Report - cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

Report Overview

Submitted URL
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
172.67.183.11
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-22 20:52:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	3.9 kB	8.7 kB	23.36.76.226
cima-club.cam	unknown	2022-08-25T01:17:33Z	2023-03-10T00:25:18Z	2.2 kB	5.8 kB	104.26.12.236
cdn.rawgit.com	8186	2017-01-30T06:42:07Z	2023-03-09T10:15:39Z	396 B	1.1 kB	194.242.11.186
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	359 B	21 kB	142.250.74.174
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	48 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	1.0 kB	18.165.196.143
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-09T11:23:24Z	371 B	404 B	3.72.195.195
suspendedflesh.com	unknown	2022-10-21T04:49:05Z	2023-01-26T13:04:29Z	428 B	467 B	192.243.59.20
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	18.244.155.28
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.148.190.4
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-09T05:09:04Z	356 B	1.9 kB	104.18.20.226
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.6 kB	9.7 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
skyvid.cyou	unknown	2022-03-02T11:31:47Z	2023-02-27T14:38:52Z	343 B	932 B	104.21.38.147
patrik-fereia2182022.skyvids.cyou	unknown			401 B	21 kB	65.108.136.184
cima-club.one	unknown	2022-10-17T18:37:36Z	2023-02-19T19:44:06Z	1.0 kB	19 kB	172.67.183.11
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	1.2 kB	241 kB	142.250.74.10
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-09T06:49:10Z	393 B	1.2 kB	151.101.85.229
cima-club.pics	unknown	2022-10-21T19:49:04Z	2023-02-21T16:42:48Z	580 B	1.3 kB	104.21.11.154
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	372 B	45 kB	142.250.74.168
gvadz.click	unknown	2022-10-06T23:33:50Z	2023-02-25T19:35:51Z	1.6 kB	79 kB	104.21.47.62
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	61 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	3.3 kB	7.0 kB	142.250.74.35
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	973 B	561 B	216.239.32.36
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-09T11:05:34Z	949 B	86 kB	104.18.10.207
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.4 kB	45 kB	216.58.207.195
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	585 B	703 B	173.194.222.157
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-10T08:01:44Z	344 B	964 B	104.21.234.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	suspendedflesh.com	Sinkholed

JavaScript (31)

	URL	Size	First Seen	Last Seen
	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	378 B	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 4cb6e7074e4a15af418526a9e95710a7 93b2f5dfc1d925540a5b6e72ca7d2c89af9d8576 4b0950b9ead3c61e57587d6917015fe616d8bdcf723671ad057b18d369a37034 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	skyvid.cyou/js/dnsads.js	30 B	2023-03-07	2024-04-23
Pretty URL skyvid.cyou/js/dnsads.js IP 104.21.38.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-04-23 21:54:55 Times Seen208 Hash 1c57f7e83ceae8ee7d8707cf3eb91c2c ca5b7c4bf30cbdb6a4680ee5345d5c68e90d0675 cdf19c04fc4fd1992d9cf69ee0ef7c83d03dfa4f6998f06c8d73611f5a6d1740 Loading...

	gvadz.click/embed-mshpapnfiq6t.html	1.8 kB	2023-03-10	2023-03-10
Pretty URL gvadz.click/embed-mshpapnfiq6t.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 93734d852bde36ec403ed6d34e836be4 125f87a71f6d95abb841ef929715b041a43c8e55 f59f2c0417703b352b791021c909d331c917b3ce4050bd5b69121004f600be51 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	923 B	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:39:56 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 15a6e54ec89b010a7b22e236ab85b8d1 b38fe585545d92e29e97055047dd48c58f4aecdb 759fd4e409891f9455322f572d14e0bf2ec6d47e3af96867d1aac161a656b04b Loading...

	www.googletagmanager.com/gtag/js?id=G-J0QQKPLZPB&l=dataLayer&cx=c	216 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-J0QQKPLZPB&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 5f876231a94cab91400017bb45260a51 7205d662355b60d5b8741e4f392c5c3a66bb87a2 372d699f5c46e6fbe8f8be6a6217591f7da08a220a77497e591a09a92f34cf2f Loading...

	gvadz.click/embed-mshpapnfiq6t.html	152 B	2023-03-10	2023-03-10
Pretty URL gvadz.click/embed-mshpapnfiq6t.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 249b7c7435de4186fea758c59c7d5aff 992e220c18edd893eead4969c86b61d989753ce6 6fc356020d710a7f8232a1d28003a351b24fac389671692dd282891b01b6b85d Loading...

	marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js	59 kB	2023-03-10	2023-03-10
Pretty URL marinegruffexpecting.com/d3/18/fa/d318fa08f9d0af3f53ed4dad0b4564e8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash a4aa4042d2c70581a0942017abe2370a 0cfe604a3f6244e6c284918bbcd7a98d5b464b8b 0e44bed4348c84c41ac7ba488bde9eb376c0a073c39d970802553a0516cf4c9b Loading...

	cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7	63 kB	2023-03-10	2023-03-10
Pretty URL cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 48bf301bfa9a995cae94e3e0fef4bcce f09732da762857bd4a504dc3d47528336858ef84 c8d52e45688b3ddd6754cd0e99cf116daae317cace0b42b95d76df136fc018c6 Loading...

