| cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 | 172.67.183.11 | 301 Moved Permanently | 0 B |
URL HTTP/1.1cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP172.67.183.11:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 20:52:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 21:52:38 GMT
Location: https://cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xniwCbjx3gdtFYa259XeS5GXEIbaQmYZt26vOSGEztWLOejsrQHcY5Mu1MGywwNGmTO8bAl7bAjjoJChXNurBrTS%2BzRU06obXPqNvHkCvueKCxFqKmzBMQ2ybpIDwQLg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e51e2f7ddafabc-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash73c4166ca864f777db2cc1cd8658a7c2 c56b66b0b7c8516d4d5bfafe0c166711c78f3d25 310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5426
Expires: Sat, 22 Oct 2022 22:23:05 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashae56efd62a0d9249d98573172eb8b28b 5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28 82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7215
Expires: Sat, 22 Oct 2022 22:52:54 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 18.244.155.28 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP18.244.155.28:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashc9df6b36bf16969ac566c1b798362e4a e56eff34815153ae019a4bf63eb9746dd9ae2e5b 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 20:26:27 GMT
Expires: Sat, 22 Oct 2022 20:37:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 69bb5fd1ce23244553740f7d64d6366a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: C6O4vxRgTx2wu84Lo0UeXnpQg7h7ERzxt-l8Mv707rzlIOU-kyhUFw==
Age: 1572
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xPB2ma30zAR33EdXg2sojNlvCY499GLzelp1+fVEFSFBzW2MCaK50CwGMvZETudBGsAo3v3IhCEo0Eq9R2dy+A==
x-amz-request-id: YR81DPGG23EJWPRG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 20:37:42 GMT
age: 897
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashab96cf79b8260e25501804eec2cfa85a 1b0e1bdfc231a77a717739412bad01824ff9ebe6 4575496b5e05d94830bb5028d31b26643e663a2d56648c0854f0e6da1f98efd5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4575496B5E05D94830BB5028D31B26643E663A2D56648C0854F0E6DA1F98EFD5"
Last-Modified: Sat, 22 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11261
Expires: Sun, 23 Oct 2022 00:00:20 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashab96cf79b8260e25501804eec2cfa85a 1b0e1bdfc231a77a717739412bad01824ff9ebe6 4575496b5e05d94830bb5028d31b26643e663a2d56648c0854f0e6da1f98efd5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4575496B5E05D94830BB5028D31B26643E663A2D56648C0854F0E6DA1F98EFD5"
Last-Modified: Sat, 22 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11261
Expires: Sun, 23 Oct 2022 00:00:20 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashded4138af15b34b26b4ea7a18870194f 972bce13dd1a07f2fbc014bfa94b44c526028488 9cfb4cd9ef129769e35bb2e91d7ac097eaad632cc873dae5b77ddac31b2ec614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9CFB4CD9EF129769E35BB2E91D7AC097EAAD632CC873DAE5B77DDAC31B2EC614"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8954
Expires: Sat, 22 Oct 2022 23:21:53 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashded4138af15b34b26b4ea7a18870194f 972bce13dd1a07f2fbc014bfa94b44c526028488 9cfb4cd9ef129769e35bb2e91d7ac097eaad632cc873dae5b77ddac31b2ec614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9CFB4CD9EF129769E35BB2E91D7AC097EAAD632CC873DAE5B77DDAC31B2EC614"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8954
Expires: Sat, 22 Oct 2022 23:21:53 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive
|
|
| cima-club.cam/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7 | 104.26.12.236 | 200 OK | 42 B |
URL HTTP/2cima-club.cam/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7 IP104.26.12.236:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7 HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 18 Oct 2022 15:26:27 GMT
etag: "634ec5a3-2a"
server: cloudflare
cf-ray: 75e51e341d90b4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 22 Oct 2022 22:52:39 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 18.244.155.28 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP18.244.155.28:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 20:03:53 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 20:26:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dc5ba6653148afa9504262089bb395dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: fXaxz_9Crv6PE0Rf_lr51Jo-O0srDEDKJF1VI44ucEfFcsVz68zyJA==
