Sha1:   1cd32d75b59a89c3a70274e383151a61ce0594f4
Sha256: 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5423C700F172AAD43ABE887C5012E761D945A75FD994C2F93EA41A42AC3712F6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=394
Expires: Thu, 29 Sep 2022 09:22:51 GMT
Date: Thu, 29 Sep 2022 09:16:17 GMT
Connection: keep-alive

                                        
                                            GET /-14SHVhWuL8g/XqnULTVrboI/AAAAAAAAIcM/VH7vdvy0FhsvOQlUVj-7Db1-81n0SlNzACLcBGAsYHQ/s200/watch1080.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="watch1080.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2470
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:18:07 GMT
expires: Sun, 10 Jul 2022 13:42:39 GMT
cache-control: public, max-age=86400, no-transform
age: 10690
etag: "v21c4"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 87, 8-bit colormap, non-interlaced\012- data
Size:   2470
Md5:    f4dc542bc4710152b19be02d2c098cfe
Sha1:   b6712f3a059740dda01be4cb7f704e919a1896b4
Sha256: 5663f15a40c6487dfec5e12277a12fe8f3fbc56e5b65c3065c5e6e581bc6c924
                                        
                                            GET /-Ydo_vhVI6sc/Xk1OXnbz_xI/AAAAAAAAFw4/dKBz__NRLi46IVbgaxQufdOpd0s9kAKpQCLcBGAsYHQ/s1600/how-to-download.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="how-to-download.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5884
x-xss-protection: 0
date: Thu, 29 Sep 2022 07:06:08 GMT
expires: Thu, 19 May 2022 14:20:57 GMT
cache-control: public, max-age=86400, no-transform
age: 7809
etag: "v170f"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 408 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size:   5884
Md5:    6957d8e11d0d6c0151f864aa9fe7efb0
Sha1:   571804996015662d6a818cec8678992baf296240
Sha256: 277afffafcf7000eecd887cdaa22c85f034ef11b05eaf8e4745dcadf195ad530
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A5A749C8CC10DC69D86B82EB248E35B31F4AD6AB8B3B5E201C3607D2930090EB"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12275
Expires: Thu, 29 Sep 2022 12:40:52 GMT
Date: Thu, 29 Sep 2022 09:16:17 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   4383
Md5:    71e3ac5da1baf095fbd453decb605205
Sha1:   f11fac5841febddbba343e26c27b1392f8a0a966
Sha256: aacdf01ff36b8abbbcb3357768843b3b64322189c4472982c75fae2871a863bf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 09:16:17 GMT
Server: ECS (amb/6B88)
Content-Length: 279

                                        
                                            GET /in-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip/ HTTP/1.1 
Host: extramovies.skin
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.81.231
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 09:16:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-dns-prefetch-control: on
link: <https://extramovies.skin/wp-json/>; rel="https://api.w.org/", <https://extramovies.skin/wp-json/wp/v2/posts/45758>; rel="alternate"; type="application/json", <https://extramovies.skin/?p=45758>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP9hl5ULmivF0xeZD01XQufgK87wvTYrbPowvDqxGjUAbe6OnxxNHnUshVW%2BeO6VzzRG1NUAWsQ3A%2F9f3RaW3BuzuyQm4X6o5nNQn2PrGVmrcz%2FuQ42mCFofCUVZ8GuPxGgU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75239e813c3f0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21670)
Size:   126161
Md5:    c4933218c8965b9a404bcdf4905fa6a2
Sha1:   1fa00f0e16e6dbdd79d9715a40a711b70f502acd
Sha256: 2823ffb7ea5b160aadfb05ec98a02853c788792f4fbe3114cbf1be7b625f1187
                                        
                                            GET /1clkn/37977 HTTP/1.1 
Host: konyakanguid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.82.121
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 09:16:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 30-Sep-2022 09:16:17 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 30-Sep-2022 09:16:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            GET /63c0d7d8.js HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: application/javascript
                                        
accept-ranges: bytes
etag: "0197549cfe06a9d567a7a859f6df8f0de"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 29 Sep 2022 09:16:17 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (37237), with no line terminators
Size:   13521
Md5:    ce586f53f4a6016dc9a8cf61a0760588
Sha1:   e513ffcf8632013f9729987e3b6ac5ac9b5aeb26
Sha256: 4b140deeb59fb749c98ef054e22b2e6e915b0e789158f21e4769fb03a76030ce
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 09:16:18 GMT
Last-Modified: Thu, 29 Sep 2022 09:16:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   7038
Md5:    8a2f433ab8141753e273331707a6de8b
Sha1:   002626cb2d8ace0fa0581a35e731dd7cdfbe86b2
Sha256: d95e796b00cab6420e2787730b7f85cd04600b83d92d9f2a40b1896086778b81
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 08:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 08:40:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pc0MRJch9Jtmdku7V3Rc0mKsStbZyIbe2LbVrZdWuRlEySOpLX7vAw==
Age: 2805


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3435
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 09:16:18 GMT
Last-Modified: Thu, 29 Sep 2022 08:19:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "842F0617A6A10C39AE39AFC43EE33DA779B46FB79748DC3EF35F7702D951F1FE"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20780
Expires: Thu, 29 Sep 2022 15:02:38 GMT
Date: Thu, 29 Sep 2022 09:16:18 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cm1r8MBFpH0VPIlBWEDf3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wkwmIMoWlCvpaT2mAD9+naE61BA=


--- Additional Info ---
Magic:  data
Size:   31959
Md5:    41ed2166799f51f115188b16a9dc345b
Sha1:   b995999b010f892a48e7da96027beb926fefa420
Sha256: afb2b91216b3a50c826fc247b08b14031748a1a3c4ad7d01d722e400a8ed4694
                                        
                                            GET /52f60c40d18cf10a42083b11716e05e0/invoke.js HTTP/1.1 
Host: unbuttondeferinstalment.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Thu, 29 Sep 2022 09:16:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 215edf2d97e675ce1530cc769ee04be0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (26984), with no line terminators
Size:   9808
Md5:    0f284b6b4f670d070dc4de2bc6465871
Sha1:   7731236310cb302a053c98dcfd75f49d5c699e30
Sha256: 4273e33595d1e5ea459dba673d52265693da736b09c0245bc3d9a4c41a7444e6
                                        
                                            GET /63c0d7d8.js HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: "0197549cfe06a9d567a7a859f6df8f0de"

                                         
                                         88.198.6.88
HTTP/1.1 304
                                        
accept-ranges: bytes
etag: "0197549cfe06a9d567a7a859f6df8f0de"
date: Thu, 29 Sep 2022 09:16:18 GMT

                                        
                                            GET /63c0d7d8.js HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: "0197549cfe06a9d567a7a859f6df8f0de"

                                         
                                         88.198.6.88
HTTP/1.1 304
                                        
accept-ranges: bytes
etag: "0197549cfe06a9d567a7a859f6df8f0de"
date: Thu, 29 Sep 2022 09:16:18 GMT