	cima-club.pics/themes/CimaClub/js/pusher.min.js?v=1.1.7	62 kB	2023-03-07	2023-11-17
Pretty URL cima-club.pics/themes/CimaClub/js/pusher.min.js?v=1.1.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:41 Times Seen79 Hash ddef184b18bce04e19c5701fb3334ebd 8dd020f03a0e9eb28d7babfb78ef6c8113ed223f ce1bd1df2dd32d3ad07cd5776fd9bd3deb3681b4cc4755be8ff32c13d5fe1569 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	157 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:40 Times Seen42 Hash e43fb1125f506ed60746b6c113f30278 21beef3b222ef281dafcd843f1c478bd74edba61 814167bdd05519757e8bbbca40f425b0785312206d271ae49e9f0bab8f3ed0f0 Loading...

	gvadz.click/player_clappr/clappr.min.js	525 kB	2023-03-07	2024-04-23
Pretty URL gvadz.click/player_clappr/clappr.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-04-23 22:26:53 Times Seen576 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	www.googletagmanager.com/gtag/js?id=UA-74510604-1	111 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-74510604-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 2031ff34a186efcad380d14576d5f053 35e682c6690381f634f7a104afd9fb15e94b2cb4 21983431baee4119ff51411af23a328fff2071898013c7adf2d170060630af43 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	1.0 kB	2023-03-10	2023-03-10
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash 0c1bfaddd0cc0a1507e4328771f3e6e4 8f50f15615e0d1d341c83454028d671d49c66613 93636e8369e97af05537e078eede5dfafad824b839b5fc3a2a4dcaf01cf78320 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	218 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2023-11-17 18:46:40 Times Seen38 Hash e617d950d83cb7a312b714f359461914 e71866431339ad9357158ad2362ae0b22d15602c c00f4d4acc26499f5d3e4fb49593de3313439f9231856263591f3caca99fd68b Loading...

	cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7	912 B	2023-03-07	2024-02-25
Pretty URL cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2024-02-25 04:02:19 Times Seen16 Hash b3dd33db12b77a70fdfc3901894d65dd e5c388dea3ca196fc956f07269fd87fa8a5d6259 f1240c5e81a12bb4e90be775a237f76c9e54f0e9251cf4dede4621911bb23927 Loading...

	gvadz.click/js/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL gvadz.click/js/jquery.min.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-24 13:09:56 Times Seen260935 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	gvadz.click/player_clappr/clappr-chromecast-plugin.min.js	25 kB	2023-03-07	2024-04-24
Pretty URL gvadz.click/player_clappr/clappr-chromecast-plugin.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-24 05:50:38 Times Seen316 Hash e5d13c4d7c790f7dfa01d86cd6c2419b 0d5e7500ba0cea98d5fc014918d7cd1a48b5a668 1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90 Loading...

	gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js	32 kB	2023-03-07	2023-11-14
Pretty URL gvadz.click/player_clappr/clappr-playback-rate-plugin.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:18:53 Last Seen2023-11-14 00:47:29 Times Seen18 Hash 4c1b58eb768ca90be652a0cbc41b2264 b3b0169c7522bef0e229c96d8bc88cee8bc0758e a1cfb33d7031f6ba4f5e5c5950157fb7e1206ff372f43344c75d0ed48881c2f9 Loading...

	gvadz.click/embed-mshpapnfiq6t.html	22 B	2023-03-07	2024-04-23
Pretty URL gvadz.click/embed-mshpapnfiq6t.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-23 21:54:52 Times Seen238 Hash 6052027f8899a6bfe3148fb3b49c2e5d 0c623518c7ab0d4725e6808c76798123779d6372 442c8e7468ce2fb1deae90be815308271b69df058481e94135a669b7a6134500 Loading...

	gvadz.click/embed-mshpapnfiq6t.html	208 B	2023-03-07	2023-11-17
Pretty URL gvadz.click/embed-mshpapnfiq6t.html IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2023-11-17 18:46:40 Times Seen18 Hash ac9d259dc68e257c8be17996970eed33 295747e4c9fa36b3890333337d51e01fcf1fd029 59340cb76a70a270032d034733beeef0e5e6cb0f36c1e574d306e5d5ef200790 Loading...

	cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	3.3 kB	2023-03-10	2023-03-10
Pretty URL cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash bcd9a39a7f8edf0805c0faca583f19e6 5056d862f3f5c248ea713b59a8245e24be93d1c9 c571a367c5343c77bce1e67ffc030094bc97f445edc09420bf40a011f9a42ba4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-174083888-1	114 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-174083888-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash af7210c81b1d41f410e2cdfe2f1f61ba 9e258fb8776cb422a4b4b331464b6f0d5b3cebd4 6690d5b9695c7b6158ee5cac6a6ba09f2fbfc42e9117ac1fa7e9f7d490efba67 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	155 B	2023-03-07	2023-11-17
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2023-11-17 18:46:40 Times Seen38 Hash 6897055a2e11901f9cecdb136f9a08c6 52e4b9691e2fb8a85c29c6a5c50dd77016f3f64c d732616e065bd7c2fe648b5e1ff8dc61e544f203a88b10d2d39121717fa44844 Loading...

	cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85	21 B	2023-03-07	2024-04-02
Pretty URL cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 IP 104.21.11.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:30 Last Seen2024-04-02 09:37:41 Times Seen71 Hash caa8c05baf500ec297cb1352469cd469 66e9ea1d9cf60ef075d3d2205519b8260873a0bd b2da0e6cfe1d9aaa7375529d7ab56a39eecfc39b2a13bc90048590e17e3e4600 Loading...

	gvadz.click/js/jquery.cookie.js	990 B	2023-03-07	2024-04-23
Pretty URL gvadz.click/js/jquery.cookie.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-04-23 21:54:51 Times Seen154 Hash 532e8df5fdcf8bb2ac1a2cf408a9599d 0b8de3b1b4e1167693c51f461c8dc3c733602d52 39c8dcfca47db5df9169e58c7411bc8ffcc668d19686824c378a9b14351f04c8 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 13:35:12 Times Seen37039222 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cima-club.pics/themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7	87 kB	2023-03-07	2024-04-24
Pretty URL cima-club.pics/themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-24 02:57:40 Times Seen12143 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	gvadz.click/js/xupload.js	8.2 kB	2023-03-07	2024-04-07
Pretty URL gvadz.click/js/xupload.js IP 104.21.47.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:37 Last Seen2024-04-07 00:26:43 Times Seen28 Hash 9671a9989a3249273207e940194f2601 f78b042cfe4274cd112758224de6b52969dbae10 7172ac4bf4f6c126432d15b5662147e34a19a2c973b242b65c91b4265d9076a2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#2 Eval - a17498fd67d98e2b9a85547acda4ee20	481 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 13:24:36 Last Seen2023-03-10 13:24:36 Times Seen1 Hash a17498fd67d98e2b9a85547acda4ee20 92f19e22080bc099a3e19a36b5b5a3fb0c7458d3 883935965dcb261360042975c1fb7427d4d2168362d8ab1a4c4962a12f787b35 Loading...

HTTP Transactions (79)

URL IP Response Size

cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

172.67.183.11

301 Moved Permanently

0 B

URL HTTP/1.1
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
172.67.183.11:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 20:52:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 21:52:38 GMT
Location: https://cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xniwCbjx3gdtFYa259XeS5GXEIbaQmYZt26vOSGEztWLOejsrQHcY5Mu1MGywwNGmTO8bAl7bAjjoJChXNurBrTS%2BzRU06obXPqNvHkCvueKCxFqKmzBMQ2ybpIDwQLg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e51e2f7ddafabc-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5426
Expires: Sat, 22 Oct 2022 22:23:05 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7215
Expires: Sat, 22 Oct 2022 22:52:54 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.244.155.28

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.244.155.28:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 20:26:27 GMT
Expires: Sat, 22 Oct 2022 20:37:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 69bb5fd1ce23244553740f7d64d6366a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: C6O4vxRgTx2wu84Lo0UeXnpQg7h7ERzxt-l8Mv707rzlIOU-kyhUFw==
Age: 1572

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xPB2ma30zAR33EdXg2sojNlvCY499GLzelp1+fVEFSFBzW2MCaK50CwGMvZETudBGsAo3v3IhCEo0Eq9R2dy+A==
x-amz-request-id: YR81DPGG23EJWPRG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 20:37:42 GMT
age: 897
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
ab96cf79b8260e25501804eec2cfa85a
1b0e1bdfc231a77a717739412bad01824ff9ebe6
4575496b5e05d94830bb5028d31b26643e663a2d56648c0854f0e6da1f98efd5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4575496B5E05D94830BB5028D31B26643E663A2D56648C0854F0E6DA1F98EFD5"
Last-Modified: Sat, 22 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11261
Expires: Sun, 23 Oct 2022 00:00:20 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
ab96cf79b8260e25501804eec2cfa85a
1b0e1bdfc231a77a717739412bad01824ff9ebe6
4575496b5e05d94830bb5028d31b26643e663a2d56648c0854f0e6da1f98efd5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4575496B5E05D94830BB5028D31B26643E663A2D56648C0854F0E6DA1F98EFD5"
Last-Modified: Sat, 22 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11261
Expires: Sun, 23 Oct 2022 00:00:20 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
ded4138af15b34b26b4ea7a18870194f
972bce13dd1a07f2fbc014bfa94b44c526028488
9cfb4cd9ef129769e35bb2e91d7ac097eaad632cc873dae5b77ddac31b2ec614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9CFB4CD9EF129769E35BB2E91D7AC097EAAD632CC873DAE5B77DDAC31B2EC614"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8954
Expires: Sat, 22 Oct 2022 23:21:53 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
ded4138af15b34b26b4ea7a18870194f
972bce13dd1a07f2fbc014bfa94b44c526028488
9cfb4cd9ef129769e35bb2e91d7ac097eaad632cc873dae5b77ddac31b2ec614

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9CFB4CD9EF129769E35BB2E91D7AC097EAAD632CC873DAE5B77DDAC31B2EC614"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8954
Expires: Sat, 22 Oct 2022 23:21:53 GMT
Date: Sat, 22 Oct 2022 20:52:39 GMT
Connection: keep-alive

cima-club.cam/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7

104.26.12.236

200 OK

42 B

URL HTTP/2
cima-club.cam/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=75e51e322b3eb4f7 HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 18 Oct 2022 15:26:27 GMT
etag: "634ec5a3-2a"
server: cloudflare
cf-ray: 75e51e341d90b4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 22 Oct 2022 22:52:39 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.244.155.28