Age: 2930
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfecd12689ba4c6aa556814b7fac0d344 a3005f6333ce5201a73e2857c764a1b0091a91d5 83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3023
Cache-Control: max-age=129867
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:40 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:57:07 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.148.190.4 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.190.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vMGWtH88hPqd/iLaWw6qwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mTa01dSnb89yARwhQLWNt/4FCzE=
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe5037c7287e8f6c6569102e2dfd166c8 e3ef55836da1024eb394ed1812df7b508e3f0397 7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 22 Oct 2022 21:36:42 GMT
Date: Sat, 22 Oct 2022 20:52:40 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe5037c7287e8f6c6569102e2dfd166c8 e3ef55836da1024eb394ed1812df7b508e3f0397 7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 22 Oct 2022 21:36:42 GMT
Date: Sat, 22 Oct 2022 20:52:40 GMT
Connection: keep-alive
|
|
| cima-club.cam/cdn-cgi/styles/challenges.css | 104.26.12.236 | 200 OK | 3.7 kB |
URL HTTP/2cima-club.cam/cdn-cgi/styles/challenges.css IP104.26.12.236:0
Hasha3e8aaea5ce99ae703c991a1ce2744ad 7be01149ba10485eea692cd3ebeb75f41dc9b9d6 137d9c6b0da95d370aef5361e8da568909bd2b617b64cde2f044a21044e968b7
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 15:26:27 GMT
etag: W/"634ec5a3-1896"
server: cloudflare
cf-ray: 75e51e33cd47b4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 22 Oct 2022 22:52:39 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 47 kB |
IP93.184.220.29:0
Hash2143ac7bcf15479c96249f4fc752892f c0010f7c50f41c9269658881d75ca0dadf9e4f07 69bf66e37788e50ab52a33cef8737fad490216b42bf10ee0c8fd98f7cd654fb8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: max-age=124177
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Etag: "6353872f-116"
Expires: Mon, 24 Oct 2022 07:22:18 GMT
Last-Modified: Sat, 22 Oct 2022 06:01:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 472 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash05ee461624e2ec37f65e859afe6543ba b99dcb558535d3d35d140e730aeeb41587622b30 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64F04C3CD458416DCAE7B6CED5F47EF5852D4F1FCE89D8A5C237EAFF263C9DAB"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7336
Expires: Sat, 22 Oct 2022 22:54:57 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash59aa1abd670a767d7a5e44fcc16d1b8c cc0462d6b28b5526c94f87b70da19e6b7ead6206 08de6f45fabe97e2667da1e26532d2764a07b840178ac14be26cc981f0aa53db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: max-age=124177
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Etag: "6353872f-116"
Expires: Mon, 24 Oct 2022 07:22:18 GMT
Last-Modified: Sat, 22 Oct 2022 06:01:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashea20460028066b7fba2f10b51d883192 a73b8263a4477aceeda349c7beff7050de9df38b f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashea20460028066b7fba2f10b51d883192 a73b8263a4477aceeda349c7beff7050de9df38b f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 7.4 kB |
URL HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:0
File typeASCII text, with very long lines (30837) Hashb17838cab5834aebca6018e15e284734 8e19358cca7f05c813071a8897e26806ee629c2b a60362d9a2eb5d4564727aa44b3c8245b062c44bb13d6a839b6da6ac5d14a890
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4f7ed69392ae801e60d1feb061dea261
cdn-cache: HIT
cf-cache-status: HIT
age: 193335
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75e51e3d0adcb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-174083888-1 | 142.250.74.168 | 200 OK | 45 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-174083888-1 IP142.250.74.168:0
File typeASCII text, with very long lines (1588) Hash4ddcccd7748c1d3ff6a6231983660269 b9ac1ee7178dbc642e33d55742d06a0d7f1bdf2a 0ae1956c2506dca050a85f234716f6fae0d6950152e47b3eb686da72a7c39229
GET /gtag/js?id=UA-174083888-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 22 Oct 2022 20:52:41 GMT