                                        
                                            POST /z3PzJCnXVZNezMBE48-3Vru0IGCrkUNYGxhxCVWPvoU8KkS-kzcFGKDTh1kBITWs5WctdvrEfJ851Z70gWlC1Tg59YgUjaKm997PRv_EE7dmT7R2mwYH5bhwRv1kONk_RcZSUP0D6vorfo1o5OoKHL1KSxe8KaX5w0hoI_yWDRWj6zwb0gELjhHzVAUMRHSdg6f6xG8rz50FLC3GHHOOTa6IlI_KvstlyoE08hw8BZWnC17gk9654YWN4pdINKyAkv2TbUasg66xL8RpQAF5F9aYZzt_WZXXeph2xQ-Yqvq4vJBUvNNkeDLSR8K5-MA-ulMfIuntyeHk98Va7s_Z6Gutf4brMUfAWeLSXnMjRmAVn3brQAPPmIu1efMxZfaVSTKbdJYAh50uN1wW9cO4BhpFMffFZs4flq4TzOhlJjzD6FxVFMyarNnyDuASpqepODHuxB9657ephrAFRu2sdPgRSfDb-pc6q9wW4WEnX2MOtwtS-FxmEIttQAWdYhVU1LT_bzAjtB3Tl40QdcrWt0RVjh215FJ9zaoBAmDTn__yGw6JuSizXwBLBEsw-5G0-GP1KlmySlvklp3qEwka2T5AKoPC0NcRqmmRDtMNv1wnYIUyVyZtpbDfXAoTOxaiL1Cw6_PwVa04AW2c8WQJ8jA? HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://extramovies.skin
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj1907.online; Expires=Sat, 28-Sep-2024 09:16:19 GMT; Path=/; Secure; SameSite=None
content-length: 1566
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (1566), with no line terminators
Size:   1566
Md5:    88b02312050fa7dca36ceb5a61e0b78a
Sha1:   d604659d8b79e08d0c2ddb635502d33d65414488
Sha256: fed4fcf8a9855071a5b220322446be53a1d8425d9f3c8de2b54d9061c58ee0ba
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2D2B0F7B9EE1424BB787A44075620D0C02A0CF9994DB6D5AE161EBD6A3AFB07"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2872
Expires: Thu, 29 Sep 2022 10:04:11 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2D2B0F7B9EE1424BB787A44075620D0C02A0CF9994DB6D5AE161EBD6A3AFB07"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2872
Expires: Thu, 29 Sep 2022 10:04:11 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            POST /zGbLX2KB2i6jd9-O13dHzRYu-gk5-nDDHQajYt7E_bbsBSRJcp-mncSQ8gcc4A790O7Ca4YAaZ29VaLHlfbcCOAeBKbOwqdXPMr5H_6ah3c9MLdFIDY0mTtwAFdwNc4Jev9zKtVRf0N1xqALL94Ya_kg0GWMjoXxu3CKqIAv9XTvcuFcQEAJFGaKavqjks2cHEzaw6DowAA0QPKd6MUAm0nUflDYwOXzkrECnrhj0RVZqeEWhPf229vyWiy4vfcS87plZFRlwzWWDH23H2bI-kqAOs61u7sub9yZvnx8B8JYq_2BefYSyW_SdK_dyWqg8HzxO2cGnh18bn7W-Lqk5se8p01hGFT275ZcPeHXb32LV6vci74v_lBHQjRQxcezasAPr9c6jZgXF8fl0L3Ck4I4SS2aToq3vAV_4C3ayGf7YWxVvZVFMpUsA-ZOQckys2mxtC1UJHRrADhCLwVfxyH21NRHGvC-OMFm8nKBd2U5dyQvDqbSnFbpqrubYoeSJnIkRMF0O5p94XrH4F_5sDE4MyQ55SPR0RkqZkfW_kdCYmTg5jHeFZRHlPcDCsvvIFAURA9wsTMYbsS4Rs99XqAqEgLFoawdMc42jZzY1vMYom0KoamQEzh4Dhoq_pHwDz8tUuCBTWW04XVAq0Q? HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://extramovies.skin
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj1907.online; Expires=Sat, 28-Sep-2024 09:16:19 GMT; Path=/; Secure; SameSite=None
content-length: 734
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (734), with no line terminators
Size:   734
Md5:    46d4745eaffea9d35693ab2478ee0ea2
Sha1:   45c25d1861e7ccd71debc3ab3461ddb3b637079d
Sha256: 3091865110fd932789b08c960fae5d9fa200cb6b28f4237a1097dabe55a23ac1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:19 GMT
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 09:53:49 GMT
Expires: Tue, 04 Oct 2022 09:53:48 GMT
Etag: "9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0"
Cache-Control: max-age=433648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75239e8affbcb529-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 09:16:19 GMT
Last-Modified: Thu, 29 Sep 2022 08:18:26 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qtc7ltRgu9sF5er-35i-DVHZloLV5MJ_40b-bUOqSsV1wwvhUv0Y3A==
Age: 3473

                                        
                                            POST /zL8advh-UBxeMcEi88fTIkGB6EnhRu0ETw8GgLk9nojp6zhPk1wnZ_jIJMMITSUMBPYYaGZZJIT9g_wVmg8lxJtJkhv6R-dti967jGI5RJzhzQD2hicfGDl4ll7L2SkovctdLsd8uDpVrjEb4BKZR7Oc4G7RoG2tnk_0DFkHMST_Uqwws05_LTo5aEs78aHGlB4O4zHTxZtFtgsXNGhDd2O23v_rX8eJEY6iimL0OUQFijP7B8MXxIYgt3Ra7a9-dGUuGMwOpuZhA0wsWkicU_X_g3tOVRlKyIbtc36lCdgoAejCttUFpWWkltDI4F3XNGR4VsQr7q4PaDECd0fIoZyQ_rbjHy9nymNkezoLNgJldPNOxoVuNUDryIGokyaBFahQsxLAWAhJRFsjMUjHBAPnPJYiMkj8mu2-SElmJa-svk4WkMSYwEz42VUshDBdTAXWNY7RbrCdrd5uv6fbAoHJ9N42nd7S3QXxt11-EeKgl6-dQkxMmXzOdk0Bo2XXmS7yunEiqRb5OgJO4AT7IpmFW10-Cefnx-g7Jabjx6mvWqaB5lf5RAQN_AdXJq35oM8slJ4xhvOK-uVNxeYgNgPLI39pH5W9OlmwMdJSXNzo5CUyGHtmTNF9ViwRCUrQbFEeAyIHDYIBTXm06XgRy2g? HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://extramovies.skin
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj1907.online; Expires=Sat, 28-Sep-2024 09:16:19 GMT; Path=/; Secure; SameSite=None
content-length: 1566
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (1566), with no line terminators
Size:   1566
Md5:    696c9df82eb7a114aa88c3c3684c4eb5
Sha1:   551b953d4c937ba108e617a8dc57c8563ff9ede7
Sha256: 6f0e5c54e8e33405e1f4ddb1497d682e0a32b85f9db4dce9a464f4e08ca5333b
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 09:16:19 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://extramovies.skin
access-control-allow-credentials: true
set-cookie: uid_id2=bef916fb-99eb-4c3a-be6a-02feb953021e:2:1; expires=Sun, 26 Sep 2032 09:16:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    8c319d92742301ad63489843e531c407
Sha1:   c2e7d59c9825402fc2b8e5f002f46feb9889db10
Sha256: 4fb4c188f8752b9c7c9ea7a5fe9ff3a75c1f10632ef09d904f411abdc5a5e669
                                        