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.244.155.28:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 20:03:53 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 20:26:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dc5ba6653148afa9504262089bb395dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: fXaxz_9Crv6PE0Rf_lr51Jo-O0srDEDKJF1VI44ucEfFcsVz68zyJA==
Age: 2930

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3023
Cache-Control: max-age=129867
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:40 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:57:07 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.190.4

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.190.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vMGWtH88hPqd/iLaWw6qwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mTa01dSnb89yARwhQLWNt/4FCzE=

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e5037c7287e8f6c6569102e2dfd166c8
e3ef55836da1024eb394ed1812df7b508e3f0397
7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 22 Oct 2022 21:36:42 GMT
Date: Sat, 22 Oct 2022 20:52:40 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e5037c7287e8f6c6569102e2dfd166c8
e3ef55836da1024eb394ed1812df7b508e3f0397
7f8ee13cefb30e18beadc7ba986c17413a48dac4aabfdbaf5d5fdb2935fa1bbf

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7F8EE13CEFB30E18BEADC7BA986C17413A48DAC4AABFDBAF5D5FDB2935FA1BBF"
Last-Modified: Thu, 20 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 22 Oct 2022 21:36:42 GMT
Date: Sat, 22 Oct 2022 20:52:40 GMT
Connection: keep-alive

cima-club.cam/cdn-cgi/styles/challenges.css

104.26.12.236

200 OK

3.7 kB

URL HTTP/2
cima-club.cam/cdn-cgi/styles/challenges.css
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.7 kB (3659 bytes)
Hash
a3e8aaea5ce99ae703c991a1ce2744ad
7be01149ba10485eea692cd3ebeb75f41dc9b9d6
137d9c6b0da95d370aef5361e8da568909bd2b617b64cde2f044a21044e968b7

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 15:26:27 GMT
etag: W/"634ec5a3-1896"
server: cloudflare
cf-ray: 75e51e33cd47b4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 22 Oct 2022 22:52:39 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

47 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
47 kB (46720 bytes)
Hash
2143ac7bcf15479c96249f4fc752892f
c0010f7c50f41c9269658881d75ca0dadf9e4f07
69bf66e37788e50ab52a33cef8737fad490216b42bf10ee0c8fd98f7cd654fb8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: max-age=124177
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Etag: "6353872f-116"
Expires: Mon, 24 Oct 2022 07:22:18 GMT
Last-Modified: Sat, 22 Oct 2022 06:01:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.76.226

200 OK

472 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
472 B (472 bytes)
Hash
05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64F04C3CD458416DCAE7B6CED5F47EF5852D4F1FCE89D8A5C237EAFF263C9DAB"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7336
Expires: Sat, 22 Oct 2022 22:54:57 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
59aa1abd670a767d7a5e44fcc16d1b8c
cc0462d6b28b5526c94f87b70da19e6b7ead6206
08de6f45fabe97e2667da1e26532d2764a07b840178ac14be26cc981f0aa53db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: max-age=124177
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Etag: "6353872f-116"
Expires: Mon, 24 Oct 2022 07:22:18 GMT
Last-Modified: Sat, 22 Oct 2022 06:01:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

7.4 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
7.4 kB (7449 bytes)
Hash
b17838cab5834aebca6018e15e284734
8e19358cca7f05c813071a8897e26806ee629c2b
a60362d9a2eb5d4564727aa44b3c8245b062c44bb13d6a839b6da6ac5d14a890

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4f7ed69392ae801e60d1feb061dea261
cdn-cache: HIT
cf-cache-status: HIT
age: 193335
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75e51e3d0adcb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-174083888-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-174083888-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
45 kB (44626 bytes)
Hash
4ddcccd7748c1d3ff6a6231983660269
b9ac1ee7178dbc642e33d55742d06a0d7f1bdf2a
0ae1956c2506dca050a85f234716f6fae0d6950152e47b3eb686da72a7c39229

HTTP Headers

GET /gtag/js?id=UA-174083888-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 22 Oct 2022 20:52:41 GMT
expires: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7

194.242.11.186

301 Moved Permanently

113 B

URL HTTP/2
cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
e33d1c21496843349c928437d8678e87
329312ddae6e7a41dfdbac4c2bec5b12e064ca60
69534e7cdbdcafaabb5d69439c71adaf2d98061eed7d21db1345d58235b855ab

HTTP Headers

GET /admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7 HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/plain; charset=utf-8
content-length: 113
location: https://cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js
server: BunnyCDN-NO-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 53146
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 10/22/2022 20:52:41
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19144-FRA, cache-chi-kigq8000162-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: bef12650d7a6bba5bb2587422e180c28
cdn-cache: EXPIRED
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Righteous&display=swap

142.250.74.10

200 OK

221 kB

URL HTTP/2
fonts.googleapis.com/css?family=Righteous&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
221 kB (221356 bytes)
Hash
ce56b5a7e1288d47b9d537efce43a73b
6b010d86d37bb7f13bd533b11d5bce4862b3ce69
424e5d60ddf8d6962b2f8116e209c88846c8dc7a6345fac214255311abfa5c8f

HTTP Headers

GET /css?family=Righteous&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic

142.250.74.10

200 OK

8.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
8.0 kB (7995 bytes)
Hash
1766173c4f47480024790567e8748630
d3d38c5808e0113694a6b2625cc5669ba7e919c2
4ec576ac305b5acaae672f5928a943134ac79ab74baa8e773dd173f354e90d8c

HTTP Headers

GET /css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b994a7b39cdd76397c9735498b6c7aea
cdn-cache: HIT
cf-cache-status: HIT
age: 193092
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75e51e3e9d4ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22056, version 1.0\012- data
Size
22 kB (22056 bytes)
Hash
6837d478d967d755114a1e1cd66da217
26095c8e77890874b47ee5e897627c51776afaa7
d830e0afba0d363cc75a59792bab42fb2420073c59623135a291a25c10493bee

HTTP Headers

GET /s/changa/v20/2-cm9JNi2YuVOUckZpy-.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 05:18:36 GMT
expires: Sun, 22 Oct 2023 05:18:36 GMT
cache-control: public, max-age=31536000
age: 56045
last-modified: Fri, 24 Jun 2022 18:40:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

172.67.183.11

301 Moved Permanently

18 kB

URL HTTP/2
cima-club.one/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
172.67.183.11:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
18 kB (17799 bytes)
Hash
2c7012fa24596ce94b2e2d93ea45b3de
83e6c5a64223f77990bc99aee8457ced96375043
4bf2b94d668765ded5c679c7dd93c89866a55609af677144be2e15b149d911a7

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: text/html
location: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K15iWYbGsVf6%2Fn0Z%2BQbSHRSG3ldTT8JFKDILAm%2B%2BFzbM%2BsnYsUtWL4K8Sd0Od%2ByKktNwDtFC9mtwhBsC0XWafWjbGuX1HnxNAE3ZUnQQcTmEFTU%2Btvbp1iIsFDfMg04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e318f971bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.195

200 OK

9.9 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9900, version 1.0\012- data
Size
9.9 kB (9900 bytes)
Hash
7256be46335261573e1ab1dc7f6539f0
abeac1b7890a903ac951c522bc9b3039ec6fa1f8
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 20:03:26 GMT
expires: Thu, 19 Oct 2023 20:03:26 GMT
cache-control: public, max-age=31536000
age: 262155
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.195

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10584, version 1.0\012- data
Size
11 kB (10584 bytes)
Hash
316fa1995ea53f41426fa3a7f3b2df39
0bda75704bc7d985f7b934b74f433c53299e06b2
00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9

HTTP Headers

GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 00:34:42 GMT
expires: Fri, 20 Oct 2023 00:34:42 GMT
cache-control: public, max-age=31536000
age: 245879
last-modified: Wed, 27 Apr 2022 16:02:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

142.250.74.10

200 OK

9.4 kB

URL HTTP/2
fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
9.4 kB (9380 bytes)
Hash
df850e47ffb4602880fe451ac7af461f
a38a385b3b960f10619afc2e5b7145f4085b1ba0
fe215722edfe78a5ae50adf4ccc3def53934dfd3754f0bd12fdc921bef33c4e5

HTTP Headers

GET /css?family=Tajawal:500,800&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 20:52:41 GMT
date: Sat, 22 Oct 2022 20:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
4c015e4618d61543586db8847f00d457
6329a0d632c7051b050373efcff01e75a1dd8abd
b0f72ef2b0aa17c40739a836338d6222f72921e5b832ba23ea4c402d211206e3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B0F72EF2B0AA17C40739A836338D6222F72921E5B832BA23EA4C402D211206E3"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11981
Expires: Sun, 23 Oct 2022 00:12:22 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js

151.101.85.229

200 OK

437 B

URL HTTP/2
cdn.jsdelivr.net/gh/admsev/jquery-play-sound@master/jquery.playSound.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
437 B (437 bytes)
Hash
4361936cf4c73b5a0c339b4be6ab6d3d
9695e1df7a7b0e8903d8f208f00d4056e10a4a4d
d31acb89066775afec071ee65c05ae0649d544ba0b4c93e5300fbf9c1adbcf16

HTTP Headers

GET /gh/admsev/jquery-play-sound@master/jquery.playSound.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.pics/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"390-5cOI3qPKGW/JVvByaf2H+opdYlk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 20:52:41 GMT
age: 35921
x-served-by: cache-fra19145-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
74108e4c85b640c5473fa4934b499363
c18473188ff691b691ef8c2d9956a3d5383d1495
045d119543c06e7037bc703b1eda111cce983dbef71a289e5bb5eaca454e4c7b

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:52:41 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8F7B3AB0A99971E74CEF5D153B46236A2581A3DA"
Expires: Sun, 23 Oct 2022 08:00:00 GMT
Last-Modified: Sat, 22 Oct 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1148
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e51e3fbc5cb50c-OSL

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 22 Oct 2022 20:41:09 GMT
expires: Sat, 22 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 692
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
4c015e4618d61543586db8847f00d457
6329a0d632c7051b050373efcff01e75a1dd8abd
b0f72ef2b0aa17c40739a836338d6222f72921e5b832ba23ea4c402d211206e3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B0F72EF2B0AA17C40739A836338D6222F72921E5B832BA23EA4C402D211206E3"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11981
Expires: Sun, 23 Oct 2022 00:12:22 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

gvadz.click/css/main.css

104.21.47.62

200 OK

52 kB

URL HTTP/2
gvadz.click/css/main.css
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (39081), with no line terminators
Size
52 kB (52134 bytes)
Hash
cb8a321e905562da0fa30d0427c3a961
abc4dc33af2ed64ca82a5e25c50ad65076802417
cc4c64f9620ce0af703cfdb7ae1a986c5938918f790c8f92c9961d8c3de613e1