expires: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 | 194.242.11.186 | 301 Moved Permanently | 113 B |
URL HTTP/2cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 IP194.242.11.186:0 ASN#34989 ServeTheWorld AS
File typeASCII text, with no line terminators Hashe33d1c21496843349c928437d8678e87 329312ddae6e7a41dfdbac4c2bec5b12e064ca60 69534e7cdbdcafaabb5d69439c71adaf2d98061eed7d21db1345d58235b855ab
GET /admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/plain; charset=utf-8
content-length: 113
location: https://cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js
server: BunnyCDN-NO-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 53146
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 10/22/2022 20:52:41
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19144-FRA, cache-chi-kigq8000162-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: bef12650d7a6bba5bb2587422e180c28
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash05ee461624e2ec37f65e859afe6543ba b99dcb558535d3d35d140e730aeeb41587622b30 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Righteous&display=swap | 142.250.74.10 | 200 OK | 221 kB |
URL HTTP/2fonts.googleapis.com/css?family=Righteous&display=swap IP142.250.74.10:0
Size221 kB (221356 bytes) Hashce56b5a7e1288d47b9d537efce43a73b 6b010d86d37bb7f13bd533b11d5bce4862b3ce69 424e5d60ddf8d6962b2f8116e209c88846c8dc7a6345fac214255311abfa5c8f
GET /css?family=Righteous&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic | 142.250.74.10 | 200 OK | 8.0 kB |
URL HTTP/2fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic IP142.250.74.10:0
Hash1766173c4f47480024790567e8748630 d3d38c5808e0113694a6b2625cc5669ba7e919c2 4ec576ac305b5acaae672f5928a943134ac79ab74baa8e773dd173f354e90d8c
GET /css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash9f84a11cd39c014fffc187f2a8b0d8df 1875e117dec3fc707db902e87df9ec691b2cc763 bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b994a7b39cdd76397c9735498b6c7aea
cdn-cache: HIT
cf-cache-status: HIT
age: 193092
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75e51e3e9d4ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash9f84a11cd39c014fffc187f2a8b0d8df 1875e117dec3fc707db902e87df9ec691b2cc763 bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash9f84a11cd39c014fffc187f2a8b0d8df 1875e117dec3fc707db902e87df9ec691b2cc763 bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash9f84a11cd39c014fffc187f2a8b0d8df 1875e117dec3fc707db902e87df9ec691b2cc763 bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2 | 216.58.207.195 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 22056, version 1.0\012- data Hash6837d478d967d755114a1e1cd66da217 26095c8e77890874b47ee5e897627c51776afaa7 d830e0afba0d363cc75a59792bab42fb2420073c59623135a291a25c10493bee
GET /s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 05:18:36 GMT
expires: Sun, 22 Oct 2023 05:18:36 GMT
cache-control: public, max-age=31536000
age: 56045
last-modified: Fri, 24 Jun 2022 18:40:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 | 172.67.183.11 | 301 Moved Permanently | 18 kB |
URL HTTP/2cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP172.67.183.11:0
Hash2c7012fa24596ce94b2e2d93ea45b3de 83e6c5a64223f77990bc99aee8457ced96375043 4bf2b94d668765ded5c679c7dd93c89866a55609af677144be2e15b149d911a7
GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: text/html
location: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K15iWYbGsVf6%2Fn0Z%2BQbSHRSG3ldTT8JFKDILAm%2B%2BFzbM%2BsnYsUtWL4K8Sd0Od%2ByKktNwDtFC9mtwhBsC0XWafWjbGuX1HnxNAE3ZUnQQcTmEFTU%2Btvbp1iIsFDfMg04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e318f971bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 | 216.58.207.195 | 200 OK | 9.9 kB |
URL HTTP/2fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 9900, version 1.0\012- data Hash7256be46335261573e1ab1dc7f6539f0 abeac1b7890a903ac951c522bc9b3039ec6fa1f8 9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 20:03:26 GMT
expires: Thu, 19 Oct 2023 20:03:26 GMT
cache-control: public, max-age=31536000
age: 262155
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 | 216.58.207.195 | 200 OK | 11 kB |
URL HTTP/2fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 10584, version 1.0\012- data Hash316fa1995ea53f41426fa3a7f3b2df39 0bda75704bc7d985f7b934b74f433c53299e06b2 00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 00:34:42 GMT
expires: Fri, 20 Oct 2023 00:34:42 GMT
cache-control: public, max-age=31536000
age: 245879
last-modified: Wed, 27 Apr 2022 16:02:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic | 142.250.74.10 | 200 OK | 9.4 kB |
URL HTTP/2fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic IP142.250.74.10:0
Hashdf850e47ffb4602880fe451ac7af461f a38a385b3b960f10619afc2e5b7145f4085b1ba0 fe215722edfe78a5ae50adf4ccc3def53934dfd3754f0bd12fdc921bef33c4e5
GET /css?family=Tajawal:500,800&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c015e4618d61543586db8847f00d457 6329a0d632c7051b050373efcff01e75a1dd8abd b0f72ef2b0aa17c40739a836338d6222f72921e5b832ba23ea4c402d211206e3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B0F72EF2B0AA17C40739A836338D6222F72921E5B832BA23EA4C402D211206E3"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11981
Expires: Sun, 23 Oct 2022 00:12:22 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash9f84a11cd39c014fffc187f2a8b0d8df 1875e117dec3fc707db902e87df9ec691b2cc763 bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js | 151.101.85.229 | 200 OK | 437 B |
URL HTTP/2cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js IP151.101.85.229:0
Hash4361936cf4c73b5a0c339b4be6ab6d3d 9695e1df7a7b0e8903d8f208f00d4056e10a4a4d d31acb89066775afec071ee65c05ae0649d544ba0b4c93e5300fbf9c1adbcf16
GET /gh/admsev/jquery-play-sound@master/jquery.playSound.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.pics/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"390-5cOI3qPKGW/JVvByaf2H+opdYlk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 20:52:41 GMT
age: 35921
x-served-by: cache-fra19145-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 IP104.18.20.226:0
Hash74108e4c85b640c5473fa4934b499363 c18473188ff691b691ef8c2d9956a3d5383d1495 045d119543c06e7037bc703b1eda111cce983dbef71a289e5bb5eaca454e4c7b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:52:41 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8F7B3AB0A99971E74CEF5D153B46236A2581A3DA"
Expires: Sun, 23 Oct 2022 08:00:00 GMT
Last-Modified: Sat, 22 Oct 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1148
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e51e3fbc5cb50c-OSL
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 22 Oct 2022 20:41:09 GMT
expires: Sat, 22 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 692
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c015e4618d61543586db8847f00d457 6329a0d632c7051b050373efcff01e75a1dd8abd b0f72ef2b0aa17c40739a836338d6222f72921e5b832ba23ea4c402d211206e3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B0F72EF2B0AA17C40739A836338D6222F72921E5B832BA23EA4C402D211206E3"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11981
Expires: Sun, 23 Oct 2022 00:12:22 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| gvadz.click/css/main.css | 104.21.47.62 | 200 OK | 52 kB |
IP104.21.47.62:0
File typeASCII text, with very long lines (39081), with no line terminators Hashcb8a321e905562da0fa30d0427c3a961 abc4dc33af2ed64ca82a5e25c50ad65076802417 cc4c64f9620ce0af703cfdb7ae1a986c5938918f790c8f92c9961d8c3de613e1
GET /css/main.css HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/css
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=49270
etag: W/"615bff04-c076"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Tue, 05 Oct 2021 07:30:12 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTrV3dEClqrg4YMAYt4GursNbewk%2FebB4WE%2FL0P7vvkyAZwv%2Fx023KOWLoWnhhqsLotIcrO%2BVrec2hbvFdUlmG2pCI%2BD3%2FBnRXE%2Bt9X%2FtfJj8miOscfrBI2WYa6Dwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40e8ccb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbed68ee568e74be152402c71cbf26510 38092ae53739e8ee13362c84df108bad734c4b64 26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1b01a1b122bfa7d72b18c0475ba01938 70b127b11d580b3d1b08154fc6adcf5437146141 c1a3bdc0ad051f3a9286d224f270c312a5fdd831662c09736ffa20e3bc7741a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1A3BDC0AD051F3A9286D224F270C312A5FDD831662C09736FFA20E3BC7741A7"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Sun, 23 Oct 2022 00:43:26 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbed68ee568e74be152402c71cbf26510 38092ae53739e8ee13362c84df108bad734c4b64 26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbed68ee568e74be152402c71cbf26510 38092ae53739e8ee13362c84df108bad734c4b64 26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbed68ee568e74be152402c71cbf26510 38092ae53739e8ee13362c84df108bad734c4b64 26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcdaacab30d73a7d05180cc16f4a96a3f 6cc0e39e0decbc20c765f171f63affd85fc9e6da f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 81659
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| skyvid.cyou/js/dnsads.js | 104.21.38.147 | 200 OK | 30 B |
IP104.21.38.147:0
File typeASCII text, with no line terminators Hash1c57f7e83ceae8ee7d8707cf3eb91c2c ca5b7c4bf30cbdb6a4680ee5345d5c68e90d0675 cdf19c04fc4fd1992d9cf69ee0ef7c83d03dfa4f6998f06c8d73611f5a6d1740
GET /js/dnsads.js HTTP/1.1
Host: skyvid.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 30
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=38
etag: "613f5716-26"
expires: Fri, 28 Oct 2022 12:25:06 GMT
last-modified: Mon, 13 Sep 2021 13:50:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 116855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0SdEOFcsGmlZpQyCJTaRBHtGg1QbG5DovSB13p8syjXVashuct3p8g5cxK%2FSgApL%2BrQDwyubnfgxE0BQvc2OW9VA7IYS%2F0kbjbw%2FeHLJpUc8JAyNaKfXhXUiOHhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e41baa0fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6bd5e942443ffd011faf10dc88d92081 beff4ae9e24599addce8a961c955788045c56645 2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8HRcZnP8nrEFWU_vn1olwnkXdvlqUu2_w0YIED9MSXDtO3U2mKO-w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:17:59 GMT
age: 81282
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash26c47e4b0147f8dee3e71a53a8f2830c 381edb4758da428db5ffe884f8fb38bf11044f69 b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 81501
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1ee464d6a426da49571c97060e65a4e8 aef2208c82085b4dc8472ee28bc63b9a8832fe0e 704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 82320
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash616e14aee034bbf77c3b74b3ea53961b ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c 0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 82329
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha361cef05d531426819a2bffd8ab1e47 9c8050ffd0de58005705219ec70b6e4352e35b5e 0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 81156
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1b01a1b122bfa7d72b18c0475ba01938 70b127b11d580b3d1b08154fc6adcf5437146141 c1a3bdc0ad051f3a9286d224f270c312a5fdd831662c09736ffa20e3bc7741a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1A3BDC0AD051F3A9286D224F270C312A5FDD831662C09736FFA20E3BC7741A7"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Sun, 23 Oct 2022 00:43:26 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe9516e45e15df89980ba21b552979d4d 4a25059051016d4e68bf824ef43ba18afabdcd0b 237466a7c87607f231f9454a76ca5ea325513ae11f0c0953980278a0aaa2dee8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237466A7C87607F231F9454A76CA5EA325513AE11F0C0953980278A0AAA2DEE8"
Last-Modified: Thu, 20 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Sat, 22 Oct 2022 23:02:42 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe9516e45e15df89980ba21b552979d4d 4a25059051016d4e68bf824ef43ba18afabdcd0b 237466a7c87607f231f9454a76ca5ea325513ae11f0c0953980278a0aaa2dee8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237466A7C87607F231F9454A76CA5EA325513AE11F0C0953980278A0AAA2DEE8"
Last-Modified: Thu, 20 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3498
Expires: Sat, 22 Oct 2022 21:51:00 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash33eb67b2b029cc925117dd941bfc3eea 3a2e4b55dc4984212f5c2a7800457d493c01a2e7 e2a74a2c7e5da3ce391f6734a863b73bec867b9eeb771f7422e1cdafbd5402bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2A74A2C7E5DA3CE391F6734A863B73BEC867B9EEB771F7422E1CDAFBD5402BF"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Sat, 22 Oct 2022 23:20:55 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB>m=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB>m=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J0QQKPLZPB>m=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cima-club.pics
date: Sat, 22 Oct 2022 20:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| gvadz.click/js/xupload.js | 104.21.47.62 | 200 OK | 24 kB |
URL HTTP/2gvadz.click/js/xupload.js IP104.21.47.62:0
File typeASCII text, with very long lines (466) Hashb7f3df9472685c897d2e7bd6b9f3a405 9ec0bf1cbc4bc8e83dcd40e2b86fd07278fd7be0 5b9699a6a3c1df4d0588365c33825dc255f2b813ac9681ff398d10ccbf85142d
GET /js/xupload.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=10867
etag: W/"610a7d00-2a73"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Wed, 04 Aug 2021 11:41:52 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FsS8ulTCJKL3g8umiJB18HR6M%2BlmSynKdv5N7fLfkPdePehrkHzJskrMBQfCHxwQ6700aShkkbXpQqqYssD8iyJ2kE0Wv9XqlOzt9KlLqbvYURdz6pig3OqQaNi6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40f8d7b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash391a8be38b170910620bde67bc06f5e5 893a57a3ae609a1cf1c44da5fea7159253fe5f52 b4a8230e4ba96c54252d1c3b84eb134fcdae328d3a553e307e8f25c2fbadc37d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B4A8230E4BA96C54252D1C3B84EB134FCDAE328D3A553E307E8F25C2FBADC37D"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13853
Expires: Sun, 23 Oct 2022 00:43:35 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 18.165.196.143 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP18.165.196.143:0
Hash5eccff1b43eac3376d36c8705e6d8a25 4d475a88763bddbabd10269234fcc12d2d47f4fd ff31ad1d1bc708e41ba89cfadb8c78a6f552d9e77f075158817d7dbb9089cbe0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147225
Date: Sat, 22 Oct 2022 20:52:42 GMT
Etag: "6353e282-1d7"
Expires: Mon, 24 Oct 2022 13:46:27 GMT
Last-Modified: Sat, 22 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: L5EJ-N-g3uvy2NbDiPE-uIUBPhFE22PexRnDMuBgfbMgdftIFJwVMw==
Age: 4530
|
|
| simplewebanalysis.com/stats | 3.72.195.195 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.72.195.195:0
File typeASCII text, with no line terminators Hashd8506775c0c0db324b17f540afd23644 89447d77f277416ce0ece67c2d51f64c784d2556 5ed18e41f9bcf9a142c205bb40ea1a9b2045f640338aa4f1322a5d233c1079ef
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:42 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gvadz.click
access-control-allow-credentials: true
set-cookie: uid_id2=894fa095-36d3-46b5-893e-2998435cf067:1:1; expires=Tue, 19 Oct 2032 20:52:42 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash391a8be38b170910620bde67bc06f5e5 893a57a3ae609a1cf1c44da5fea7159253fe5f52 b4a8230e4ba96c54252d1c3b84eb134fcdae328d3a553e307e8f25c2fbadc37d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B4A8230E4BA96C54252D1C3B84EB134FCDAE328D3A553E307E8F25C2FBADC37D"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13853
Expires: Sun, 23 Oct 2022 00:43:35 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd7e45d75281f4b96ae91f44b294dc8a6 75102c5ae11d078ea7dbaeb75a5726d99512b06e bddbde3184598680748939c22e966251064cfcd92b9e3acf9110acb2e600473b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDBDE3184598680748939C22E966251064CFCD92B9E3ACF9110ACB2E600473B"
Last-Modified: Fri, 21 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Sat, 22 Oct 2022 22:21:57 GMT
Date: Sat, 22 Oct 2022 20:52:43 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashe082919080a1a229ac3eec9b7b857933 a5847abc620bd00e87afda17746b0a590e0c9464 ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840 | 173.194.222.157 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840 IP173.194.222.157:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://gvadz.click
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 20:52:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: suspendedflesh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 22 Oct 2022 20:52:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashe082919080a1a229ac3eec9b7b857933 a5847abc620bd00e87afda17746b0a590e0c9464 ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| patrik-fereia2182022.skyvids.cyou/i/02/00007/mshpapnfiq6t.jpg | 65.108.136.184 | 200 OK | 20 kB |
URL HTTP/1.1patrik-fereia2182022.skyvids.cyou/i/02/00007/mshpapnfiq6t.jpg IP65.108.136.184:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 604x603, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 720x302, components 3\012- data Hashaf0686109d0a98c691af484614f02a40 6b3773546e6a8f89acf3db76c0dea0d01da4bea6 5d34f9278d6450480d64b8af918e65ed64340889454d7be8f46f8f493da09b2f
GET /i/02/00007/mshpapnfiq6t.jpg HTTP/1.1
Host: patrik-fereia2182022.skyvids.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 20398
Last-Modified: Mon, 22 Aug 2022 11:13:41 GMT
Connection: keep-alive
ETag: "630364e5-4fae"
Expires: Sat, 05 Nov 2022 20:52:42 GMT
Cache-Control: max-age=1209600
Accept-Ranges: bytes
|
|
| gvadz.click/embed-mshpapnfiq6t.html | 104.21.47.62 | 200 OK | 0 B |
URL HTTP/2gvadz.click/embed-mshpapnfiq6t.html IP104.21.47.62:0
GET /embed-mshpapnfiq6t.html HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 21 Oct 2022 20:52:41 GMT
set-cookie: lang=1; domain=.gvadz.click; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39RmTiXdhJhdnKGtXBuJIbJetdmP53eFxKeY6JVoSph4v9jixcQ%2FkvaavNXRhhUX35%2BUIeSFA7j%2FfF86pLmUnhncEk9UAQMa3Woo%2Fma3AB9XVBkfWSxVLhsT%2BQmOZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e3f7e49b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 104.21.234.254 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:42 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e7e6249a3d45c3d951a4aa4eb1f7bbfd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 22 Oct 2022 20:52:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMMjYh6sUtfnCGRksh3fQuhjV3tp7Uu1xlKWvMmCTzNQcFXplRCY2oUJZOnEFRZr%2B7XT9%2FaAkJoSEST%2BXRnPp7kwLz96mEfY7YN3jTtsm9i18LN%2FAxBIU1N2DY%2ByC8ZkYSRcY%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e475ddd06e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cima-club.cam/favicon.ico | 104.26.12.236 | 200 OK | 0 B |
URL HTTP/2cima-club.cam/favicon.ico IP104.26.12.236:0
GET /favicon.ico HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: image/x-icon
last-modified: Wed, 27 Dec 2017 11:59:45 GMT
etag: W/"5a438b31-7d26"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq8E%2Fz8k3f4NNVQrVB3omP3xOrfELUQNaN1RqJn5IEELO%2BL23nVzuutxBimRG0Xjpm431pfRNZVzTYomfC6P5Vf%2BNvfREaiIUyxPKf%2BDV6pJXke%2F%2Bcj1Ho6ebUsTT8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e33cd49b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7 | 104.26.12.236 | 200 OK | 0 B |
URL HTTP/2cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7 IP104.26.12.236:0
GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7 HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85?__cf_chl_rt_tk=mp7RpR5b25iWR1uSSedSpWinEZ4bkM7XL6IgpliR6EI-1666471959-0-gaNycGzNCFE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1wnWqy3IvXgMc5nP3gptNW%2F72KFls9Z3l9mCiWZbfg2jHucqWX4aRN6tSRsHUuTrGEObOJmS0fabz93bUMPEHPeHcTY%2Bt%2BmQG1daonCVWVXp6sFhG8huHdtMZfS4yY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e341d93b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 | 104.21.11.154 | 200 OK | 0 B |
URL HTTP/2cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP104.21.11.154:0
GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.cam/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkZzaU9nWHJuN2JTSitENENtVlYwcEE9PSIsInZhbHVlIjoiSk0za1I0NXk0d3I2Nk1XMjNsNnZsMjJReEFXZFFmTzhwNiszTmhPRDY3UTVaeDhRQUpFYmhDanVuOGRUVnB1MyIsIm1hYyI6IjQ3ZGIzMzIzNWQ5MjMwMzMzYzdiNTk2ZDlhN2IzNTg3M2JlZTVjOTdmNmUxNTYwYzM3ZjZkMzc1MmIwZmU4MGUifQ%3D%3D; expires=Sun, 23-Oct-2022 06:52:40 GMT; Max-Age=36000; path=/
cimaclub_session=eyJpdiI6IlFWZjQzd2YrdThVSmZEZVhUeVVaWFE9PSIsInZhbHVlIjoiUFFmQmJtNHYyemlZNEM0NjYzdTZzcnpxXC9LQlNvUndLdHhFOHV1SHVmSkNHOVFDYWtBeTIxOFRERWJFbUxkUVEiLCJtYWMiOiJmY2ZkYjVjNDU2MTA4NjhkZDAxMDE1NWZiNDVlZjBkMmRhNDU2MWVhMmRmMjU4NjgwZmExMWIzZGMxYTU2MjVhIn0%3D; expires=Sun, 23-Oct-2022 06:52:40 GMT; Max-Age=36000; path=/; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjaTjg616wbgf0pULI0SaGXIikwX20Y4uAR7iGXO%2B6PxlaD7XbIJIx7qV0tVhCRJ3VskhqspVcYQYTg6BIuw6E8GC4DkqG8eHdN5EKdYaC9fIf6pUyMxIRDakReGgBBqWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e3b4bea1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gvadz.click/js/jquery.min.js | 104.21.47.62 | 200 OK | 0 B |
URL HTTP/2gvadz.click/js/jquery.min.js IP104.21.47.62:0
GET /js/jquery.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 23:27:20 GMT
etag: W/"603ec9d8-15d9d"
expires: Thu, 27 Oct 2022 22:16:08 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfI9WwePgoKhugPcTd7YlS2%2B4MytHuJn9a74eD7giglsZI8mwkeP%2FyhSw38Z3pjXfqR7ZMBoEESclTMPjEAivgQpzyCapNGzG5WrrGd1vqHoxoA1hJ3Kh732L8DdCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40f8d1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|