                                            GET /zKEd7wU4Q2NDP_med9zyr9W-pEaht3wt3FFVQgmfzlFov_bkl8-oyPECGIt4nIdBD15iROXJsjpbYeWQ8_cFxdOHPTqhFm8gbZW2ym77C9spoLszTT6jB0PYQZ9f6V3D9rPqTSnKyt7NIcSY7erSpAlAmsFMBHK4sDqp3uthABXGsLhkcaGUWOEKLnEJZwdAfyUCkJ9qQg8bfGm5j5gl4j5EnWQdc4Jty3wIGn9-0XOrF93b-sRhQUf5RVunkB2Ev_H11-vBuN7_CaXDi6GLM1Rc6AyfY4jQvyRI3lwXzi-fw_kyWFDJhlD74gUDY9JavhN9pvwT3FqXbAbUnZ2ynlRopA2PVa3fI-Ql-IFhPqSkQca0XotEHxgpVx66Abgx9aasfGeJnoZebnUSf-mBXIIsJtWZzmn7w-NRJYbT31GowuwMEdBJmwdSxhsNcyx-ckUwjy_DYDArcvvR__0te-jetOUIn4bMQMF07zrgZJ22XLxcIxhWxLJ1Wb01ZtS_5_B8ibZs?DC=HZ HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: image/gif
                                        
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"49-1658256548000"
last-modified: Tue, 19 Jul 2022 18:49:08 GMT
content-length: 49
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    56398e76be6355ad5999b262208a17c9
Sha1:   a1fdee122b95748d81cee426d717c05b5174fe96
Sha256: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
                                        
                                            GET /zOm394GlU3-yS48zLGQt58-B9GfwGZxUJkk6uLqqlCNehqS1g-jhcoLz_kQ7w_0sJHnfqePYHsYGLigahX7ZM-DUAHYDf9veQM8kknilSwwWmBdj3e_4R-JAM-UEv05ofSCOrGkdGEwJgqKYSsu8D8SABj4Fysh3yjhc5JliqbPpcVO82ofiFBBnErqi_CPIUE7t36k8K2FCdn8yvIbTQbkcGQgF93kY2OvA5pkWLbY3rPkjUTQvmFLDevGLo71VDMOAX4LQtzI-JA55FlFgmYTPcgLSvKTbJCPLdkvrj5fF5mxojQVMoW0xbA3tGDAtotKJWJtAHpMSMe5ri3FZx4plhLvhSJz_qXt_5RDu7RKcvsZoDD8iOoKC2otLBxxEhbO0s0wgnjNCmfRydCvDRQ04Vai80_QUsF6bT_oDqW0b7yzJYnHXJ-hIcPIP3yBDXAy9hR5Dg9QLqPJwP_YyvQ5MYuvVxpqUbi-NyZ07bxUpWw0s8l_wb_S2FN6IoFSIjXL68rb9Y7usutoCvdW1VHdzeoMlu45eEix47?DC=HZ HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: image/gif
                                        
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=750-NO-1664529379233-24--; Domain=.aj1907.online; Expires=Fri, 29-Sep-2023 09:16:19 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1658256542000"
last-modified: Tue, 19 Jul 2022 18:49:02 GMT
content-length: 43
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /npm/p2p-media-loader-hlsjs@0.6.2/build/p2p-media-loader-hlsjs.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 09:16:19 GMT
age: 14661563
x-served-by: cache-fra19167-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7663
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26814)
Size:   7663
Md5:    0d36c859abc3f966b11a463c8d87122b
Sha1:   9fedf0d519f388331964b5519dd083158e1bc7f5
Sha256: ee6f1ff855762c8eab4397ad5ce92b98018103e32f2093d0e26212738b762568
                                        
                                            GET /npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 09:16:19 GMT
age: 30771
x-served-by: cache-fra19139-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39360
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   39360
Md5:    53cacb48caebcb99ba656993c6203fd6
Sha1:   ae06ee2920eac3e2093cd39033adc4d46bc195b9
Sha256: 510c17d0bbfe7482f749d3ca7a76ddc97e43ff964a64687be90cbd24be60f561
                                        
                                            GET /npm/hls.js@0.14.17 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.14.17
x-jsd-version-type: version
etag: W/"3ab62-0tMQz48mqu56W8Djvl7H6kr8/tw"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 09:16:19 GMT
age: 14720607
x-served-by: cache-fra19152-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72032
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   72032
Md5:    fb78731e90c913b1a3c64f9e9f7613fb
Sha1:   cbfd0dadc2e61f8ba945ac5b2eeb75353a057836
Sha256: 4fa1dca0c0606420315f4c73906b29ff662fc6f9559e7840e3089b1562c35db1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=334738,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75239e8bd8c1b529-OSL

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B0C8696AE22C2DE7ECC39F23B48848A860FD7F08"
Expires: Thu, 29 Sep 2022 20:00:00 GMT
Last-Modified: Thu, 29 Sep 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1795
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75239e8d0c4c0b31-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    41df58089cb6ddc115007f49a6209526
Sha1:   819392a30a40bed78bd046d91af2a5ced4b5758d
Sha256: 1ade2f1b5f3e51fa028819e7975927d8fd5f4921148f7602884633b8c72fd957
                                        
                                            GET /player/js/adblock.js HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/play/ftt12663772
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
content-length: 19
last-modified: Fri, 27 Sep 2019 14:11:26 GMT
etag: "5d8e188e-13"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   19
Md5:    36996cd7ac0e466a566c55ee7bb4a69b
Sha1:   9d600f17f872c789c023ea08918b11d79ed7e732
Sha256: 770b166e6581feb9bf6886850b17ca8d58b81e2ab946228d263fd1d2d0c297fd
                                        
                                            GET /gid.js?userId=c508fbe08253481d950c7131bee54780 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
content-length: 65
access-control-allow-origin: https://extramovies.skin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c508fbe08253481d950c7131bee54780; expires=Fri, 29 Sep 2023 09:16:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e88359482632e64814da2fe04fe90b4f
Sha1:   6f7eedbc87f1b774c113f4239045f7a8ce657af1
Sha256: eb9c1700d669ea019850fe556e4194b47addcfe3dfcbceaad9ae6f04ee7e9081
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CDBD4C40F4F215F3902C4883041117E815056C16FC44396D94397E3DCE165774"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=244
Expires: Thu, 29 Sep 2022 09:20:23 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            GET /58dc5dfd.js HTTP/1.1 
Host: aj2178.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.0.234
HTTP/1.1 200
content-type: application/javascript
                                        
accept-ranges: bytes
etag: "09c4238b63aaf4bc4593b9519b17d89b2"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (37143), with no line terminators
Size:   13490
Md5:    d9be880fe8975018fa319ade78062e7a
Sha1:   925f2cff3a779a1ab4562e077daad4f169b9612f
Sha256: 2f7d7262cef9efefed62c39059510d27afae3d701f365ef0b27db12e390cd81e
                                        