HTTP Headers

GET /css/main.css HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/css
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=49270
etag: W/"615bff04-c076"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Tue, 05 Oct 2021 07:30:12 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTrV3dEClqrg4YMAYt4GursNbewk%2FebB4WE%2FL0P7vvkyAZwv%2Fx023KOWLoWnhhqsLotIcrO%2BVrec2hbvFdUlmG2pCI%2BD3%2FBnRXE%2Bt9X%2FtfJj8miOscfrBI2WYa6Dwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40e8ccb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
1b01a1b122bfa7d72b18c0475ba01938
70b127b11d580b3d1b08154fc6adcf5437146141
c1a3bdc0ad051f3a9286d224f270c312a5fdd831662c09736ffa20e3bc7741a7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1A3BDC0AD051F3A9286D224F270C312A5FDD831662C09736FFA20E3BC7741A7"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Sun, 23 Oct 2022 00:43:26 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8774
Expires: Sat, 22 Oct 2022 23:18:55 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10720 bytes)
Hash
cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 81659
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

skyvid.cyou/js/dnsads.js

104.21.38.147

200 OK

30 B

URL HTTP/2
skyvid.cyou/js/dnsads.js
IP
104.21.38.147:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
1c57f7e83ceae8ee7d8707cf3eb91c2c
ca5b7c4bf30cbdb6a4680ee5345d5c68e90d0675
cdf19c04fc4fd1992d9cf69ee0ef7c83d03dfa4f6998f06c8d73611f5a6d1740

HTTP Headers

GET /js/dnsads.js HTTP/1.1
Host: skyvid.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 30
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=38
etag: "613f5716-26"
expires: Fri, 28 Oct 2022 12:25:06 GMT
last-modified: Mon, 13 Sep 2021 13:50:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 116855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0SdEOFcsGmlZpQyCJTaRBHtGg1QbG5DovSB13p8syjXVashuct3p8g5cxK%2FSgApL%2BrQDwyubnfgxE0BQvc2OW9VA7IYS%2F0kbjbw%2FeHLJpUc8JAyNaKfXhXUiOHhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e41baa0fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10973 bytes)
Hash
6bd5e942443ffd011faf10dc88d92081
beff4ae9e24599addce8a961c955788045c56645
2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8HRcZnP8nrEFWU_vn1olwnkXdvlqUu2_w0YIED9MSXDtO3U2mKO-w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:17:59 GMT
age: 81282
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11151 bytes)
Hash
26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 81501
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5517 bytes)
Hash
1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 82320
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7372 bytes)
Hash
616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 82329
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8856 bytes)
Hash
a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 81156
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
1b01a1b122bfa7d72b18c0475ba01938
70b127b11d580b3d1b08154fc6adcf5437146141
c1a3bdc0ad051f3a9286d224f270c312a5fdd831662c09736ffa20e3bc7741a7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C1A3BDC0AD051F3A9286D224F270C312A5FDD831662C09736FFA20E3BC7741A7"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Sun, 23 Oct 2022 00:43:26 GMT
Date: Sat, 22 Oct 2022 20:52:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e9516e45e15df89980ba21b552979d4d
4a25059051016d4e68bf824ef43ba18afabdcd0b
237466a7c87607f231f9454a76ca5ea325513ae11f0c0953980278a0aaa2dee8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237466A7C87607F231F9454A76CA5EA325513AE11F0C0953980278A0AAA2DEE8"
Last-Modified: Thu, 20 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Sat, 22 Oct 2022 23:02:42 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e9516e45e15df89980ba21b552979d4d
4a25059051016d4e68bf824ef43ba18afabdcd0b
237466a7c87607f231f9454a76ca5ea325513ae11f0c0953980278a0aaa2dee8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237466A7C87607F231F9454A76CA5EA325513AE11F0C0953980278A0AAA2DEE8"
Last-Modified: Thu, 20 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3498
Expires: Sat, 22 Oct 2022 21:51:00 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
33eb67b2b029cc925117dd941bfc3eea
3a2e4b55dc4984212f5c2a7800457d493c01a2e7
e2a74a2c7e5da3ce391f6734a863b73bec867b9eeb771f7422e1cdafbd5402bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2A74A2C7E5DA3CE391F6734A863B73BEC867B9EEB771F7422E1CDAFBD5402BF"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Sat, 22 Oct 2022 23:20:55 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-J0QQKPLZPB&gtm=2oeaj0&_p=1630494648&cid=1146903360.1666471977&ul=en-us&sr=1280x1024&_s=1&sid=1666471976&sct=1&seg=0&dl=https%3A%2F%2Fcima-club.pics%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-captain-america-civil-war-2016-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585&dr=https%3A%2F%2Fcima-club.cam%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%81%D9%8A%D9%84%D9%85%20Captain%20America%3A%20Civil%20War%202016%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cima-club.pics
Connection: keep-alive
Referer: https://cima-club.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cima-club.pics
date: Sat, 22 Oct 2022 20:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gvadz.click/js/xupload.js