                                            GET /b0/49/99/b049995ec8a9cc88536c8c33226ef8cd.js HTTP/1.1 
Host: plainmarshyaltered.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Thu, 29 Sep 2022 09:16:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3157368ee355d29b171becd1b5548cee
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   28741
Md5:    768e77f604e8d152ff6922db8527b5fb
Sha1:   57a7fe6b543541b34434ea358a5dc2bfd6e362d5
Sha256: 03c11cbbaa11d4ab469ac074598d07e6aa638306ea0c1d69b7a6f5875fccef30

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /pb/dHQxMjY2Mzc3Mi0xNjY0NDQyOTc1MjYz HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1129)
Size:   1211
Md5:    a5cb2a47615899ba78257fc19f28850f
Sha1:   7965fa8cf495028dbb981d1b06c79ab704c7652a
Sha256: bf57c792751e86f2a2586c627b4a5d84145bf3fe04986d37645d61d8fccab654
                                        
                                            GET /zcBcKyQVvfSGQXGwmI_TZNlorfDYPF--XXaX9g1KeBIchPJqOrWnw77A8bN93x9-EPjTrH1tDSF3ej3h0VTY8kB1GDT2DlcfX7jUVU1n-b45XFlvVITYRIGfYO-4Oq4b-lmj2mQXSMgocYenhZ5MmsKTR4BDt4DKtVel8LmqY9k_xVAImuzSTffNimVoyA1sVYA5avedGbpUNTiH68j12H_dAJ8wbD0cdQROLVGYq6O1BVD70YnDIKYnYF9EHM17ZkOH4uRZqMaIh65-x2I7zPx9cfgju8LF26TRVypgy0iSAKiqPzPAFTZSLXiJ5UnFBRRs5DtjO7rzVrkj0Y6JhJN-TMJpm45zWAMaZCfQR4GQvRIx7Z1ffPDh3vRTAs1ioM15HERDoHmZK348deXK38MinI-9XyBVIGjqIwmEsSwZ6lcCGsg3gg5H_zfF38D0v7Vkr7zjANXVyRjeJld-0xNQUy3XDMh2PLAUdbv_rdawuGC6rYxnDt8VNeaGG4rprFB5imvEkSwnWpwsSvsvuOQISJav--sD6D3x4?DC=HZ HTTP/1.1 
Host: aj1907.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; ucv=750-NO-1664529379233-24--
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.6.88
HTTP/1.1 200
content-type: image/gif
                                        
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=750-NO-1664529379233-24--; Domain=.aj1907.online; Expires=Fri, 29-Sep-2023 09:16:19 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1658256542000"
last-modified: Tue, 19 Jul 2022 18:49:02 GMT
content-length: 43
date: Thu, 29 Sep 2022 09:16:19 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /zQCVp9_03ebn7ggaSEcSMLUGx-ZXJLp3DchBC4fu6QzmmVkoRbkghYX5DmYJ87WSRmIJX-8jEzY3X_RGlLaqgnR42oZd4iovuA3akq0q4EKpU5RBMn0QtsVYPK2hTczO3-Nf5SabDjH9cZPk4zHXl-EAcm40peqPLFGqn5Mwh98-CwMhnmAaiOZs_AhbrRcuLDCWPrE81WxYdnPsCZXeb5K0PHkuRvo6dPtTmDGav1u5r1Lj_ptLdacp5-QgXDFPLChwXE6aX1M4o5DYtWtREXOHuOB0oi2HxOT2JZCOLdkO6u3HPqkOKjCRgASsz8pOkEtVrlCPi5GfQ5iY3id1aDru1pa6Nlt3MpsL4suR5nCGKQ6CkgdVKgDLjklouQ8Yh_ePRQw5JExqCc-_ne8R-Y3NTKPBIamI6avxDwycUCi9IoymKhVCrf1w7532EX7vhLCkzFleN7sYkV8UywOluOGgFe47QhRGWPml_8m4VOKWEUuUrS7jzEefyM38qFep9WRDhwIPxR-dSvG-UZl6aMeZPDRYceT24y_QE6J2YxImTCtxH8QeU9-HMwlKMMgvaBB0gdaDuFX-ecqGXNQCY0pm28uxyDgXjAHa5py9J-06WTuIjtDAS8OfcB4A3WmfAgzOfCZxcg2g7cjoCXrLpiZUPVF7t1VMrZFWCuV2RapTVXASTw0mNGgFkyGrl7GuQ74kdTpcoSG3ld_UFUWuMeTM5dSWdqXAPqzEZjfCVsax3fqX3A_NLqfTKXzZ4chj9b-KPG66N0yBHDzVvM8vlQxp4PfyP13YnVcu9c0XhLTf5PohKGoMyAeylsUPfhmOrHGDyVKhQsOjTL45I04dXg46o_spZiFkesRe7pHGgtPEHuHbGmM0XBLJnCZCzUSYYJCZx52UwnnZWGwY6LoMGMIFa5orIonc5kIRb310oRuGGOM37ds-cLyzQZFWwDbtDoqu8glnnlyt_hubfqmD4q8kQEIOkpbx9L8-6uVmFbaXTOwLjOdqvyUz4DI2Ko35kY3LWif3QBXW0cn4eidlW3g0783BwAiGMQdiDVVbKw9RA9btAyn94wIGkq4YZ-RLC41Sf4_nDCLDZg-CcTw7U6SopSbmA2BDmE9JoW8fHzbfjYfYj7qzUXA7on1u-BmUYaMLffGyZ3Dzp7px0h5_LoFJOcp_mbigknxX9-Id_imYjmryZA1zvO3B8ywpf83krA7NhHp7CjxsWv8w_LP6hn6l9ePdQEFkQWEwNkrjSbJrIURhq-N4wrzxfqr8omVut5m3NVdHDTJ5E78iqbKxoQcSJ7x293x4tkWLT7XX0PmWvxVlh7HbCIJNfQiV7laUBCYI1pbAolPj72ts0hO_m1kR-Vk_CNRTo7Elry4bLpptAYobC_XiQPvSg9noMn9elig? HTTP/1.1 
Host: aj2178.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         23.88.0.234
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://extramovies.skin
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj2178.online; Expires=Sat, 28-Sep-2024 09:16:19 GMT; Path=/; Secure; SameSite=None
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 29 Sep 2022 09:16:18 GMT


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (35444), with no line terminators
Size:   11890
Md5:    e5975d9968ae94ed2257eefbd461e508
Sha1:   4da43e870fff99d905d31a09ccaec261e006c875
Sha256: 588e791e2ed5c50f9628002288c67053775596faac6ed6d842c22e648289df77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /58dc5dfd.js HTTP/1.1 
Host: aj2178.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: "09c4238b63aaf4bc4593b9519b17d89b2"

                                         
                                         23.88.0.234
HTTP/1.1 304
                                        
accept-ranges: bytes
etag: "09c4238b63aaf4bc4593b9519b17d89b2"
date: Thu, 29 Sep 2022 09:16:18 GMT

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17873
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17873
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            GET /play/ftt12663772 HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1714
Md5:    b4eb4c7a6ca7978d6a682f08b90c995c
Sha1:   095b02c91187bfc08a2ae2d52ad92f869846c896
Sha256: 053d7add9d4d91cb128991b71b06fa340b06a7614d2372aa00abd2df801ce942
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17873
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 17739
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9654
Md5:    36ae9444071dd70dcf86802c370ffda9
Sha1:   44cc19b21912d07f82a88af5b2fa6d3e370459bf
Sha256: 99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "754DF7AA94101A36B29397F440AA63581412DE7D716DA1D4C14483BA12235AB3"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2625
Expires: Thu, 29 Sep 2022 10:00:04 GMT
Date: Thu, 29 Sep 2022 09:16:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 40281
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10023
Md5:    f4505f57697072468da82e0b536d0d5b
Sha1:   e1067a2dfbc22e7eb196046d57bd1e17604dba75
Sha256: b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9002
x-amzn-requestid: 0623931b-a4d6-49de-ba32-d071c08eddbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoiGKRIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be36-1573e2e91c85617424db019f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mmSMfKcxGrh9meSHTynf1wRZLrzc4wejFbKSO6qaJ3hn8h4-QwAAcQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 41153
etag: "d76293673a7aa2861b069ced614cdcdb84fed6d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9002
Md5:    c80d7ce8a9d3fba54855e05731db759c
Sha1:   d76293673a7aa2861b069ced614cdcdb84fed6d3
Sha256: eabd1bfef29cad4045d688a909b9a8c88818d80bb432ce642d055583cf66d77d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 57489
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 40284
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4235
Md5:    30471179bd7cdeecea2fa4ea98701aef
Sha1:   2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
Sha256: 967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
                                        
                                            GET /playerjs/js/playerjs.js?=1664442979 HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/play/ftt12663772
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
last-modified: Thu, 22 Sep 2022 21:40:54 GMT
vary: Accept-Encoding
etag: W/"632cd666-649d6"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   158149
Md5:    469afa159a6b5e90642b6b412fa0582d
Sha1:   7c5668e98a692903f78f8290205337367f7b6829
Sha256: 0b135dcba68311eaa801974b0f1ac08680ab9f99f6fcafd54a96c9f1bd3fd507
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cv/js/sender/v1/cast_sender.js?loadCastFramework=1 HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="cloudview"
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-length: 2007
date: Thu, 29 Sep 2022 09:16:20 GMT
expires: Thu, 29 Sep 2022 09:16:20 GMT
cache-control: private, max-age=3000
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1143)
Size:   2007
Md5:    c439f328a6d5a2f9cba8f719b4a0c39b
Sha1:   c91a5d5bce3629fa350f8bed6a6693ab477a0f99
Sha256: 79dc7857f15689c75f5126726ad2b5894d3a43018928420482eba684b800f193
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /watch.399245304932.js?key=52f60c40d18cf10a42083b11716e05e0&kw=%5B%22in%22%2C%22our%22%2C%22prime%22%2C%222022%22%2C%22full%22%2C%22movies%22%2C%22hindi%22%2C%22fan%22%2C%22dubbed%22%2C%22720p%22%2C%22hdrip%22%2C%22-%22%2C%22extramovies%22%5D&refer=https%3A%2F%2Fextramovies.skin%2Fin-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip%2F&tz=0&dev=r&res=12.31&uuid=bef916fb-99eb-4c3a-be6a-02feb953021e%3A2%3A1&shu=429078113e7e611e7ff5009a6d94462ea8bf04d6c2b0d93fdd6be3505f90ed4fcce73e5f62ba831b4fc7cc476d68ec3d9087f7002b318d352ff60138a49d22804dece11a6f092fce7cc67f40cd260898f9baa3c35142325bcca9776056f917cab4ab&pst=1664443039&rmtc=t HTTP/1.1 
Host: plainmarshyaltered.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Referer: https://extramovies.skin/
Connection: keep-alive
Cookie: u_pl=17163858; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE2Mzg1OCwiayI6IjUyZjYwYzQwZDE4Y2YxMGE0MjA4M2IxMTcxNmUwNWUwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODI5OTQxLCJwaWQiOjQ5MDc3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjMsInB0Ijo0LCJwayI6InRpc3kxeTNyIiwiY3BrcyI6eyAiMjgiOiJiMDQ5OTk1ZWM4YTljYzg4NTM2YzhjMzMyMjZlZjhjZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZXh0cmFtb3ZpZXMuc2tpbi9pbi1vdXItcHJpbWUtMjAyMi1mdWxsLW1vdmllcy1oaW5kaS1mYW4tZHViYmVkLTcyMHAtaGRyaXAvIn19.c7Gwn9E3aRfMCMUn6FVdfUTBMmptp5T-GSNSGz4Qrbs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Thu, 29 Sep 2022 09:16:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://extramovies.skin
Access-Control-Allow-Origin: https://extramovies.skin
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bef916fb-99eb-4c3a-be6a-02feb953021e:2:1; expires=Thu, 06 Oct 2022 09:16:20 GMT; secure; SameSite=None pdhtkv=true; expires=Fri, 30 Sep 2022 09:16:20 GMT; secure; SameSite=None uncs=1; expires=Fri, 30 Sep 2022 09:16:20 GMT; secure; SameSite=None pdhtkv23=true; expires=Fri, 30 Sep 2022 09:16:20 GMT; secure; SameSite=None uncs23=1; expires=Fri, 30 Sep 2022 09:16:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 339ebe0e4edc28104d6382c0b506037f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (2443)
Size:   1983
Md5:    8bb5817ee6c9fe4621e6dd3155e26413
Sha1:   397dea0f0e357c35ab8cbf9b57aa233f03aa15e2
Sha256: dd024e7e213f5cc6b8c88be761d44c3d522835cd1d14810343274cbf250d4d62

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /5/4436166 HTTP/1.1 
Host: thaudray.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:17 GMT
x-trace-id: 385e53f965fc01a0fa3015ec7b74482f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c508fbe08253481d950c7131bee54780; expires=Fri, 29 Sep 2023 09:16:17 GMT; path=/; secure; SameSite=None oaidts=1664442977; expires=Fri, 29 Sep 2023 09:16:17 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   36297
Md5:    7cd7facc57fdbf1fe84e95130c0a3b58
Sha1:   238eb105ca32ad97a1f9ede7afb489cf7d9a10b0
Sha256: fd8beb53bf135e62cf321587ff3fe6654544f98df2e9c3ab64d22ca7968f840b
                                        