104.21.47.62

200 OK

24 kB

URL HTTP/2
gvadz.click/js/xupload.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (466)
Size
24 kB (23623 bytes)
Hash
b7f3df9472685c897d2e7bd6b9f3a405
9ec0bf1cbc4bc8e83dcd40e2b86fd07278fd7be0
5b9699a6a3c1df4d0588365c33825dc255f2b813ac9681ff398d10ccbf85142d

HTTP Headers

GET /js/xupload.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=10867
etag: W/"610a7d00-2a73"
expires: Thu, 27 Oct 2022 22:16:08 GMT
last-modified: Wed, 04 Aug 2021 11:41:52 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FsS8ulTCJKL3g8umiJB18HR6M%2BlmSynKdv5N7fLfkPdePehrkHzJskrMBQfCHxwQ6700aShkkbXpQqqYssD8iyJ2kE0Wv9XqlOzt9KlLqbvYURdz6pig3OqQaNi6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40f8d7b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
391a8be38b170910620bde67bc06f5e5
893a57a3ae609a1cf1c44da5fea7159253fe5f52
b4a8230e4ba96c54252d1c3b84eb134fcdae328d3a553e307e8f25c2fbadc37d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B4A8230E4BA96C54252D1C3B84EB134FCDAE328D3A553E307E8F25C2FBADC37D"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13853
Expires: Sun, 23 Oct 2022 00:43:35 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

18.165.196.143

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
18.165.196.143:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
5eccff1b43eac3376d36c8705e6d8a25
4d475a88763bddbabd10269234fcc12d2d47f4fd
ff31ad1d1bc708e41ba89cfadb8c78a6f552d9e77f075158817d7dbb9089cbe0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147225
Date: Sat, 22 Oct 2022 20:52:42 GMT
Etag: "6353e282-1d7"
Expires: Mon, 24 Oct 2022 13:46:27 GMT
Last-Modified: Sat, 22 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: L5EJ-N-g3uvy2NbDiPE-uIUBPhFE22PexRnDMuBgfbMgdftIFJwVMw==
Age: 4530

simplewebanalysis.com/stats

3.72.195.195

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.72.195.195:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d8506775c0c0db324b17f540afd23644
89447d77f277416ce0ece67c2d51f64c784d2556
5ed18e41f9bcf9a142c205bb40ea1a9b2045f640338aa4f1322a5d233c1079ef

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:42 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gvadz.click
access-control-allow-credentials: true
set-cookie: uid_id2=894fa095-36d3-46b5-893e-2998435cf067:1:1; expires=Tue, 19 Oct 2032 20:52:42 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
391a8be38b170910620bde67bc06f5e5
893a57a3ae609a1cf1c44da5fea7159253fe5f52
b4a8230e4ba96c54252d1c3b84eb134fcdae328d3a553e307e8f25c2fbadc37d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B4A8230E4BA96C54252D1C3B84EB134FCDAE328D3A553E307E8F25C2FBADC37D"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13853
Expires: Sun, 23 Oct 2022 00:43:35 GMT
Date: Sat, 22 Oct 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d7e45d75281f4b96ae91f44b294dc8a6
75102c5ae11d078ea7dbaeb75a5726d99512b06e
bddbde3184598680748939c22e966251064cfcd92b9e3acf9110acb2e600473b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDBDE3184598680748939C22E966251064CFCD92B9E3ACF9110ACB2E600473B"
Last-Modified: Fri, 21 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Sat, 22 Oct 2022 22:21:57 GMT
Date: Sat, 22 Oct 2022 20:52:43 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e082919080a1a229ac3eec9b7b857933
a5847abc620bd00e87afda17746b0a590e0c9464
ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840

173.194.222.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840
IP
173.194.222.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74510604-1&cid=780810781.1666471978&jid=586062421&gjid=523708269&_gid=1961770009.1666471978&_u=YEBAAUAAAAAAACAAIC~&z=1212605840 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gvadz.click
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://gvadz.click
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 20:52:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70

192.243.59.20

200 OK

0 B

URL HTTP/1.1
suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1363&rd=1363&fd=856&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: suspendedflesh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 22 Oct 2022 20:52:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e082919080a1a229ac3eec9b7b857933
a5847abc620bd00e87afda17746b0a590e0c9464
ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

patrik-fereia2182022.skyvids.cyou/i/02/00007/mshpapnfiq6t.jpg

65.108.136.184

200 OK

20 kB

URL HTTP/1.1
patrik-fereia2182022.skyvids.cyou/i/02/00007/mshpapnfiq6t.jpg
IP
65.108.136.184:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 604x603, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 720x302, components 3\012- data
Size
20 kB (20398 bytes)
Hash
af0686109d0a98c691af484614f02a40
6b3773546e6a8f89acf3db76c0dea0d01da4bea6
5d34f9278d6450480d64b8af918e65ed64340889454d7be8f46f8f493da09b2f