                                            GET /2088402?size=300x250 HTTP/1.1 
Host: ad.a-ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.63.97.71
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://extramovies.skin/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4771
Md5:    582e25bbf193bfeab87157a1a2fbd92a
Sha1:   42b833cabdb1ecbcea9629cb5b6be9dd269e4102
Sha256: 35770cb3db89c6f3d6bc9c94a295d41db6940a65842e439498baac6724e0de81
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 49332
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "45A51C801535A5CBFA3D49802525AF2EA4E97CA3C1FAD07AB3B654A5C3728D18"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Thu, 29 Sep 2022 12:04:15 GMT
Date: Thu, 29 Sep 2022 09:16:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "754DF7AA94101A36B29397F440AA63581412DE7D716DA1D4C14483BA12235AB3"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2624
Expires: Thu, 29 Sep 2022 10:00:04 GMT
Date: Thu, 29 Sep 2022 09:16:20 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?userId=k5vm121146qa034752866n8j3uxle075 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://extramovies.skin
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: ID=c508fbe08253481d950c7131bee54780
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
content-length: 65
access-control-allow-origin: https://extramovies.skin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c508fbe08253481d950c7131bee54780; expires=Fri, 29 Sep 2023 09:16:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e88359482632e64814da2fe04fe90b4f
Sha1:   6f7eedbc87f1b774c113f4239045f7a8ce657af1
Sha256: eb9c1700d669ea019850fe556e4194b47addcfe3dfcbceaad9ae6f04ee7e9081
                                        
                                            GET /css?family=Roboto HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 09:16:19 GMT
date: Thu, 29 Sep 2022 09:16:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   511
Md5:    29a75db3dbf9b888e91f0a7f37b4f7e3
Sha1:   37e1e1af78ff234060204a036840dcf1492904bc
Sha256: 10f5d091eaae46c4d65c88d3642d9036820afa1cf6c0a4459fe7a156b708d0fa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.193.5
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 09:16:20 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 226ee85799d4c2df5b5ed1061d38ecb6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 29 Sep 2022 09:16:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THrNgwOlHXLLQFYAtvSPD5%2F%2Fkhzp7EVlw4vUa3fFGFEdEuxTgWTGsGR7jlKU2VNQlY3%2FP08GGW3PP0ILiGGaqMqFR46SkXHXht8XwOutJBOxeu6GIEQoWfWqegmgvWmN0%2FPnUgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75239e911970f407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27591
Md5:    a72298862dc6edca301208fb89224f5e
Sha1:   d18eea30228960bd54e2c59f512300c9c28494df
Sha256: 379b70ef57a91b8c5a183a927498f77aace8722054d1488a273ef036fbc1c95b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 08:41:09 GMT
expires: Thu, 29 Sep 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 2111
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /~fc/extramoviesin?bg=000000&fg=FFFFFF&anim=0&label=listeners HTTP/1.1 
Host: feeds.feedburner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.206
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 1219
expires: Thu, 29 Sep 2022 11:16:20 GMT
cache-control: max-age=7200
date: Thu, 29 Sep 2022 09:16:20 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 26\012- data
Size:   1219
Md5:    152f56c9119523e6946898a5647053e9
Sha1:   be8449ee585f6c7bca1a23c7a6ca31486014a6b3
Sha256: b1bc07093c82ed43a351bfbae2f9b3532d6a9ffe9e66b6de7cbbcb70bce13191
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /playlist/PYa$CKO9onfz-yJw7lvGwusinb1itPdFkPhan5rKNSHcL+UTrsH$Ufkqt-hRIx507QURg0KBp9iAhSaWMScmjpwdxQJVc7daJa6pw6N-gl39b8qE5StTPrtZQkwdyVakdIChIpdT4eUmErwQWt-RNpDONcq0$D7tbjvWGJEdorF93lCDOLX+WKA15Ne76TDlRS67$+Nd-hbyC+ygJKrZp5EEmd0mZIq8+mzIo$Zeb+A0I3rnQM$UQkemd7oGB+eghEq5T-GUj+bCEv$-awURhQ!!.txt HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
X-CSRF-TOKEN: HKwLq3BidpC$K9RRhtkPdQ8huTheQe14TmUblCJtSoyDIVju1ZDAIBM9JmUi3D7N
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/pb/dHQxMjY2Mzc3Mi0xNjY0NDQyOTc1MjYz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (334), with no line terminators
Size:   334
Md5:    fdec74eb78ef0129244fd288a97ece47
Sha1:   6be9493ed72ea09a1dae6f6c1913cafef19ddc40
Sha256: 05679768207314f71a029b28ad5015dade1b7cab5535c1d424c5fb0f4e7e024d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FC0A2CDC09CE8365B0EB9FDF07AE268D11CDCC69C92BC045764843BC6F2B05B6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Thu, 29 Sep 2022 12:26:23 GMT
Date: Thu, 29 Sep 2022 09:16:20 GMT
Connection: keep-alive

                                        
                                            GET /stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8 HTTP/1.1 
Host: i-cdn-0.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         213.183.62.122
HTTP/2 302 Found
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
content-length: 138
location: https://cdn4507.aws-ind-tv-1233.online/stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
                                        
                                            GET /stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8 HTTP/1.1 
Host: i-cdn-0.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         213.183.62.122
HTTP/2 302 Found
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
content-length: 138
location: https://cdn4507.aws-ind-tv-1233.online/stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
                                        
                                            GET /cti/57/04/7b/57047b850b4959aabc005d0b5463c152/1663165273.gif HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 09:16:20 GMT
content-length: 27323
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:21:20 GMT
etag: "6321e360-6abb"
expires: Sat, 01 Oct 2022 09:16:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 728 x 90\012- data
Size:   27323
Md5:    a80889fa4d87424b0710735e5435a9c7
Sha1:   527ff0ecada13e341bcf56ae01183845d02f3570
Sha256: 50cf8c3e691692dd0faffd6f30f06fdc55954bf5d6319d77a313361d537c170c
                                        
                                            GET /img/b/R29vZ2xl/AVvXsEjGJWcYjg7EYpd-okMJma3SKQmOTBAGejaNupWzB0z58urAc9ZVPJw3mYY5o7H7lBWFruJqPyXcaV4dDt6BPh_nl1_-o6-ADqQUhvPbCBUEP-sEts5G-EF-sKaSUxQgsWdIXN9mR4jpIDGIvK2ybgCX2ue3wUHyrWG0bXKSZuRGV8N_-AFNsNNOFto/s1600/vlcsnap-2022-05-25-08h06m33s454.png HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1783"
expires: Fri, 30 Sep 2022 09:16:21 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="vlcsnap-2022-05-25-08h06m33s454.png"
vary: Origin
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 09:16:21 GMT
server: fife
content-length: 568779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 538, 8-bit/color RGB, non-interlaced\012- data
Size:   568779
Md5:    87e2f1eaa9a010dd0b207036dd338398
Sha1:   683857b01ada9fe9ba5e5180779edb6906d8a0b8
Sha256: 274d44006351d4f9083e2c05898e5ab0c009cfbe1f1e0405630be5a9f52bc62b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/b/R29vZ2xl/AVvXsEjuGcuNZ2hzt1iCy3uk84aHYtwjccM_4zQFiocpcVMbVnYlczC_j0NN_6-c33HAn-JVxFvE9_AbhGHVPrxSBbZwHkcBXY4z1pjMpNoIaOMzNMNe_Rp1m98H5CoSSOsoJfvrdrBjk9mNVb9hwgIO6_8Wpdpmy-NVzvqDYfXSqVbsXksCnqmfWuFshLo/s1600/vlcsnap-2022-05-25-08h06m13s237.png HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1782"
expires: Fri, 30 Sep 2022 09:16:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="vlcsnap-2022-05-25-08h06m13s237.png"
vary: Origin
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 09:16:20 GMT
server: fife
content-length: 511394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 538, 8-bit/color RGB, non-interlaced\012- data
Size:   511394
Md5:    0effc87456e10a867335341fca1ccb25
Sha1:   7c405e7523a102a0baad1de4297cb8e79d33a790
Sha256: 67378aa4ba745077516c0364ebff317e43d56fabe1d8a6661e631170d8d8b8f2
                                        
                                            GET /img/b/R29vZ2xl/AVvXsEh2JgAupKsKd-DeDgkcnuHCbiL4E9R3HBoPUYXCMu3Bwuo5RiaqmmEce-moicwHQywTjGE0B8_umCYnwFEikn2Z5cfdhOUbR4WUJJgZkXpdN_BvOcCTRttA7LiSx1JziuYj5j31N_-Gp3CSgt7BRyfWpWxiSHcA7eFAOdPVqvo6gOZouqrTF9Zo97I/s1600/vlcsnap-2022-05-25-08h06m20s041.png HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1783"
expires: Fri, 30 Sep 2022 09:16:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="vlcsnap-2022-05-25-08h06m20s041.png"
vary: Origin
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 09:16:20 GMT
server: fife
content-length: 686163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 538, 8-bit/color RGB, non-interlaced\012- data
Size:   686163
Md5:    c1b7276bd5383664d87a0e4ad4112164
Sha1:   13d6aa0656eb8e786e398e9a3adb2a6c78e2d403
Sha256: a553efff7db6b56e232d1c06f121baaab21fc2292cdd3b8b9888e5d33a41bf51
                                        
                                            GET /img/b/R29vZ2xl/AVvXsEjhAxvi0E7DwVn-SYq-5r1cQIwCSNtWoI9muL6RHID21gOI6CvQKZUZUp6DmHQv4wo-abXDZtT12li7VZHkTeZznI7gCGhkYWW7FjzK_RAQXv-mEFQdl0Pz22D2M74NgI8wBJkz8pWTqSLtPYcO91GXRv1Rd7GC6FIPyGECI8wJl3Ig5PLo46Ln34Q/s600/In%20Our%20Prime%202022.jpg HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v1785"
expires: Fri, 30 Sep 2022 09:16:21 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="In Our Prime 2022.jpg"
vary: Origin
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 09:16:21 GMT
server: fife
content-length: 81594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 420x600, components 3\012- data
Size:   81594
Md5:    5d9c9a726ed4c6e14e6034f042e61a1d
Sha1:   8ca010f8525b23173c27aadb3fffa62fd98063c3
Sha256: 770fcbac8bebdf78faa45fdc78ee63c03e46d73bd8e1cd279bb2b3d0c3646ef0
                                        
                                            GET /img/b/R29vZ2xl/AVvXsEgdm8k6C5PyTZvqEFBQU2BUEjd8f6hKr8jCNl5ei2YdKWPVi0FKF6JU2roPZLswQLbUhGxdEZ6O7JIclfnaB7-nvymmY83zjEyR8rPAKCiOyDsiNFZGrr6ha3yKlLqVC3xD2UzpWoBv6BHruYGv8ESyqLhd32vHKcoCQKfMZpt4b1RyGu94tQF1Gzw/s1600/vlcsnap-2022-05-25-08h07m02s772.png HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1783"
expires: Fri, 30 Sep 2022 09:16:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="vlcsnap-2022-05-25-08h07m02s772.png"
vary: Origin
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 09:16:20 GMT
server: fife
content-length: 430940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 538, 8-bit/color RGB, non-interlaced\012- data
Size:   430940
Md5:    62db11876f90f8048aed8f1b478febc6
Sha1:   be37435ff980d550aacdf82217a22c54809ccc51
Sha256: 628c9e28343092c3d7d8dc612ebf02af279bdc7c78f44b6d4bfe7a714f25d435
                                        
                                            GET /zPqQX6L2daDU3R0H1gXuBxjKwL-Yh9lV-KWQvSE3b-kKjMUHQcx_XpoK9j1e9kIr3a424QOaH03fk1ENO1Gs8VhSGryjSrxoWfWa0_6qF8SyKkXmJ5IEqv3-A5x_l-bSLzh-Mj83-d96JkmDOxiw5ukM2oLJ-ggdAW20MLRjMGKHKlqDbtzHzfgrW-wptEwL4ilq0kIfTzp64U2G0k23eM1_2Ojb9ZawGDq8XTUceLh1BN8fjbmZUhtypaOVN7W0GLOedT-Nva-4jEXMMg9_vuhtBGiYbGty_HioVd_T837T_g8SLYaYxZksuhFX9_TTb3rmcFmi8BkRhtxp5Vp0lACwPHAXWl6B9kRey83SdWPjofsr5UgNCEypYwyJmOXtQrLRY3HJR_AkWPzYbJ8cTr4_BD4fqAYec6A8pF2ZKkb8Lp8NDiQjHxXR1zQDxwFEftVje0zc_WgpC0zNJf3QFnGkUgzAyknODsbQ3T1hhnntOGCMcWFF1UcbuyO7oLOQo1CKnTpeJ6SORjcMuYpuv5ZCSTjvOJfdkz7c4kh8?DC=HZ HTTP/1.1 
Host: aj2178.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.0.234
HTTP/1.1 200
content-type: image/gif
                                        
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=471-NO-1664529381179-24--; Domain=.aj2178.online; Expires=Fri, 29-Sep-2023 09:16:21 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1658256542000"
last-modified: Tue, 19 Jul 2022 18:49:02 GMT
content-length: 43
date: Thu, 29 Sep 2022 09:16:20 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /ztTTGi3g9NcQhQ-6isDUy9ieJYcAg1KENlPUv4LOcg6cknbGkYT2QZVYGvHW2HCPeW_UGmMJDFxEK5SuK5tVNbc0G1cwKrgSAIYRWkrXutPSymtnxUqbvYEIa0XnmD0K3A-pQ4veHtOudOWKpDnwDBb7NCVSB7zK4Mdwu1NJJxyICgJKMjKGftfZCxP2EIhiv893fY8WyptnSdV3Z4XDh3aOy3eQ4qCTA9h7oCYejvl4TvPnzfurqa4EYGY5na2fDDYautcVMGsuz-zlDB_1mwVPzO9oepgo8tyT2odV-I6VA0SzMJuD9vv8fBKo4EbvnI_EDEAwyZFaHGDtqWGJvyhc8psrcqT-3uBBNqVBSkE-28qWgCv5OPqYjvDHTIolvF3daTf6TRt7AxwcYZpcI4Od1DWZ7v4nn78-Us1GeDKvu0-0DJ1_gPNRX9Guv0PLXw9S3r5ZkhYSiwstvZ6VFrenLA2b-axNVj_nmmcCnAx4nHnKAnMzsaf8QST35CScGt8t5h_RVsfeLOwKTImy45JIw0Y9Ij1CFren88yM?DC=HZ HTTP/1.1 
Host: aj2178.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.0.234
HTTP/1.1 200
content-type: image/gif
                                        
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=471-NO-1664529381179-24--; Domain=.aj2178.online; Expires=Fri, 29-Sep-2023 09:16:21 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1658256542000"
last-modified: Tue, 19 Jul 2022 18:49:02 GMT
content-length: 43
date: Thu, 29 Sep 2022 09:16:20 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /content/stream/1xbetIndia/500_200_200_pageban.gif HTTP/1.1 
Host: amd-cdn-1.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.7.24.35
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:21 GMT
content-length: 119780
last-modified: Wed, 22 Jun 2022 14:31:01 GMT
etag: "62b327a5-1d3e4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 200\012- data
Size:   119780
Md5:    f5c55d54b017c0ef6692416f466109af
Sha1:   ce91f5f40de679df9a86cb91e08182b3a24f55fa
Sha256: 2dc7bf174022c6eddaa61ab7e91dfa2a12f3223190ab6d1623d24037362475c9
                                        
                                            GET /content/stream/1xbetIndia/500_200_no_risk_bet.gif HTTP/1.1 
Host: amd-cdn-1.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.7.24.35
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:21 GMT
content-length: 81575
last-modified: Wed, 22 Jun 2022 14:27:55 GMT
etag: "62b326eb-13ea7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 200\012- data
Size:   81575
Md5:    9bca3dddfa6d68532001ed3e5950dbcd
Sha1:   d8ffae9e073a17f3f27bc8d1f3707696c7cf3d8a
Sha256: da0ee5c5d86e5d01aceedb3a89a6466ae3330840d7f57c371ee94b25b3761d94
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9364
Expires: Thu, 29 Sep 2022 11:52:26 GMT
Date: Thu, 29 Sep 2022 09:16:22 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=bef916fb-99eb-4c3a-be6a-02feb953021e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=b049995ec8a9cc88536c8c33226ef8cd&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Thu, 29 Sep 2022 09:16:22 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 53360c1d2b32319ef680f6eeb368490e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /playlist/bPZaj+BQXo8x36H5Jigwx$ZeSZdyFsc+DGxKm$sSbH$laIjUvGzmsKF1yeTVfyyQmGiijn0wi96YvyXzPMLNlRpvodiPfnlSDy1zWcND+olAt1oAN$0ZJ5yFTP5hcUuWskHaALY4ZNsKEQOoveYQcg!!.txt HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
X-CSRF-TOKEN: HKwLq3BidpC$K9RRhtkPdQ8huTheQe14TmUblCJtSoyDIVju1ZDAIBM9JmUi3D7N
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/play/ftt12663772
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:19 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /playlist/bPZaj+BQXo8x36H5Jigwx$ZeSZdyFsc+DGxKm$sSbH$laIjUvGzmsKF1yeTVfyyQmGiijn0wi96YvyXzPMLNlRpvodiPfnlSDy1zWcND+olAt1oAN$0ZJ5yFTP5hcUuWskHaALY4ZNsKEQOoveYQcg!!.txt HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
X-CSRF-TOKEN: HKwLq3BidpC$K9RRhtkPdQ8huTheQe14TmUblCJtSoyDIVju1ZDAIBM9JmUi3D7N
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/pb/dHQxMjY2Mzc3Mi0xNjY0NDQyOTc1MjYz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /player.js HTTP/1.1 
Host: awsind.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://extramovies.skin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.46.53
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 09:16:17 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 638
last-modified: Thu, 29 Sep 2022 09:05:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWQSdtIkNdJFQRexiJPPd55aeEbCSjvTeAx30Cz4LqZMm0X9twNkv%2FJfUNDOGoPXKi19mz6ivCSFYGfX%2FGU5ZOLSlLUoFUKIz3SRhn85pVyUNyVkqK2aiHWh10ey3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75239e845e09b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?rb=CnKB_WKJRzfAjcj2cHW4o1jRXNj4s0OuCT9-vSZc60YKOzibx3_-HFR82RulSWhIsLcPw5I8rF5rLveFAj2CfWM5WFp4KV95tBhb0ckXiDIcVDqQ09QvAjuN27TVtBZ-jryIhOzGHWLQXrqohWigAbJwDghlb18sj5irCdLPbsYUdoWyTd4At8uy2ph4Vz5ZmHTAeqljo6EhKjdpIHVRil1grrU%3D&request_ab2=0&zoneid=4436166&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fextramovies.skin%2Fin-our-prime-2022-full-movies-hindi-fan-dubbed-720p-hdrip%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=3897c603-0531-4808-83eb-a48ded38e57f&userId=k5vm121146qa034752866n8j3uxle075&m=link HTTP/1.1 
Host: thaudray.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://extramovies.skin/
Origin: https://extramovies.skin
Connection: keep-alive
Cookie: OAID=c508fbe08253481d950c7131bee54780; oaidts=1664442977
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
x-trace-id: 36d6306b00a63fc8c898a4ec49a0d4f5
access-control-allow-origin: https://extramovies.skin
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=k5vm121146qa034752866n8j3uxle075; expires=Fri, 29 Sep 2023 09:16:20 GMT; path=/; secure; SameSite=None oaidts=1664442980; expires=Fri, 29 Sep 2023 09:16:20 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Thu, 06 Oct 2022 09:16:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /playlist/PYa$CKO9onfz-yJw7lvGwusinb1itPdFkPhan5rKNSHcL+UTrsH$Ufkqt-hRIx507QURg0KBp9iAhSaWMScmjpwdxQJVc7daJa6pw6N-gl39b8qE5StTPrtZQkwdyVakdIChIpdT4eUmErwQWt-RNpDONcq0$D7tbjvWGJEdorF93lCDOLX+WKA15Ne76TDlRS67$+Nd-hbyC+ygJKrZp5EEmd0mZIq8+mzIo$Zeb+A0I3rnQM$UQkemd7oGB+eghEq5T-GUj+bCEv$-awURhQ!!.txt HTTP/1.1 
Host: aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
X-CSRF-TOKEN: HKwLq3BidpC$K9RRhtkPdQ8huTheQe14TmUblCJtSoyDIVju1ZDAIBM9JmUi3D7N
Origin: https://aws-ind-tv-1233.online
Connection: keep-alive
Referer: https://aws-ind-tv-1233.online/play/ftt12663772
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         213.183.62.122
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-csrf-token
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8 HTTP/1.1 
Host: cdn4507.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://aws-ind-tv-1233.online/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         50.7.22.52
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stream2/i-cdn-0/501be8f63d7a4796d8462f9848c3df0c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT21keCpmTHpVaa1WU080VRJzTUV1dPRlWt9ERjdXTHVkMZRlWqllMZFTTElVP:1664446580:91.90.42.154:f8aebdf9d4090536d88fdd76f912079062bfe6b592d2689298e02b6c17689832/index.m3u8 HTTP/1.1 
Host: cdn4507.aws-ind-tv-1233.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://aws-ind-tv-1233.online/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         50.7.22.52
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 09:16:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---