HTTP Headers

GET /i/02/00007/mshpapnfiq6t.jpg HTTP/1.1
Host: patrik-fereia2182022.skyvids.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 20398
Last-Modified: Mon, 22 Aug 2022 11:13:41 GMT
Connection: keep-alive
ETag: "630364e5-4fae"
Expires: Sat, 05 Nov 2022 20:52:42 GMT
Cache-Control: max-age=1209600
Accept-Ranges: bytes

gvadz.click/embed-mshpapnfiq6t.html

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/embed-mshpapnfiq6t.html
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed-mshpapnfiq6t.html HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.pics/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 21 Oct 2022 20:52:41 GMT
set-cookie: lang=1; domain=.gvadz.click; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39RmTiXdhJhdnKGtXBuJIbJetdmP53eFxKeY6JVoSph4v9jixcQ%2FkvaavNXRhhUX35%2BUIeSFA7j%2FfF86pLmUnhncEk9UAQMa3Woo%2Fma3AB9XVBkfWSxVLhsT%2BQmOZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e3f7e49b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.234.254

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:42 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e7e6249a3d45c3d951a4aa4eb1f7bbfd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 22 Oct 2022 20:52:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMMjYh6sUtfnCGRksh3fQuhjV3tp7Uu1xlKWvMmCTzNQcFXplRCY2oUJZOnEFRZr%2B7XT9%2FaAkJoSEST%2BXRnPp7kwLz96mEfY7YN3jTtsm9i18LN%2FAxBIU1N2DY%2ByC8ZkYSRcY%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e475ddd06e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.cam/favicon.ico

104.26.12.236

200 OK

0 B

URL HTTP/2
cima-club.cam/favicon.ico
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: image/x-icon
last-modified: Wed, 27 Dec 2017 11:59:45 GMT
etag: W/"5a438b31-7d26"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq8E%2Fz8k3f4NNVQrVB3omP3xOrfELUQNaN1RqJn5IEELO%2BL23nVzuutxBimRG0Xjpm431pfRNZVzTYomfC6P5Vf%2BNvfREaiIUyxPKf%2BDV6pJXke%2F%2Bcj1Ho6ebUsTT8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e33cd49b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7

104.26.12.236

200 OK

0 B

URL HTTP/2
cima-club.cam/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7
IP
104.26.12.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=75e51e322b3eb4f7 HTTP/1.1
Host: cima-club.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cima-club.cam/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85?__cf_chl_rt_tk=mp7RpR5b25iWR1uSSedSpWinEZ4bkM7XL6IgpliR6EI-1666471959-0-gaNycGzNCFE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1wnWqy3IvXgMc5nP3gptNW%2F72KFls9Z3l9mCiWZbfg2jHucqWX4aRN6tSRsHUuTrGEObOJmS0fabz93bUMPEHPeHcTY%2Bt%2BmQG1daonCVWVXp6sFhG8huHdtMZfS4yY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e341d93b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85

104.21.11.154

200 OK

0 B

URL HTTP/2
cima-club.pics/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85
IP
104.21.11.154:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-captain-america-civil-war-2016-%D9%85%D8%AA%D8%B1%D8%AC%D9%85 HTTP/1.1
Host: cima-club.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cima-club.cam/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkZzaU9nWHJuN2JTSitENENtVlYwcEE9PSIsInZhbHVlIjoiSk0za1I0NXk0d3I2Nk1XMjNsNnZsMjJReEFXZFFmTzhwNiszTmhPRDY3UTVaeDhRQUpFYmhDanVuOGRUVnB1MyIsIm1hYyI6IjQ3ZGIzMzIzNWQ5MjMwMzMzYzdiNTk2ZDlhN2IzNTg3M2JlZTVjOTdmNmUxNTYwYzM3ZjZkMzc1MmIwZmU4MGUifQ%3D%3D; expires=Sun, 23-Oct-2022 06:52:40 GMT; Max-Age=36000; path=/
cimaclub_session=eyJpdiI6IlFWZjQzd2YrdThVSmZEZVhUeVVaWFE9PSIsInZhbHVlIjoiUFFmQmJtNHYyemlZNEM0NjYzdTZzcnpxXC9LQlNvUndLdHhFOHV1SHVmSkNHOVFDYWtBeTIxOFRERWJFbUxkUVEiLCJtYWMiOiJmY2ZkYjVjNDU2MTA4NjhkZDAxMDE1NWZiNDVlZjBkMmRhNDU2MWVhMmRmMjU4NjgwZmExMWIzZGMxYTU2MjVhIn0%3D; expires=Sun, 23-Oct-2022 06:52:40 GMT; Max-Age=36000; path=/; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjaTjg616wbgf0pULI0SaGXIikwX20Y4uAR7iGXO%2B6PxlaD7XbIJIx7qV0tVhCRJ3VskhqspVcYQYTg6BIuw6E8GC4DkqG8eHdN5EKdYaC9fIf6pUyMxIRDakReGgBBqWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e51e3b4bea1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gvadz.click/js/jquery.min.js

104.21.47.62

200 OK

0 B

URL HTTP/2
gvadz.click/js/jquery.min.js
IP
104.21.47.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: gvadz.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gvadz.click/embed-mshpapnfiq6t.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:52:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 23:27:20 GMT
etag: W/"603ec9d8-15d9d"
expires: Thu, 27 Oct 2022 22:16:08 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 167793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfI9WwePgoKhugPcTd7YlS2%2B4MytHuJn9a74eD7giglsZI8mwkeP%2FyhSw38Z3pjXfqR7ZMBoEESclTMPjEAivgQpzyCapNGzG5WrrGd1vqHoxoA1hJ3Kh732L8DdCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e51e40f8d1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations