Overview

URL cinefilmeshd.uproxy2.org/
IP104.21.89.215
ASNCLOUDFLARENET
Location
Report completed2022-09-09 15:04:07 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-09 2 cinefilmeshd.uproxy2.org/ Malware
2022-09-09 2 glimtors.net/ntfc.php?p=2651991 Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/app/apx19.js Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/app/x12.js Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/app/apx14.js Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/zpp/zpp4.js?q22q2q2 Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/hy.js?q22q2q2 Malware
2022-09-09 2 inpagepush.com/400/3064505 Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/video.wixstatic.com/video/51a01e_b207016b8cfa42ca8 (...) Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/video.wixstatic.com/video/51a01e_d22d7a840c684bcb9 (...) Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/video.wixstatic.com/video/51a01e_b80e095dde6d4ab9a (...) Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/helper-js/ Malware
2022-09-09 2 glimtors.net/ntfc.php?p=2651991 Malware
2022-09-09 2 cinefilmeshd.uproxy2.org/video.wixstatic.com/video/51a01e_abd93ab6725e4a669 (...) Malware
2022-09-09 2 glimtors.net/custom Malware
2022-09-09 2 glimtors.net/custom Malware
2022-09-09 2 glimtors.net/custom Malware
2022-09-09 2 glimtors.net/pfe/current/defaultSkin.min.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 deemsoil.com Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 rndskittytor.com Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 datatechonert.com Sinkholed
2022-09-09 2 rndskittytor.com Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 unphionetor.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 unphionetor.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 unseenreport.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 siegepolitical.com Sinkholed
2022-09-09 2 rndskittytor.com Sinkholed
2022-09-09 2 glimtors.net Sinkholed
2022-09-09 2 rndskittytor.com Sinkholed


Files

No files detected



Passive DNS (52)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-09 07:16:18 UTC 192.243.59.13 Unknown ranking
mnemonic passive DNS strn.pl (1) 0 2022-05-31 07:19:00 UTC 2022-09-09 13:07:55 UTC 37.19.222.215 Unknown ranking
mnemonic passive DNS use.fontawesome.com (1) 942 2017-01-30 04:43:25 UTC 2022-09-09 04:44:10 UTC 172.67.169.247
mnemonic passive DNS deemsoil.com (1) 0 2022-09-06 10:38:44 UTC 2022-09-08 23:06:25 UTC 192.243.59.13 Unknown ranking
mnemonic passive DNS matomo.hellohi.me (4) 545402 2019-07-03 20:13:04 UTC 2022-09-07 01:57:13 UTC 172.67.219.82
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-09 04:41:01 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS metrica-yandex.com (1) 783336 2021-09-19 04:17:37 UTC 2022-09-07 01:57:25 UTC 104.21.11.244
mnemonic passive DNS s.w.org (1) 748 2017-01-30 04:56:16 UTC 2022-09-09 04:41:06 UTC 192.0.77.48
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-09 09:18:01 UTC 172.67.205.240 Unknown ranking
mnemonic passive DNS mc.yandex.ru (4) 2672 2017-01-29 05:34:36 UTC 2022-09-09 11:52:37 UTC 77.88.21.119
mnemonic passive DNS glimtors.net (10) 168336 2021-04-05 07:54:50 UTC 2022-09-08 16:46:35 UTC 139.45.197.251
mnemonic passive DNS static.arc.io (7) 40777 2021-05-03 10:03:35 UTC 2022-09-09 11:44:46 UTC 194.242.11.186
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-09 09:13:34 UTC 52.28.172.243 Unknown ranking
mnemonic passive DNS image.tmdb.org (1) 17757 2021-01-10 00:13:25 UTC 2022-09-09 11:52:14 UTC 54.230.111.115
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-09 13:17:53 UTC 104.18.32.68
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-09 04:48:21 UTC 34.117.237.239
mnemonic passive DNS arc.io (1) 21731 2021-05-25 15:23:54 UTC 2022-09-09 11:45:13 UTC 54.230.111.25
mnemonic passive DNS browser.sentry-cdn.com (1) 4393 2018-07-13 11:42:06 UTC 2022-09-09 08:21:16 UTC 151.101.130.217
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-09-09 06:38:35 UTC 104.26.6.19
mnemonic passive DNS ecma.sidebyz.com (1) 775739 2021-06-12 20:50:40 UTC 2022-09-07 01:57:12 UTC 172.67.167.53
mnemonic passive DNS core.arc.io (1) 60825 2021-04-26 21:08:13 UTC 2022-09-09 11:44:46 UTC 194.242.11.186
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-09-09 05:37:59 UTC 143.204.55.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-09 04:47:11 UTC 143.204.55.49
mnemonic passive DNS interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-09-09 13:17:49 UTC 139.45.197.151
mnemonic passive DNS siegepolitical.com (7) 0 2022-09-03 20:27:50 UTC 2022-09-09 11:01:56 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws (1) 0 2022-07-22 00:55:39 UTC 2022-09-09 14:33:13 UTC 52.32.96.104 Unknown ranking
mnemonic passive DNS inpagepush.com (3) 78279 2019-12-03 20:32:41 UTC 2022-09-09 09:07:16 UTC 139.45.197.237
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-09 04:40:00 UTC 104.17.25.14
mnemonic passive DNS fonts.googleapis.com (3) 8877 2014-07-21 13:19:55 UTC 2022-09-09 09:00:59 UTC 142.250.74.10
mnemonic passive DNS warden.arc.io (3) 36855 2019-12-05 11:59:40 UTC 2022-09-09 11:44:53 UTC 18.223.141.84
mnemonic passive DNS rndskittytor.com (4) 31865 2021-08-10 13:00:55 UTC 2022-09-09 11:05:10 UTC 139.45.197.238
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-09 08:21:42 UTC 104.21.234.232 Unknown ranking
mnemonic passive DNS cdn.itskiddoan.club (2) 24539 2021-09-23 10:55:49 UTC 2022-09-09 07:11:32 UTC 139.45.197.236
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-09-09 04:40:05 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-09 04:41:59 UTC 142.250.74.3
mnemonic passive DNS i.imgur.com (3) 5110 2012-05-21 08:09:36 UTC 2022-09-09 06:49:14 UTC 151.101.84.193
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-09 12:02:18 UTC 93.184.220.29
mnemonic passive DNS xilften.club (10) 0 2022-05-11 15:28:03 UTC 2022-08-08 05:46:04 UTC 104.21.89.81 Unknown ranking
mnemonic passive DNS dozubatan.com (6) 33479 2021-05-18 14:02:27 UTC 2022-09-09 11:57:08 UTC 139.45.197.237
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-09 07:17:23 UTC 139.45.195.8
mnemonic passive DNS datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-09-09 05:02:32 UTC 139.45.195.253
mnemonic passive DNS cdn.sb4you1.com (4) 22321 2021-09-16 11:26:58 UTC 2022-09-09 06:38:36 UTC 172.67.183.56
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-09 04:40:26 UTC 104.18.21.226
mnemonic passive DNS unphionetor.com (2) 54035 2022-02-11 12:53:49 UTC 2022-09-09 12:22:25 UTC 139.45.197.236
mnemonic passive DNS stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-09-09 05:20:01 UTC 192.0.76.3
mnemonic passive DNS cinefilmeshd.uproxy2.org (11) 0 2022-08-15 09:52:19 UTC 2022-08-15 09:52:19 UTC 104.21.89.215 Domain (uproxy2.org) ranked at: 491439
mnemonic passive DNS e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-09-09 05:00:04 UTC 23.36.77.32
mnemonic passive DNS toshelmeton.com (7) 0 2022-09-09 02:13:22 UTC 2022-09-09 02:13:22 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-09-09 13:17:48 UTC 104.22.32.172
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-09 07:18:24 UTC 34.120.237.76
mnemonic passive DNS a-waiting.com (1) 0 2022-09-08 13:42:22 UTC 2022-09-08 14:26:31 UTC 104.21.41.138 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 104.21.89.215

Date UQ / IDS / BL URL IP
2022-11-22 22:51:21 +0000
0 - 0 - 3 lovelydream.net/5LhZSjXL?tag=IKUZO%20 104.21.89.215
2022-09-13 01:50:26 +0000
0 - 0 - 1 lovelydream.net/wR21R429 104.21.89.215
2022-09-09 15:04:07 +0000
0 - 0 - 44 cinefilmeshd.uproxy2.org/ 104.21.89.215
2022-09-06 02:15:24 +0000
0 - 0 - 1 lovelydream.net/wR21R429 104.21.89.215

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 08:38:25 +0000
0 - 0 - 25 strange.valleyonly.cfd/index.php?main_page=pr (...) 172.67.164.231
2022-12-04 08:38:24 +0000
0 - 0 - 1 appropriate.valleyonly.cfd/imgcdn.php?pic=aHR (...) 104.21.57.162
2022-12-04 08:38:22 +0000
0 - 0 - 25 appropriate.valleyonly.cfd/index.php?main_pag (...) 172.67.164.231
2022-12-04 08:37:53 +0000
0 - 0 - 1 colonial.valleyonly.cfd/imgcdn.php?pic=aHR0cH (...) 104.21.57.162
2022-12-04 08:34:03 +0000
0 - 0 - 2 e.imilroshoors.com/ 172.67.144.187

Last 1 reports on domain: uproxy2.org

Date UQ / IDS / BL URL IP
2022-09-09 15:04:07 +0000
0 - 0 - 44 cinefilmeshd.uproxy2.org/ 104.21.89.215

No other reports with similar screenshot



JavaScript

Executed Scripts (58)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 51183, repeated: 1) - SHA256: 9bbeb808af6bdbadee307465df0ca1ab7580d2960dcd66fc83dafaee7364b741

                                        < meta charset = "UTF-8" > < meta name = "viewport"
content = "width=device-width, initial-scale=1" > < html class = "desktop left " > < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "robots"
content = "noindex" > < meta name = "viewport"
content = "width=device-width, initial-scale=1.0" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < /head><body><main class="sc"><div class="sc__wrp"><div class="sc__sw"><div class="sc__sw__close"></div > < div class = "sc__sw__icon" > < /div><div class="sc__sw__heading">cinefilmeshd.uproxy2.org wants to</div > < div class = "sc__sw__text sc__sw__text-desktop" > Show notifications < /div><div class="sc__sw__text sc__sw__text-mobile">cinefilmeshd.uproxy2.org wants to send you notifications.</div > < div class = "sc__sw__btn-c" > < button id = "B2"
class = "sc__sw__btn sc__sw__btn--allow" > Allow < /button><button id="B1" class="sc__sw__btn sc__sw__btn--block">Block</button > < /div></div > < /div></main > < style > html {
    line - height: 1.15; - webkit - text - size - adjust: 100 %
}
body {
    margin: 0
}
main {
    display: block
}
h1 {
    font - size: 2e m;
    margin: .67e m 0
}
hr {
    box - sizing: content - box;
    height: 0;
    overflow: visible
}
pre {
    font - family: monospace, monospace;
    font - size: 1e m
}
a {
    background - color: transparent
}
abbr[title] {
    border - bottom: none;
    text - decoration: underline;
    text - decoration: underline dotted
}
b, strong {
    font - weight: bolder
}
code, kbd, samp {
    font - family: monospace, monospace;
    font - size: 1e m
}
small {
    font - size: 80 %
}
sub, sup {
    font - size: 75 % ;
    line - height: 0;
    position: relative;
    vertical - align: baseline
}
sub {
    bottom: -.25e m
}
sup {
    top: -.5e m
}
img {
    border - style: none
}
button, input, optgroup, select, textarea {
    font - family: inherit;
    font - size: 100 % ;
    line - height: 1.15;
    margin: 0
}
button, input {
    overflow: visible
}
button, select {
    text - transform: none
}[type = button], [type = reset], [type = submit], button {
    -webkit - appearance: button
}[type = button]::-moz - focus - inner, [type = reset]::-moz - focus - inner, [type = submit]::-moz - focus - inner, button::-moz - focus - inner {
    border - style: none;
    padding: 0
}[type = button]: -moz - focusring, [type = reset]: -moz - focusring, [type = submit]: -moz - focusring, button: -moz - focusring {
    outline: 1 px dotted ButtonText
}
fieldset {
    padding: .35e m.75e m.625e m
}
legend {
    box - sizing: border - box;
    color: inherit;
    display: table;
    max - width: 100 % ;
    padding: 0;
    white - space: normal
}
progress {
    vertical - align: baseline
}
textarea {
    overflow: auto
}[type = checkbox], [type = radio] {
    box - sizing: border - box;
    padding: 0
}[type = number]::-webkit - inner - spin - button, [type = number]::-webkit - outer - spin - button {
    height: auto
}[type = search] {
    -webkit - appearance: textfield;
    outline - offset: -2 px
}[type = search]::-webkit - search - decoration {
    -webkit - appearance: none
}::-webkit - file - upload - button {
    -webkit - appearance: button;
    font: inherit
}
details {
    display: block
}
summary {
    display: list - item
}[hidden], template {
    display: none
}@
keyframes fadeIn {
    0 % {
        opacity: 0;transform: scale(.9)
    }
    to {
        opacity: 1;transform: scale(1)
    }
}.sc {
    -webkit - touch - callout: none; - webkit - user - select: none; - khtml - user - select: none; - moz - user - select: none; - ms - user - select: none;
    user - select: none;
    display: flex;
    justify - content: center;
    align - items: center
}.sc.rtl {
        direction: rtl
    }.sc__sw {
        width: 100 % ;max - width: 30 rem;font - family: Roboto,
        Segoe UI,
        Helvetica,
        sans - serif;background - color: # fff;border - radius: .3 rem;margin: 1 rem;padding: 1 rem 1.5 rem 4.5 rem;position: relative;box - shadow: 0.5 rem.5 rem rgba(0, 0, 0, .1);animation: fadeIn.4 s ease - in -out
    }.sc__sw__icon {
        height: 1.6 rem;width: 1.6 rem;float: left;background - size: contain;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNDI4NWY2Ii8+PC9zdmc+")
    }.sc__sw__heading {
        display: none
    }.sc__sw__text {
        color: #666;margin-left:2.3rem;margin-top:.2rem}.sc__sw__text-desktop,.sc__sw__text-mobile{display:none}.sc__sw__btn-c{position:absolute;bottom:.2rem;right:.5rem;display:flex;flex-flow:row-reverse}.sc__sw__btn{border:none;padding:1rem;background-color:transparent;color:# 4283e f;font - weight: 400
    }.sc.sc--mobile {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile__sw__text - mobile {
        display: block
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome, .sc.sc--mobile.sc--firefox {
        background - color: rgba(0, 0, 0, .3);
        position: absolute;
        top: 0;
        bottom: 0;
        left: 0;
        right: 0;
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile.sc--android - browser.sc__sw, .sc.sc--mobile.sc--chrome.sc__sw {
        position: absolute;margin: 0;left: 50 % ;top: 50 % ;width: 92 % ;max - width: 520 px;height: auto;padding - left: 3.8 rem;transform: translate(-50 % , -50 % )
    }.sc.sc--mobile.sc--android - browser.sc__sw__text - mobile, .sc.sc--mobile.sc--chrome.sc__sw__text - mobile {
        display: inline;color: #666;margin-left:0;margin-top:.2rem}.sc.sc--mobile.sc--android-browser .sc__sw__icon,.sc.sc--mobile.sc--chrome .sc__sw__icon{position:absolute;float:none;left:1.5rem;top:1rem}.sc.sc--mobile.sc--android-browser .sc__wrp,.sc.sc--mobile.sc--chrome .sc__wrp{position:relative;width:100%;height:100%;box-sizing:border-box}.sc.sc--mobile.sc--android-browser .sc__wrp *,.sc.sc--mobile.sc--chrome .sc__wrp *{box-sizing:border-box}.sc.sc--mobile.sc--firefox{background-color:rgba(0,0,0,.6);align-items:flex-start;margin-top:-16px}.sc.sc--mobile.sc--firefox .sc__sw{font-family:Fira Sans,Roboto,Segoe UI,Helvetica,sans-serif;background-color:# e6e6e6;font - weight: 400;padding - bottom: 4.5 rem;overflow: hidden;max - width: 66.6 % ;margin: 0 auto
    }.sc.sc--mobile.sc--firefox.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;margin - top: .5 rem;background - repeat: no - repeat;background - position: 50 % ;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTMuMjU0IDIuMDk0Yy0xLjE0NyAwLTIuMDcuOTIyLTIuMDcgMi4wNjh2MTEuMzVjMCAxLjE0Ni45MjMgMi4wNjggMi4wNyAyLjA2OGg5LjUzbDMuNzYyIDMuNzYycy41ODguNTY0IDEuMjA3LjU2NGMuNjE4IDAgLjg2Mi0uMzQ2Ljg2Mi0uNTY0VjE3LjU4aDIuMTMxYzEuMTQ3IDAgMi4wNy0uOTIyIDIuMDctMi4wNjlWNC4xNjJhMi4wNjUgMi4wNjUgMCAwIDAtMi4wNy0yLjA2OHptOC43NzcgMi4wNDhBMS40MDggMS40MDggMCAwIDEgMTMuNDQgNS41NWExLjQwOCAxLjQwOCAwIDAgMS0xLjQwOCAxLjQwNyAxLjQwOCAxLjQwOCAwIDAgMS0xLjQwOC0xLjQwNyAxLjQwOCAxLjQwOCAwIDAgMSAxLjQwOC0xLjQwOHptLS4yMTYgNC4yNzhoLjQzMmMuNjYgMCAxLjE5Mi41MzIgMS4xOTIgMS4xOTJ2NC44NjVjMCAuNjYtLjUzMiAxLjE5Mi0xLjE5MiAxLjE5MmgtLjQzMmMtLjY2IDAtMS4xOTItLjUzMi0xLjE5Mi0xLjE5MlY5LjYxMmMwLS42Ni41MzItMS4xOTIgMS4xOTItMS4xOTJ6IiBmaWxsPSIjYTVhNWE1Ii8+PC9zdmc+")
    }.sc.sc--mobile.sc--firefox.sc__sw__text - mobile {
        font - weight: 300;
        display: block;
        margin - left: 3.5 rem;
        margin - top: .5 rem;
        margin - bottom: 1 rem
    }.sc.sc--mobile.sc--firefox.sc__sw__btn - c {
        bottom: 0;left: 0;right: 0
    }.sc.sc--mobile.sc--firefox.sc__sw__btn {
        width: 50 % ;color: #000;font-weight:400}.sc.sc--mobile.sc--firefox .sc__sw__btn--allow{background-color:# 008 bcc;color: # fff
    }.sc.sc--mobile.sc--firefox.sc__sw__btn--block {
        background - color: # d1d0d5
    }.sc.sc--mobile.sc--uc - browser {
        align - items: flex - end;
        height: 100 %
    }.sc.sc--mobile.sc--uc - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px 5 px
    }.sc.sc--mobile.sc--uc - browser.sc__sw {
        box - shadow: 0 0 4 px rgba(0, 0, 0, .2);
        border - radius: 1.5 rem;
        padding - right: 2.5 rem;
        width: auto;
        margin: auto
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after, .sc.sc--mobile.sc--uc - browser.sc__sw: before {
        position: absolute;right: 1.5 rem;top: 1 rem;content: " ";height: .8 rem;width: 1 px;background - color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw: before {
        transform: rotate(45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after {
        transform: rotate(-45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw__text - mobile {
        display: block;font - weight: 700;margin - bottom: .5 rem;margin - left: 3 rem;color: #444;margin-top:.25rem}.sc.sc--mobile.sc--uc-browser .sc__sw__btn-c{flex-flow:row}.sc.sc--mobile.sc--uc-browser .sc__sw__btn--allow{color:# fdb83f
    }.sc.sc--mobile.sc--uc - browser.sc__sw__btn--block {
        font - weight: 400;
        color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;background - repeat: no - repeat;background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAABQCAIAAADKqIEEAAALgUlEQVRo3u1az49k11X+vnPuq/4xM5mZWHYUOfYgga1IKAtiZUVkTCw2WbJFQmIFSxQhIbDgH4jwigVZEH5vAkIgggAhISuIADFxHGPZMxM7djyezNie6Z81XVXvvXs+Fve9qurq6Z7udpkE1Fet1z1Tr+777nfPPec75zxKwv+1YT9qAGegf5zHGegz0GegTzoCWHYk+OhBG6Al407Lxpjzi3/ir/9jvX3bIL/8KJ/+NT3+DJf6DC43jOtfn+fLfxNNhGDR0Eh3PP3L+uyvLhH3Ms2jfec/+MrXI8Moc6FKYd5K+Lc/5+2XlsjNEkGHfeuPkDMJkEYAMMJgTRDf/EMqfhSgjz5P+W6++0PBQQEhCQopRLg7tt7F8C6wHNwnZ/ow3MMdSxEpwwULIGhiglVgxfCMZhuIpeCe9x4CGkACQymTBCzCCCIAAglHnKZ7N3x1ImYiEKBCAEgYaRmDGqNbiiu0JRjkPGgCRARASjBrqbDMGKeoU0vkc9QANLqUyOlX997Te/+kH7xgazVSICRJhARCRAiTFrl66y/IXVx+Cmuf+JCg97s8ARDE7k9kWmRYwMsnqDPqiafWrcb4+/jeV/MHb3regwOiYApRkoQI5EAEBYAymlHjPawAqw/HE79kT/4KcUo3eMBPq78qgAxCtEwvh5BoE0bMd7H1XVz967x1kwCZwQBASAABgd36I5AzcrFjRoTCHIJlPvQkfuZ3cenTS2F6em1AACYxK6Cgy20Pu9/fuf733L221m5YWwuyzq0cckIFKNi2ylnFzOVhYIQ58PjP47O/A6x/SKYFAQghAwQdYCg7atgob3739tW/Wx1+bz32VhgsjBLoZ+E89nnaJUSwbrobScgkI4yPXMHnfx+4dHxjWQAdxSoENUiAkTDAkIlmdPvFzdf+8ny6sdYMmTNVTm6HbX6rDpDdrYiR2WY1rbr1mSxZ5Vxdw8/9KapHjgl6vwNSYTqHGGSQAoggEFtv169/7WG8vd5MUmvszFZHYZ0xQ5Ck4K5BUuWEEAJEZWXUu/f0778OtCcHLUBEMKLKqkJWlmDtOG59c/zfz6/HG6aGOUfntgnw+IpC3a6S1QCDiiwEBaNJUmzfaF79cj4N0wBoQRdJApBFi/ru+MY3NLzlEcjF1jUFvW/JD3waKRAkUgVPnTUqA5nB6tpf+a1/OI7oXABd9hGGMMkjku5h/HY9GlUMhIAMTeGdyssSAERiUHXRsbjX3NYY4JXf0zFmtYMzAoLEiIEmxHa981au73iXNgnU8Qz50KHCuBGDAQl1mxRJhtEdu/PtB85+HyWgEoaVoR1M3t/ZuL4Sdy0aKaQO9+x6KrIFioQ7zLtJJFANVvHqlyPH0dto83N1XlowydXC6uHdN3TnzbW8K1PRaKJkIS4hX5VRaSZ+aDIkbFzV1stHf3Ef02IUz0AYk8HavZvXV+odZ6tCLaWO4MCHxy3QHWad6BFMyC3tg385AehCtwE0UgRG2Li5YnWY+u0yyRBGEcc5Mg8cJYkEwOJBIyJ0+z+P/tK+bJzFHxkgITImt1a5y85+BbhknmlTy6ZOK9R6hgC4o21R7FIyM2zcODHTBMgAW9SbxJhFsbFju+NYi376dEMAOsc3JSKhmUDNCUD3bgGIhLaJPHVwUymn2T1LGWRv1iraVmyxfXu6qKNBa+4PQVQUfTAf/rR42xJAF3HSL6ColPp94NCgfj+mu5ERtSWyCNBpNnO0ej7FEIpm6B/OgOArRzC9UBYLoZdvBHLbiU92jGjptcQe9pR0AE7BB0dUCuY/YEhdim8AqWg5y/j7lSzh+M09slzniYZCROQjNnNRMPXHjgCVA3CBxWPMMr8PE8MXOZ5dO1+t4nl1BDf7QBuTsQIdANDQxpZIOOSQ9Ywsp+Cyn+/+zKj/h+L4TGO6YyVW0wrHBtgsBM4O5XKG9s9nAGjHZXphKrK334+4q7uATsBJmcacrHZFdEb2UY7+fExt+jRMl4iYwa62tfyuyQJJ07RC6FTDSZOAfgRJLjNeHzr2eQ/AHpTOHWEegpmSzftQLTcWzj+P0yCG6P7r0PzlMPMQaGoU0UASe/En9pFgmXauWcyFBEMG1roizP3GvjCegVA4whQA23t7TYwGgguisa8TlWBOLC009sW0rjIRgvlgFiePYLoPTkWNCu24He6KEWylTEWXInS5zdJo7rROEaWgUfIKozcQh4Ywm/suDHC4wRA57l5v29318+dpIU1Ck+AEVgdalXLCchVIL30JhJ9vXv9jcHIsm6bggkdgsnnvg1dzvekRZhQlZjALGYxShzs9voVRgneX2kLGJFW3Xsa1rxzm+/bX8soXY5x3XhvuXuN4S8ORB9yS0dCX+05YxFtA+IDPSvbSplVc/Rpyvu8yFzKXAFrk94cbL1l7c6Cx2kZZhBOOaR47K0RNoxlP9dPPQuuPXZkzHAZM+O7fakGXLIImQSKadvN6vXN1xXZgrTJVJ7WOnJQNmRKnBfQuOTIj7/vD/trdOP8npsKGZDK4TYUOBZky1/TKH3B8e6FUf4DpyJi8N7z9LY3eTxQdZi5fD78gv0BbJ1fENGsGAXCXJXiCO0rlxUxzV5jBXG4wF0100EQnnebdBltiSuLUgwkIC+XxFq4+rwNnYaGPOMpb32h3XktqTZUl+MUVqy5FWiNB1Iq6qYe8t50jC0wXHmM6RyvlWkISwZBoAEnrNrAPRSxiZkpbtMxDjrcRtdxgnLaUIAlhNPzgBT7xDs4/Pt9x2N9H5Hux8Z21essTosnwAS9doF92rAoWCFiYPlAeMsu9svOPYeU8cgsY6GCXVU8ruP2DNFeBYL/bGTA0I9VX0Y4FwhOiQXT1CUoBa+TprT/DZ57jnCDZn9iO9jjaqyyMUG7RBoZAcoRTcmRgF/VmSEgEGmxcw/pDSKvdwWLJOPoMWHlGx/zJmZ6fXGt4i+12lHs8MSS1QFdEpcEtcfPbsXeP67MO2D7zUAxSw4xgDjPlaFVv5lHOeV2U+YQYCnv0MBJkbjZsZwusVARl7wdL9jBfGsBc92C60REZalVaRuzqnmDX5VC3K0S9Zc270E/2eeAC09W57JdGk7Q2qOVmCaG9SKOwCsZsomc0YQHASdAICWo6r6f+zJTfmhcomqaqpfEy530AGSQhd+30/ghAbJtx5Z/C6idBuy/ToH1s78Lj9+7c8mZzZWVEZBgVUmrNjaSCWRaUi6SrbUqzx/Yd7gOutXcKLJVAkGZMzmL/XbsxWPK7UiITwIg8SlzLP/0lX/nYPpxzfUQJ4/Hov7D1DnfeysOb1uxWCrQWDWnJBiHfU7PbtFg5d9HTp3Tz1VxPLELITJQREmOfTTAg6+VxIECjcUBcfhjVWrQTUwMfgCtABRnMEBMQWLmMj38On/gC1h+Zs6lF0FAINqEUmuTRdohuTgwQJM2cSDU0RjsCDRjiha/i5isA0GS1gZDYJdOdnC+9lWIqBiSXmZHxyc/407+B6uPII+QJvIKvwSswAQQyIqs8Gn4wj1kwDwIrAMxW7dzF2fmZNeoJEFW/5U9+UTdep6AshcorNchd9UzldghS6cSxgiWnuz/xi1h7FEhI8/s+TVUqWHB6bg+oj/vVPTgvD6yXFgdLPsRPfJFXnopJLVkfqI3o+gR9sDbSDeZwa8k28OhTuPIMUB2Y0OY0iR0h24/xnkt5NOdn7JdvwDPPmae2bQgDnPROj5A2o8pgCfQaDjP8wm/D7UjB94B64Qlfzjn4oMHFePZLFZIil+jd9dfLQGmVkW5IUVUZX/gtpIuzZZ9qnOBlwulLDwcXwtEW/vk5vf2SGkQgSiykjHSIKaESfupZPPub+434owd9dDUiQ37zO3jz6/UbL6a7PywNR1rKDz3GK5+zJz+PR38WvpzXAJf82ub/zjh7f/oM9BnoH4NxBvoM9P830P8DWBywwp+xTnsAAAAASUVORK5CYII=")
    }.sc.sc--mobile.sc--samsung - internet -
    for -android {
        height: 100 % ;align - items: flex - end
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw {
        width: auto;margin: 1 rem auto;box - shadow: 0 0 3 px rgba(0, 0, 0, .4);border - radius: 2 rem;padding - bottom: 4.5 rem;padding - top: 1.333 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: after, .sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: before {
        position: absolute;right: 1.75 rem;top: 1.333 rem;content: " ";height: 1 rem;width: 1 px;background - color: #777}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:before{transform:rotate(45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:after{transform:rotate(-45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__text-mobile{display:block;font-weight:700;color:# 444;margin - left: 3 rem;margin - right: 1.5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn - c {
        flex - flow: row;
        display: flex;
        left: .5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn {
        flex: 1;padding: .25 rem;margin - bottom: 1 rem;color: #4285f6}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__btn--allow{border-right:1px solid # ddd
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__icon {
        width: 2 rem;position: relative;top: .33 rem;height: 2 rem;background - repeat: no - repeat
    }.sc.sc--mobile.sc--yandex - browser {
        align - items: flex - end
    }.sc.sc--mobile.sc--yandex - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--yandex - browser.sc__sw {
        width: auto;border: 1 px solid # ededed;border - radius: 1 rem;margin: .5 rem;box - shadow: 0 0 10 px 10 px # f0f0f0,
        0 50 px 20 px 40 px # f0f0f0
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__text - mobile {
        display: block;margin - left: 0;margin - right: 1 rem
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__icon {
        position: absolute;right: .5 rem;top: .5 rem;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NCIgaGVpZ2h0PSI2NCIgdmlld0JveD0iMCAwIDE2LjkzMyAxNi45MzMiPjxnIHRyYW5zZm9ybT0idHJhbnNsYXRlKDAgLTI4MC4wNjcpIj48Y2lyY2xlIGN4PSI4LjQ2NyIgY3k9IjI4OC41MzMiIHI9IjcuNTYiIGZpbGw9IiNkOWQ5ZDkiLz48cGF0aCBkPSJNNS42MzggMjg1LjQzM2EuMjYzLjI2MyAwIDAgMC0uMTk1LjA3Ny4yNzkuMjc5IDAgMCAwIC4wMTEuMzk0bDIuNjMgMi42My0yLjYzIDIuNjI4YS4yNzkuMjc5IDAgMCAwLS4wMTEuMzk1LjI3OS4yNzkgMCAwIDAgLjM5NS0uMDExbDIuNjI5LTIuNjMgMi42MjkgMi42M2EuMjc5LjI3OSAwIDAgMCAuMzk0LjAxLjI3OS4yNzkgMCAwIDAtLjAxLS4zOTRsLTIuNjMtMi42MjkgMi42My0yLjYyOWEuMjc5LjI3OSAwIDAgMCAuMDEtLjM5NC4yNzkuMjc5IDAgMCAwLS4zOTQuMDFsLTIuNjMgMi42My0yLjYyOC0yLjYzYS4yOTQuMjk0IDAgMCAwLS4yLS4wODd6IiBmaWxsPSIjZmZmIi8+PC9nPjwvc3ZnPg==")
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn - c {
        bottom: 0;right: 0;left: 0;display: flex;border - top: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn {
        flex: 1;color: #2488e0;font-weight:400}.sc.sc--mobile.sc--yandex-browser .sc__sw__btn--allow{color:# 2488e0;font - weight: 600;border - left: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn--block {
        color: #2488e0}.sc.sc--desktop{margin-left:21px;margin-top:-3px;width:326px;height:136px;display:flex;justify-content:center;align-items:center}.sc.sc--desktop.rtl{margin-left:0;margin-right:106px}.sc.sc--desktop .sc__sw{box-sizing:border-box;width:320px;height:130px;border-radius:2px;box-shadow:0 -1px 3px rgba(0,0,0,.3),0 2px 3px 1px rgba(0,0,0,.3);padding:16px;margin:0;font-family:Segoe UI,Helvetica,sans-serif}.sc.sc--desktop .sc__sw__close{position:absolute;display:block;height:24px;width:24px;right:5px;top:5px;border-radius:100%;background-color:transparent;transition:background-color .5s}.sc.sc--desktop .sc__sw__close:hover{background-color:rgba(0,0,0,.08)}.sc.sc--desktop .sc__sw__close:after,.sc.sc--desktop .sc__sw__close:before{content:" ";position:absolute;height:13px;width:2px;left:11px;top:5px;background-color:# 666;pointer - events: none
    }.sc.sc--desktop.sc__sw__close: before {
        transform: rotate(45 deg)
    }.sc.sc--desktop.sc__sw__close: after {
        transform: rotate(-45 deg)
    }.sc.sc--desktop.sc__sw__heading {
        display: block;position: absolute;top: 19 px;left: 16 px;right: 30 px;font - size: 15 px;white - space: nowrap;text - overflow: ellipsis;overflow: hidden
    }.sc.sc--desktop.sc__sw__icon {
        background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNWY2MzY4Ii8+PC9zdmc+");
        height: 18 px;
        width: 18 px;
        position: absolute;
        top: 47 px;
        left: 16 px
    }.sc.sc--desktop.sc__sw__text {
        font - size: 12 px;
        position: absolute;
        top: 49 px;
        left: 46 px;
        color: #000;margin:0}.sc.sc--desktop .sc__sw__text-desktop{display:block}.sc.sc--desktop .sc__sw__btn-c{bottom:16px;right:16px;flex-flow:row}.sc.sc--desktop .sc__sw__btn{font-size:12px;font-weight:400;border:1px solid # ddd;
        border - radius: 2 px;
        padding: 0 16 px;
        height: 32 px;
        margin - left: 8 px;
        min - width: 64 px;
        font - weight: 500
    }.sc.sc--desktop.sc__sw__btn: hover {
        background - color: # fafafa
    }.sc.sc--desktop.sc--firefox {
        width: 380 px;height: 120 px;margin - left: 0;margin - top: 0
    }.sc.sc--desktop.sc--firefox.rtl {
        margin - left: 0;
        margin - right: 0
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: after, .sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        left: auto;right: 7 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        right: 6 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw__btn--block: after {
        left: 0;right: auto
    }.sc.sc--desktop.sc--firefox.sc__sw {
        width: 360 px;height: 102 px;border: 1 px solid # d0d1d1;box - shadow: 0 0 1 rem # d0d1d1;padding: 12 px 10 px;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw: after, .sc.sc--desktop.sc--firefox.sc__sw: before {
        display: none;background - color: transparent;position: absolute;left: 7 px;top: -8 px;transform: none;content: " ";display: block;width: 0;height: 0;border - color: transparent transparent # fff;border - style: solid;border - width: 0 8 px 8 px
    }.sc.sc--desktop.sc--firefox.sc__sw: before {
        top: -9 px;left: 6 px;border - width: 0 9 px 9 px;border - color: transparent transparent # d0d1d1
    }.sc.sc--desktop.sc--firefox.sc__sw * {
        position: unset
    }.sc.sc--desktop.sc--firefox.sc__sw__close {
        display: none
    }.sc.sc--desktop.sc--firefox.sc__sw__heading {
        font - family: Segoe UI, Helvetica, sans - serif;
        font - size: 12 px;
        white - space: wrap;
        margin - bottom: .5e m;
        overflow: visible;
        margin - left: 48 px
    }.sc.sc--desktop.sc--firefox.sc__sw__text {
        overflow: visible;margin - left: 48 px;line - height: .95
    }.sc.sc--desktop.sc--firefox.sc__sw__icon {
        background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAeCAYAAABNChwpAAABj0lEQVRIie2Wv4oyMRTFf7pWsdQyBCzUVwgznXkFwc6xthNLERbU0gew1E7wFbQbmHewG9IJgoW22WJB0PUP6IzKx3e6ZO7NOUluztyMc84BRFHEcrkkjmPShFIKYwxaawAyzjk3m80IwzBV4nP4vk+z2SQXRdHLyQHCMKRSqfBVKpW+d7vdywUAbLdbcud33u/3kVKmQmitZTAYHMdxHJM9D0qL/NrafwS8Gm8XkLsXMBqNHvYGpRS9Xu9mzOefwL0dPIvPP4H/NfDP18DnCbDWpkZ2ae3McDh0SXRBvu9Tr9cRQgCwXq+ZTqdsNpurOUopssaYp8nht8FYLBbH8T1yAGMMWa01nuclJmK1WgHcJfc8D6317zMMgoBqtZpIUzqfzykUCle/X2xKnyG01jIejzkcDse5fD7Pfr8/iZtMJhfzn36GUkra7fbJ3Dn5LSTiA+VymUaj8VBuYkZUq9UeKuZEnTAIApRS7xMA0Ol0jmb0FgFCCLrd7omIW4JS+RlJKWm1WhSLRYQQNwv0BySZkZGaX+NiAAAAAElFTkSuQmCC");
        width: 32 px;
        margin - right: 16 px;
        height: 30 px
    }.sc.sc--desktop.sc--firefox.sc__sw__btn - c {
        position: absolute;left: 0;right: 0;bottom: 0
    }.sc.sc--desktop.sc--firefox.sc__sw__btn {
        margin: 0;border: none;display: flex;flex: 1;text - align: center;justify - content: center;align - items: center;height: 39 px;color: #000;border-radius:0;box-shadow:inset 0 0 1px 1px rgba(0,0,0,.1);background-color:# ededed;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow {
        background - color: #0060df;color:# fff
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow: hover {
        background - color: #003eaa}.sc.sc--desktop.sc--firefox .sc__sw__btn--block{padding-right:55px}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:before{display:block;content:"";position:absolute;left:0;top:0;bottom:0;right:0;z-index:1}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:hover:before{background-color:rgba(0,0,0,.045)}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:after{content:"";display:block;position:absolute;right:0;background-image:url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAHCAYAAAA4R3wZAAAAhUlEQVQYlXXQyw2EMAyE4Z9tAMpwSkn6BUoJt3QwUioYDitWLA8fPf4s2YMkl1LovbMsC+M48lS9d0opTNPEPM98jqDWyrHgDdVasf1tSnJrzRFhwCklt9YsyUeWUjLgiPhlnAeu+A39wSf8hiR5kOTrPTlntm0DICJY1/X2tBs8Y+ARAezFmqaAOZvAjAAAAABJRU5ErkJggg= = ");background-repeat:no-repeat;background-position:12px 11px;border-left:1px solid #cecece;height:26px;width:39px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw{border-radius:4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn-c{overflow:hidden;border-radius:0 0 4px 4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn{box-shadow:none}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow{background-color:#0896f8;border-top:1px solid #0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow:hover{background-color:#0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--block{border-top:1px solid #ccc}.sc.sc--desktop.sc--yandex-browser{width:460px;height:180px;overflow:hidden;align-items:flex-start;position:absolute;right:17px;margin:0}.sc.sc--desktop.sc--yandex-browser *{position:unset}.sc.sc--desktop.sc--yandex-browser.rtl{right:auto;left:17px}.sc.sc--desktop.sc--yandex-browser.rtl .sc__sw__btn-c:before{left:auto;right:0}.sc.sc--desktop.sc--yandex-browser .sc__sw{width:435px;height:150px;border-radius:3px;border:1px solid #d1d1d1;box-shadow:0 10px 20px rgba(0,0,0,.1);margin-top:13px;overflow:visible;padding:20px 25px;position:relative}.sc.sc--desktop.sc--yandex-browser .sc__sw:after,.sc.sc--desktop.sc--yandex-browser .sc__sw:before{width:1px;background-color:#d1d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__close{content:"
        ";display:block;width:16px;height:16px;background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8 / 9 hAAABj0lEQVQ4ja2TzYrqQBCFv5b8qdABI26MUSGLvIRrn1XwNeYRBNGsTMgiYCDZxG4XfRcSb2bUCwP3LLvrVJ06VSWMMYYe2rbler3SNA1aawAcx0FKSRAEDIfDfjiiS2CMIc9zqqpiNpvh + z6u6wKglKKua8qyZDKZEIYhQoi / CYwxpGkKQBRFT + JPKKW4XC4AxHGMEIIBQJ7nz8dPZADXdYnjmD7HatuWqqpIkuQpC + B0OnE4HBBCkCQJSZI8JAtBFEUcj0em0ylkWWaKojB9FEVhdrud0VobrbXZ7 / cmy7KXmCzLzKBpGnzf / yZVSsl2u8W2bWzbRkr5nEgH3 / dpmgZLa / 3 S93g8ppvM19cXnuexXq9f / NBaP0z8hPP5zP1 + Z7PZfPOnD8txHJRSjEajl8 / lcslqtXpLVErhOA4DKSV1XX9U0O3HT9R1jZSSQRAElGWJUupVnmVhWdbb6mVZEgTBYxOzLON2uz2361 / ottbzPBaLxcPE + XwOQJqmb5X0K3cthWEI / K9j6lf57Tn / Aa0MA10JheTaAAAAAElFTkSuQmCC ");background-size:contain;background-repeat:no-repeat;background-color:red;position:absolute;left:25px;bottom:25px;top:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__close:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__close:before{display:none}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon{background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABwAAAAaCAYAAACkVDyJAAABP0lEQVRIie3VMW6DMBTG8T8oYyaba4SNOdnJARhYmMlx8BoWJDhAjpGJXAMzsb8Olau0TVKUGKlDvvHpwU / Y5jkQEbHWUtc1fd8zjiM + o5QijmOKokBrTTAMg5RlyTRNXqGfWa / XGGNYHY9HpmkiSRLKsiSKIq / QMAxUVcX5fKaua8LL5QKwCAYQRRGHwwGAvu8J3Z4tgV2jAOM4Ei6m3MkbfINv8B + ASingc + YtFfdupRThZrMBwBiDtdY7Zq2lqioA4jh + 7 XrK85wsy77V9vv9zV53PYVaa4wxbLdb3PLOTdM0dF33sEcpxW63wxiD1hrkybRtK2maSpqm0rbtV93V7uXpU5plGXmez / 5 Sl9WzoEMd2DTNrGcCEZFXUICu636Bp9PpZq + XH / 96e f + Kt0kzF / U62uagLx2ae + ijfAAz9t9V2rINEgAAAABJRU5ErkJggg == ");width:28px;height:26px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{display:none;background-color:transparent;position:absolute;left:295px;top:-12px;transform:none;content:"
        ";display:block;width:0;height:0;border-color:transparent transparent #fff;border-style:solid;border-width:0 12px 12px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{top:-13px;left:294px;z-index:-1;border-width:0 13px 13px;border-color:transparent transparent #d0d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading,.sc.sc--desktop.sc--yandex-browser .sc__sw__text{margin-left:45px}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading{font-weight:700;font-size:16px;margin-top:-3px;width:330px;white-space:normal;margin-bottom:8px;direction:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__text{font-size:13px;line-height:1.333}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn-c{position:absolute;right:25px;bottom:20px;justify-content:flex-end}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn{color:#000;font-weight:400;border:none;background-color:#e6e6e6}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn:hover{background-color:#ccc}.sc.sc--desktop.sc--macos .sc__sw{border-top:0;border-right:1px solid #ccc;border-bottom:1px solid #c1c1c1;border-left:1px solid #ccc;box-shadow:0 0 15px 0 #c6c6c6;border-radius:4px}.sc.sc--desktop.sc--macos .sc__sw__text-desktop{top:50px}.sc.sc--desktop.sc--macos .sc__sw__close{transform:scale(.9)}.sc.sc--desktop.sc--macos .sc__sw__btn{border-color:#eee;border-radius:3px}.sc.sc--desktop.sc--macos .sc__sw__btn-c{display:flex;flex-flow:row-reverse}.sc.sc--tablet .sc__sw__text-mobile{display:block}</style><script>parcelRequire=function(e,r,t,n){var i,o="
        function "==typeof parcelRequire&&parcelRequire,u="
        function "==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="
        function "==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"
        string "==typeof t)return u(t);var c=new Error("
        Cannot find module ");throw c.code="
        MODULE_NOT_FOUND ",c}p.resolve=function(r){return e[t][1][r]||r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i||(i=e)}if(t.length){var l=f(t[t.length-1]);"
        object "==typeof exports&&"
        undefined "!=typeof module?module.exports=l:"
        function "==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire=f,i)throw i;return f}({"
        9 KIJ ":[function(require,module,exports) {},{}],"
        JSid ":[function(require,module,exports) {var define;var e;!function(t,r){"
        object "==typeof exports&&"
        object "==typeof module?module.exports=r():"
        function "==typeof e&&e.amd?e([],r):"
        object "==typeof exports?exports.bowser=r():t.bowser=r()}(this,function(){return function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"
        undefined "!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"
        Module "}),Object.defineProperty(e,"
        __esModule ",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"
        object "==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"
        default ",{enumerable:!0,value:e}),2&t&&"
        string "!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"
        a ",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="
        ",r(r.s=86)}({17:function(e,t,r){var n,i,s;i=[t,r(89)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0;var s=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getFirstMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>0&&r[1]||"
        "}},{key:"
        getSecondMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>1&&r[2]||"
        "}},{key:"
        matchAndReturnConst ",value:function(e,t,r){if(e.test(t))return r}},{key:"
        getWindowsVersionName ",value:function(e){switch(e){case"
        NT ":return"
        NT ";case"
        XP ":return"
        XP ";case"
        NT 5.0 ":return"
        2000 ";case"
        NT 5.1 ":return"
        XP ";case"
        NT 5.2 ":return"
        2003 ";case"
        NT 6.0 ":return"
        Vista ";case"
        NT 6.1 ":return"
        7 ";case"
        NT 6.2 ":return"
        8 ";case"
        NT 6.3 ":return"
        8.1 ";case"
        NT 10.0 ":return"
        10 ";default:return}}},{key:"
        getAndroidVersionName ",value:function(e){var t=e.split(".
        ").splice(0,2).map(function(e){return parseInt(e,10)||0});if(t.push(0),!(1===t[0]&&t[1]<5))return 1===t[0]&&t[1]<6?"
        Cupcake ":1===t[0]&&t[1]>=6?"
        Donut ":2===t[0]&&t[1]<2?"
        Eclair ":2===t[0]&&2===t[1]?"
        Froyo ":2===t[0]&&t[1]>2?"
        Gingerbread ":3===t[0]?"
        Honeycomb ":4===t[0]&&t[1]<1?"
        Ice Cream Sandwich ":4===t[0]&&t[1]<4?"
        Jelly Bean ":4===t[0]&&t[1]>=4?"
        KitKat ":5===t[0]?"
        Lollipop ":6===t[0]?"
        Marshmallow ":7===t[0]?"
        Nougat ":8===t[0]?"
        Oreo ":void 0}},{key:"
        getVersionPrecision ",value:function(e){return e.split(".
        ").length}},{key:"
        compareVersions ",value:function(t,r){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2],i=e.getVersionPrecision(t),s=e.getVersionPrecision(r),a=Math.max(i,s),o=0,u=e.map([t,r],function(t){var r=a-e.getVersionPrecision(t),n=t+new Array(r+1).join(".0 ");return e.map(n.split(".
        "),function(e){return new Array(20-e.length).join("
        0 ")+e}).reverse()});for(n&&(o=a-Math.min(i,s)),a-=1;a>=o;){if(u[0][a]>u[1][a])return 1;if(u[0][a]===u[1][a]){if(a===o)return 0;a-=1}else if(u[0][a]<u[1][a])return-1}}},{key:"
        map ",value:function(e,t){var r,n=[];if(Array.prototype.map)return Array.prototype.map.call(e,t);for(r=0;r<e.length;r+=1)n.push(t(e[r]));return n}},{key:"
        getBrowserAlias ",value:function(e){return n.BROWSER_ALIASES_MAP[e]}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},86:function(e,t,r){var n,i,s;i=[t,r(87)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}var s;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(s=n)&&s.__esModule?s:{default:s};var a=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getParser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if("
        string "!=typeof e)throw new Error("
        UserAgent should be a string ");return new n.default(e,t)}},{key:"
        parse ",value:function(e){return new n.default(e).getResult()}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},87:function(e,t,r){var n,i,s;i=[t,r(88),r(90),r(91),r(92),r(17)],void 0===(s="
        function "==typeof(n=function(r,n,i,s,a,o){"
        use strict ";function u(e){return e&&e.__esModule?e:{default:e}}function c(e){return(c="
        function "==typeof Symbol&&"
        symbol "==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"
        function "==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"
        symbol ":typeof e})(e)}function d(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=u(n),i=u(i),s=u(s),a=u(a),o=u(o);var f=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if(function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e),null==t||"
        "===t)throw new Error("
        UserAgent parameter cant be empty ");this._ua=t,this.parsedResult={},!0!==r&&this.parse()}return t=e,(r=[{key:"
        getUA ",value:function(){return this._ua}},{key:"
        test ",value:function(e){return e.test(this._ua)}},{key:"
        parseBrowser ",value:function(){var e=this;this.parsedResult.browser={};var t=n.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.browser=t.describe(this.getUA())),this.parsedResult.browser}},{key:"
        getBrowser ",value:function(){return this.parsedResult.browser?this.parsedResult.browser:this.parseBrowser()}},{key:"
        getBrowserName ",value:function(e){return e?String(this.getBrowser().name).toLowerCase()||"
        ":this.getBrowser().name||"
        "}},{key:"
        getBrowserVersion ",value:function(){return this.getBrowser().version}},{key:"
        getOS ",value:function(){return this.parsedResult.os?this.parsedResult.os:this.parseOS()}},{key:"
        parseOS ",value:function(){var e=this;this.parsedResult.os={};var t=i.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.os=t.describe(this.getUA())),this.parsedResult.os}},{key:"
        getOSName ",value:function(e){var t=this.getOS().name;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        getOSVersion ",value:function(){return this.getOS().version}},{key:"
        getPlatform ",value:function(){return this.parsedResult.platform?this.parsedResult.platform:this.parsePlatform()}},{key:"
        getPlatformType ",value:function(){var e=arguments.length>0&&void 0!==arguments[0]&&arguments[0],t=this.getPlatform().type;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        parsePlatform ",value:function(){var e=this;this.parsedResult.platform={};var t=s.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.platform=t.describe(this.getUA())),this.parsedResult.platform}},{key:"
        getEngine ",value:function(){return this.parsedResult.engine?this.parsedResult.engine:this.parseEngine()}},{key:"
        getEngineName ",value:function(e){return e?String(this.getEngine().name).toLowerCase()||"
        ":this.getEngine().name||"
        "}},{key:"
        parseEngine ",value:function(){var e=this;this.parsedResult.engine={};var t=a.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.engine=t.describe(this.getUA())),this.parsedResult.engine}},{key:"
        parse ",value:function(){return this.parseBrowser(),this.parseOS(),this.parsePlatform(),this.parseEngine(),this}},{key:"
        getResult ",value:function(){return Object.assign({},this.parsedResult)}},{key:"
        satisfies ",value:function(e){var t=this,r={},n=0,i={},s=0;if(Object.keys(e).forEach(function(t){var a=e[t];"
        string "==typeof a?(i[t]=a,s+=1):"
        object "===c(a)&&(r[t]=a,n+=1)}),n>0){var a=Object.keys(r),o=a.find(function(e){return t.isOS(e)});if(o){var u=this.satisfies(r[o]);if(void 0!==u)return u}var d=a.find(function(e){return t.isPlatform(e)});if(d){var f=this.satisfies(r[d]);if(void 0!==f)return f}}if(s>0){var l=Object.keys(i).find(function(e){return t.isBrowser(e,!0)});if(void 0!==l)return this.compareVersion(i[l])}}},{key:"
        isBrowser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1],r=this.getBrowserName(),n=[r.toLowerCase()],i=o.default.getBrowserAlias(r);return t&&void 0!==i&&n.push(i.toLowerCase()),-1!==n.indexOf(e.toLowerCase())}},{key:"
        compareVersion ",value:function(e){var t=[0],r=e,n=!1,i=this.getBrowserVersion();if("
        string "==typeof i)return" > "===e[0]||" < "===e[0]?(r=e.substr(1)," = "===e[1]?(n=!0,r=e.substr(2)):t=[]," > "===e[0]?t.push(1):t.push(-1)):" = "===e[0]?r=e.substr(1):"~"===e[0]&&(n=!0,r=e.substr(1)),t.indexOf(o.default.compareVersions(i,r,n))>-1}},{key:"
        isOS ",value:function(e){return this.getOSName(!0)===String(e).toLowerCase()}},{key:"
        isPlatform ",value:function(e){return this.getPlatformType(!0)===String(e).toLowerCase()}},{key:"
        isEngine ",value:function(e){return this.getEngineName(!0)===String(e).toLowerCase()}},{key:"
        is ",value:function(e){return this.isBrowser(e)||this.isOS(e)||this.isPlatform(e)}},{key:"
        some ",value:function(){var e=this;return(arguments.length>0&&void 0!==arguments[0]?arguments[0]:[]).some(function(t){return e.is(t)})}}])&&d(t.prototype,r),e;var t,r}();r.default=f,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},88:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";var i;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=/version\/(\d+(\.?_?\d+)+)/i,a=[{test:[/googlebot/i],describe:function(e){var t={name:"
        Googlebot "},r=n.default.getFirstMatch(/googlebot\/(\d+(\.\d+))/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/opera/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:opera)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/opr\/|opios/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(/(?:opr|opios)[\s\/](\S+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/SamsungBrowser/i],describe:function(e){var t={name:"
        Samsung Internet
        for Android "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:SamsungBrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Whale/i],describe:function(e){var t={name:"
        NAVER Whale Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:whale)[\s\/](\d+(?:\.\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/MZBrowser/i],describe:function(e){var t={name:"
        MZ Browser "},r=n.default.getFirstMatch(/(?:MZBrowser)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/focus/i],describe:function(e){var t={name:"
        Focus "},r=n.default.getFirstMatch(/(?:focus)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/swing/i],describe:function(e){var t={name:"
        Swing "},r=n.default.getFirstMatch(/(?:swing)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/coast/i],describe:function(e){var t={name:"
        Opera Coast "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:coast)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/yabrowser/i],describe:function(e){var t={name:"
        Yandex Browser "},r=n.default.getFirstMatch(/(?:yabrowser)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/ucbrowser/i],describe:function(e){var t={name:"
        UC Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:ucbrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Maxthon|mxios/i],describe:function(e){var t={name:"
        Maxthon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:Maxthon|mxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/epiphany/i],describe:function(e){var t={name:"
        Epiphany "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:epiphany)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/puffin/i],describe:function(e){var t={name:"
        Puffin "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:puffin)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sleipnir/i],describe:function(e){var t={name:"
        Sleipnir "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:sleipnir)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/k-meleon/i],describe:function(e){var t={name:"
        K - Meleon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:k-meleon)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/micromessenger/i],describe:function(e){var t={name:"
        WeChat "},r=n.default.getFirstMatch(/(?:micromessenger)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/msie|trident/i],describe:function(e){var t={name:"
        Internet Explorer "},r=n.default.getFirstMatch(/(?:msie |rv:)(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/\sedg\//i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getFirstMatch(/\sedg\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/edg([ea]|ios)/i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getSecondMatch(/edg([ea]|ios)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/vivaldi/i],describe:function(e){var t={name:"
        Vivaldi "},r=n.default.getFirstMatch(/vivaldi\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/seamonkey/i],describe:function(e){var t={name:"
        SeaMonkey "},r=n.default.getFirstMatch(/seamonkey\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sailfish/i],describe:function(e){var t={name:"
        Sailfish "},r=n.default.getFirstMatch(/sailfish\s?browser\/(\d+(\.\d+)?)/i,e);return r&&(t.version=r),t}},{test:[/silk/i],describe:function(e){var t={name:"
        Amazon Silk "},r=n.default.getFirstMatch(/silk\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/phantom/i],describe:function(e){var t={name:"
        PhantomJS "},r=n.default.getFirstMatch(/phantomjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/slimerjs/i],describe:function(e){var t={name:"
        SlimerJS "},r=n.default.getFirstMatch(/slimerjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){var t={name:"
        BlackBerry "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/blackberry[\d]+\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t={name:"
        WebOS Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/w(?:eb)?[o0]sbrowser\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/bada/i],describe:function(e){var t={name:"
        Bada "},r=n.default.getFirstMatch(/dolfin\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/tizen/i],describe:function(e){var t={name:"
        Tizen "},r=n.default.getFirstMatch(/(?:tizen\s?)?browser\/(\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/qupzilla/i],describe:function(e){var t={name:"
        QupZilla "},r=n.default.getFirstMatch(/(?:qupzilla)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/firefox|iceweasel|fxios/i],describe:function(e){var t={name:"
        Firefox "},r=n.default.getFirstMatch(/(?:firefox|iceweasel|fxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/chromium/i],describe:function(e){var t={name:"
        Chromium "},r=n.default.getFirstMatch(/(?:chromium)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/chrome|crios|crmo/i],describe:function(e){var t={name:"
        Chrome "},r=n.default.getFirstMatch(/(?:chrome|crios|crmo)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t={name:"
        Android Browser "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/playstation 4/i],describe:function(e){var t={name:"
        PlayStation 4 "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/safari|applewebkit/i],describe:function(e){var t={name:"
        Safari "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/.*/i],describe:function(e){var t=-1!==e.search("\\ (")?/^(.*)\/(.*)[ \t]\((.*)/:/^(.*)\/(.*) /;return{name:n.default.getFirstMatch(t,e),version:n.default.getSecondMatch(t,e)}}}];r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},89:function(e,t,r){var n,i;void 0===(i="function "==typeof(n=function(e){"
                use strict ";Object.defineProperty(e,"
                __esModule ",{value:!0}),e.BROWSER_ALIASES_MAP=void 0,e.BROWSER_ALIASES_MAP={"
                Amazon Silk ":"
                amazon_silk ","
                Android Browser ":"
                android ",Bada:"
                bada ",BlackBerry:"
                blackberry ",Chrome:"
                chrome ",Chromium:"
                chromium ",Epiphany:"
                epiphany ",Firefox:"
                firefox ",Focus:"
                focus ",Generic:"
                generic ",Googlebot:"
                googlebot ","
                Internet Explorer ":"
                ie ","
                K - Meleon ":"
                k_meleon ",Maxthon:"
                maxthon ","
                Microsoft Edge ":"
                edge ","
                MZ Browser ":"
                mz ","
                NAVER Whale Browser ":"
                naver ",Opera:"
                opera ","
                Opera Coast ":"
                opera_coast ",PhantomJS:"
                phantomjs ",Puffin:"
                puffin ",QupZilla:"
                qupzilla ",Safari:"
                safari ",Sailfish:"
                sailfish ","
                Samsung Internet
                for Android ":"
                samsung_internet ",SeaMonkey:"
                seamonkey ",Sleipnir:"
                sleipnir ",Swing:"
                swing ",Tizen:"
                tizen ","
                UC Browser ":"
                uc ",Vivaldi:"
                vivaldi ","
                WebOS Browser ":"
                webos ",WeChat:"
                wechat ","
                Yandex Browser ":"
                yandex "}})?n.apply(t,[t]):n)||(e.exports=i)},90:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:[/windows phone/i],describe:function(e){return{name:"
                Windows Phone ",version:n.default.getFirstMatch(/windows phone (?:os)?\s?(\d+(\.\d+)*)/i,e)}}},{test:[/windows/i],describe:function(e){var t=n.default.getFirstMatch(/Windows ((NT|XP)( \d\d?.\d)?)/i,e);return{name:"
                Windows ",version:t,versionName:n.default.getWindowsVersionName(t)}}},{test:[/macintosh/i],describe:function(e){return{name:"
                macOS ",version:n.default.getFirstMatch(/mac os x (\d+(\.?_?\d+)+)/i,e).replace(/[_\s]/g,".
                ")}}},{test:[/(ipod|iphone|ipad)/i],describe:function(e){return{name:"
                iOS ",version:n.default.getFirstMatch(/os (\d+([_\s]\d+)*) like mac os x/i,e).replace(/[_\s]/g,".
                ")}}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t=n.default.getFirstMatch(/android[\s\/-](\d+(\.\d+)*)/i,e),r=n.default.getAndroidVersionName(t),i={name:"
                Android ",version:t};return r&&(i.versionName=r),i}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t=n.default.getFirstMatch(/(?:web|hpw)[o0]s\/(\d+(\.\d+)*)/i,e),r={name:"
                WebOS "};return t&&t.length&&(r.version=t),r}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){return{name:"
                BlackBerry ",version:n.default.getFirstMatch(/rim\stablet\sos\s(\d+(\.\d+)*)/i,e)||n.default.getFirstMatch(/blackberry\d+\/(\d+([_\s]\d+)*)/i,e)||n.default.getFirstMatch(/\bbb(\d+)/i,e)}}},{test:[/bada/i],describe:function(e){return{name:"
                Bada ",version:n.default.getFirstMatch(/bada\/(\d+(\.\d+)*)/i,e)}}},{test:[/tizen/i],describe:function(e){return{name:"
                Tizen ",version:n.default.getFirstMatch(/tizen[\/\s](\d+(\.\d+)*)/i,e)}}},{test:[/linux/i],describe:function(){return{name:"
                Linux "}}},{test:[/CrOS/],describe:function(){return{name:"
                Chrome OS "}}},{test:[/PlayStation 4/],describe:function(e){return{name:"
                PlayStation 4 ",version:n.default.getFirstMatch(/PlayStation 4[\/\s](\d+(\.\d+)*)/i,e)}}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},91:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s="
                tablet ",a="
                mobile ",o="
                desktop ",u="
                tv ",c=[{test:[/googlebot/i],describe:function(){return{type:"
                bot ",vendor:"
                Google "}}},{test:[/huawei/i],describe:function(e){var t=n.default.getFirstMatch(/(can-l01)/i,e)&&"
                Nova ",r={type:a,vendor:"
                Huawei "};return t&&(r.model=t),r}},{test:[/nexus\s*(?:7|8|9|10).*/i],describe:function(){return{type:s,vendor:"
                Nexus "}}},{test:[/ipad/i],describe:function(){return{type:s,vendor:"
                Apple ",model:"
                iPad "}}},{test:[/kftt build/i],describe:function(){return{type:s,vendor:"
                Amazon ",model:"
                Kindle Fire HD 7 "}}},{test:[/silk/i],describe:function(){return{type:s,vendor:"
                Amazon "}}},{test:[/tablet/i],describe:function(){return{type:s}}},{test:function(e){var t=e.test(/ipod|iphone/i),r=e.test(/like (ipod|iphone)/i);return t&&!r},describe:function(e){var t=n.default.getFirstMatch(/(ipod|iphone)/i,e);return{type:a,vendor:"
                Apple ",model:t}}},{test:[/nexus\s*[0-6].*/i,/galaxy nexus/i],describe:function(){return{type:a,vendor:"
                Nexus "}}},{test:[/[^-]mobi/i],describe:function(){return{type:a}}},{test:function(e){return"
                blackberry "===e.getBrowserName(!0)},describe:function(){return{type:a,vendor:"
                BlackBerry "}}},{test:function(e){return"
                bada "===e.getBrowserName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                windows phone "===e.getBrowserName()},describe:function(){return{type:a,vendor:"
                Microsoft "}}},{test:function(e){var t=Number(String(e.getOSVersion()).split(".
                ")[0]);return"
                android "===e.getOSName(!0)&&t>=3},describe:function(){return{type:s}}},{test:function(e){return"
                android "===e.getOSName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                macos "===e.getOSName(!0)},describe:function(){return{type:o,vendor:"
                Apple "}}},{test:function(e){return"
                windows "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                linux "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                playstation 4 "===e.getOSName(!0)},describe:function(){return{type:u}}}];r.default=c,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},92:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:function(e){return"
                microsoft edge "===e.getBrowserName(!0)},describe:function(e){return/\sedg\//i.test(e)?{name:"
                Blink "}:{name:"
                EdgeHTML ",version:n.default.getFirstMatch(/edge\/(\d+(\.?_?\d+)+)/i,e)}}},{test:[/trident/i],describe:function(e){var t={name:"
                Trident "},r=n.default.getFirstMatch(/trident\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){return e.test(/presto/i)},describe:function(e){var t={name:"
                Presto "},r=n.default.getFirstMatch(/presto\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=e.test(/gecko/i),r=e.test(/like gecko/i);return t&&!r},describe:function(e){var t={name:"
                Gecko "},r=n.default.getFirstMatch(/gecko\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(apple)?webkit\/537\.36/i],describe:function(){return{name:"
                Blink "}}},{test:[/(apple)?webkit/i],describe:function(e){var t={name:"
                WebKit "},r=n.default.getFirstMatch(/webkit\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)}})});},{}],"
                H99C ":[function(require,module,exports) {"
                use strict ";require("
                normalize.css "),require(". / style.scss ");var e=t(require("
                bowser "));function t(e){return e&&e.__esModule?e:{default:e}}var s=e.default.parse(window.navigator.userAgent),a="
                firefox "==s.browser.name.toLowerCase().replace(/\s/g," - "),r="
                yandex - browser "==s.browser.name.toLowerCase().replace(/\s/g," - "),o=document.querySelector(".sc "),i=(window.navigator.language||window.navigator.languages[0]).slice(0,2),n=-1!=["
                ar ","
                dv ","
                he ","
                ku ","
                fa ","
                ur "].indexOf(i)?"
                rtl ":"
                ltr ";o.classList.add(i),o.classList.add(n),o.classList.add("
                sc--".concat(s.platform.type)),o.classList.add("
                sc--".concat(s.os.name.toLowerCase())),o.classList.add("
                sc--".concat(s.browser.name.toLowerCase().replace(/\s/g," - ")));var l={};"
                desktop "==s.platform.type?("
                macos "==s.os.name.toLowerCase()&&(l.height=150),"
                rtl "==n?(l.left="
                auto ",l.right=0,a?l.right=262:r&&(l.left=17,l.right="
                auto ")):(l.left=85,l.right="
                auto ",a?l.left=262:r&&(l.left="
                auto ",l.right=17))):l.left=0,void 0===window.setStyle&&(console.error("
                window.setStyle is not a
                function "),window.setStyle=function(){}),window.setStyle(l);},{"
                normalize.css ":"
                9 KIJ ",". / style.scss ":"
                9 KIJ ","
                bowser ":"
                JSid "}]},{},["
                H99C "], null)</script></body></html></html>
                                    


HTTP Transactions (159)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 14:05:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _8q47EbQzA3Cwe03UtLT1ewT2EO4b5wAPrCzXmfePXZXleImF3TXBg==
Age: 3487


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3779
Expires: Fri, 09 Sep 2022 16:06:54 GMT
Date: Fri, 09 Sep 2022 15:03:55 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GONkXhu9tzakghFFpJqYlxTE8n_uaJXj4MoXsuMCVYBQVNJFZP7QWA==
age: 40641
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET / HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRPtHnMkNmMniWBbLnsr0aInaUxENfBRG3TLSi%2FzT1dt24hqklCvyTNCQx%2F70aIkn1DrWzt0I893vjD4Z3xv2Us%2BMNNrtV9LuF1FAYsHvjyjZglMcDPq1Np6WQnn%2FZtf5smc04%2BMx6vrfP4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d03daad70b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60411)
Size:   103593
Md5:    c2d99cd6407245ce33a50280b1a3d7ef
Sha1:   d92d2362c13cbe9a62ced205a424ca3defe239ff
Sha256: b0922d42b942f14de7fca59dcdeee914f013ba5c1ea1802ce5f367167d53cdb8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ntfc.php?p=2651991 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.251
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:56 GMT
Last-Modified: Mon, 05 Sep 2022 12:32:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6315ec69-3922"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (14626), with no line terminators
Size:   6011
Md5:    507383d84d7e2836b416a5529569fe9d
Sha1:   00a067058e50b8a92a82456df5bf8d751bff4b48
Sha256: 5007243c6dde57e0ee74f5e005485df354f2263d36a93a463014b6a6f9d9bf52

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /app/apx19.js HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:46:55 GMT
ETag: W/"5f610c1f-23df"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FK7Yl1Fk90fFJ3UExv2L%2BKkCO%2BlikVNWOBcFyfIAzdBFpyAJjOQwgt6pMc97uvTQMB1KQb999fdD2CuAae0nbuIjPJramPIYvloBKqDV9Jow%2FDcv0QP38Eu8Ze4563HDMOHBYWxjrjH7R4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d0400d940b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (9183), with no line terminators
Size:   2613
Md5:    9ea8acd8d74e4f328d558b64219e02c5
Sha1:   156ce99860c738bee0a97dbe9c543a83f4fd5457
Sha256: cc0dc5bf2c19d0830dd3962179d22ed40f200ecf8dc905a4e64bba0c1ccf9dff

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /widget.min.js HTTP/1.1 
Host: arc.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.25
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2933
last-modified: Wed, 07 Sep 2022 18:00:43 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 09 Sep 2022 14:56:56 GMT
cache-control: public, max-age=3600, stale-while-revalidate=864000
etag: "6318dc4b-b75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rt_co6VGgCicxbzcHQfCApHZs2P0hIr6T_L9EhFxs6YpNH9o3cN8HQ==
age: 430
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7592), with no line terminators
Size:   2933
Md5:    44ac2a812e95272e6d9ed16c44ffda1c
Sha1:   9f8ecf1ae18ef55b4eb499eeef760cd424931c58
Sha256: 336091d383557244d60a67403e6a11906ed5f9be6b535a7dc2484b912bb82a57
                                        
                                            GET /app/x12.js HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:27 GMT
ETag: W/"5f610753-2bac"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQMOeQQwSML5CqFrlWY02DsUT1aJWrnDtF4ol62Tjif3Ar2rHJha%2BJSYELqW%2BOKr4ZutxR8RgV4TSgjnI8QwNd7d4%2BzOikGurvV2CrAhb%2BXNuPP6JOOC3zsiDT%2BV398ivc5R1OGz41cDiBc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d0402a090af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (11180), with no line terminators
Size:   3024
Md5:    7f0c811d15a31a93662cfa30df4ef5ea
Sha1:   3f5b8f499bc7f50d2315eadc7cf043d317b60b95
Sha256: af3050874dc2886642989014b75a7b4734239520ee7d36ea06d4527e41d92beb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "DB92840470FA48E20BAAE9FDD4DE77DAEC5B4E9711A7F683E7B29A8D12812045"
Last-Modified: Thu, 08 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1991
Expires: Fri, 09 Sep 2022 15:37:07 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            GET /app/apx14.js HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:26 GMT
ETag: W/"5f610752-1def"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TR4Kowjc5gljaHomBCDcXgJLoeqwbCScGCxkhrb5z1BinwQmjzjFqiBTCHIbeeZIXTWqK4qzQPBQrpW3fMPSWpI3At8%2BoVGqYATmss7BONuCAxZ5Nulv0lo%2FJYaGqiVRQDtNRO9Qmrw1og%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d04029b8b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (7663), with no line terminators
Size:   2220
Md5:    5fd0d992c153321728eef72725f9e2f1
Sha1:   11af100c190b0c91d3126ca0c792aa6cd3954897
Sha256: f39352e9834fda1868dab410b72a2850f516686f140843e9f0eef835be503330

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /zpp/zpp4.js?q22q2q2 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:32 GMT
ETag: W/"603dd2dc-9853"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJaVEKcUX%2FihxPrOEgzmdz9rAYqu5Kmi%2FTc5oKfOSLpyjDCMcvY4N7X5RsenX%2B2KE1XJWNJeAXXYzdBZmnw2da%2B8%2FozFE1%2Brg7GLKBA%2FDyD%2BqCbzVBMxttewImTiQbQsxgcirWo0DPPWSK8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d0402aeb0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (38995), with no line terminators
Size:   14287
Md5:    3c741ddc90399bc2910b2cdc0a826716
Sha1:   163182c6b04f146fbf6de424ead05c91e59e3c51
Sha256: e6753c7588e28e17f44aa00cbe8c314de3f2bbcb8e892a439eed11dd989b1d84

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /5/2632704 HTTP/1.1 
Host: toshelmeton.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.239
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f891c2e3e5aa8ec626adb9dca59a08ad
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:56 GMT; path=/ oaidts=1662735836; expires=Sat, 09 Sep 2023 15:03:56 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (62337), with no line terminators
Size:   23226
Md5:    6b8b306ceb4dc10cda0a40f7c18959ea
Sha1:   aef6ce20ef729eb603a42d37421015d260674e5d
Sha256: f3316d113634dc036e33152adb6456ab09669204a5709d80f3d348594d3f4f49
                                        
                                            GET /hy.js?q22q2q2 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:27 GMT
ETag: W/"603dd2d7-db43"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2romayBD3tY8zAK68n8%2BVhu%2BWdhOgSFGyC%2B8zErSfmLujZkQ%2B8Jb7Uviai7o9lTfgudUV0l%2BaBCKMXhsDuoKKYOEYPzVUyECIU%2BrobP6QcISV0Tq3QDMP%2Ft3A7zTN2zH2JS5UUy9mo9v8gM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d040298bb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (56131), with no line terminators
Size:   17517
Md5:    f12634066d38736854588dc61b5ba109
Sha1:   623e90c430f1609e59e16407553e2d2ff8882d8e
Sha256: 7ca898a6218b8e61a9a999ffb0c76a9c60f86dfd4353b2496225e6473c72c0de

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2AA0C30966697E59D598E14A468BFB9A71A8931B266E624C2D762FBBB4119EA3"
Last-Modified: Thu, 08 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15772
Expires: Fri, 09 Sep 2022 19:26:48 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            GET /400/3064505 HTTP/1.1 
Host: inpagepush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 072786aee5ad030be53d60e79859e609
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=5f9be270bf264198b789f9f2de6079f7; expires=Sat, 09 Sep 2023 15:03:56 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31809
Md5:    3cd6d9ab5bc80c20fd3cf50a3f25ef1d
Sha1:   b47b72e322e96b3727b80b3f6ccc8968a09bdc14
Sha256: 520e1986282bbbe6e53e94f68a0c421f44cb25b29a85c3f17a3599c4e78bc66e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "DB92840470FA48E20BAAE9FDD4DE77DAEC5B4E9711A7F683E7B29A8D12812045"
Last-Modified: Thu, 08 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1991
Expires: Fri, 09 Sep 2022 15:37:07 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0C53F446393986865C5C7258C53C9B838FC46D95F4CA2BF4C47DAC3B678F4D39"
Last-Modified: Wed, 07 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6275
Expires: Fri, 09 Sep 2022 16:48:31 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C00DB3BABB0CF3E019FD2B6948045CEACEA4D5048F3B78E52A1333DED8626542"
Last-Modified: Wed, 07 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Fri, 09 Sep 2022 16:08:55 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5B9097CEAFC959E2AF15925D506AEEC4170AEB1779B9865F3A3DD5A821E48F4E"
Last-Modified: Wed, 07 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1804
Expires: Fri, 09 Sep 2022 15:34:00 GMT
Date: Fri, 09 Sep 2022 15:03:56 GMT
Connection: keep-alive

                                        
                                            GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=cinefilmeshd.uproxy2.org&var=&ymid=&var_3= HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:56 GMT
content-length: 705
x-trace-id: e6c35892c5a1972c8a063c31a6fcb88c
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (704)
Size:   705
Md5:    7ad612ba985069de5ed23e191e1460df
Sha1:   d62ec67d002619b410c7779f33c9d8085529712d
Sha256: e864268e094678e08d66bf7d539f3d173cf7d9250e67e1a78b053f9faac42f07

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /releases/v5.7.0/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         172.67.169.247
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: A7gW0WA38bPBuOI8uyetNu3HQ0n2cWwrOmEUeid0bFUOWwpQDuhxBjs3vjm6FMAQVkplRK7khTU=
x-amz-request-id: 4AKZRB1QC6BSZZXC
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Wed, 30 Jun 2021 15:45:15 GMT
ETag: W/"251d28bd755f5269a4531df8a81d5664"
Cache-Control: max-age=31556926
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OYgzpqEl7937X%2B6oxtiMQcREaydUJa4AaEYNRj0UIYqt%2Bsy6eehQtI1oYem%2FMkkD0Ve%2FzCBJ0pDzKlxtUG1AnQRYXyYtGACjtfye3uOMTI6hyAVDorQ4RA9Ijxek5SJnUEzXALc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d0402bcd0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (54456)
Size:   11769
Md5:    908ad8ce630e8e4ee82a627b5860627a
Sha1:   39704ad19fd18f76f69015c266fe166f456efc59
Sha256: 5e43744d2dbdec67393e984614d956296e6de11f993c3c5f44e518e1189e5cd4
                                        
                                            GET /widget/js/widget-ui.js?784632c0 HTTP/1.1 
Host: static.arc.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         194.242.11.186
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 15:03:56 GMT
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e778805c4e5c5f628037e09656926e00
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41203), with no line terminators
Size:   14274
Md5:    187bab23311ff3f0a1e7a63504ac5f53
Sha1:   ef66545c2b3c105f51924506fda76796547a290f
Sha256: 5564046dc6900fefbf16d05378ac1903ae8e585f49e9db609d135337fd95be5c
                                        
                                            GET /TH5z5DM.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 25 Jul 2021 13:23:59 GMT
etag: "063ed504acc2ee96cec413d248379761"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 15:03:56 GMT
age: 3558401
x-served-by: cache-iad-kcgs7200039-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 28
x-timer: S1662735837.671617,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 94 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size:   1476
Md5:    063ed504acc2ee96cec413d248379761
Sha1:   c2ba3db79e0b25c801ff431539a63d17014533ca
Sha256: 5718709bc4408d9d06689ad12333e3e79299dd44abcf447ca6a5718aedc8a517
                                        
                                            GET /6.2.2/bundle.min.js HTTP/1.1 
Host: browser.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.130.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: public, max-age=31536000
expires: Fri, 17 Mar 2023 07:22:09 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 15:03:56 GMT
age: 15234106
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65448)
Size:   20633
Md5:    a948fc086ec14683f3f2270913c7f702
Sha1:   945e9d1a6a70d4e3f87dbd1058879bcddcb40a1d
Sha256: 0bb5309b61da0b307549c7c9edd6a61766a86d3dd317d093525fddeebeb212e9
                                        
                                            GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1 
Host: deemsoil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a57a75cf2bbfa71f3462f4df647acfeb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37119), with no line terminators
Size:   13414
Md5:    096a09beafff404810f55967b2a52ab1
Sha1:   16c973ef5cec045a134569c258c7398aaa71a05c
Sha256: d534e5bc3cb51cc272f5535310a990b63c22194b17149c4b5ebf511cf7c4be10

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /matomo.js HTTP/1.1 
Host: matomo.hellohi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         172.67.219.82
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.js
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpxp4jBbl0kfLBn4rzZFXo7xxma3h5biHZjp6I7WGYGocBjwXLKKU1ciSd3naieHklDj%2BuMnMihSIAeC8fsWzv15Uo3VdmbMltATPZMNEjaP3Oh9ExZXj8Gy8%2B8IE4lDFuIj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d0446f39b50f-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    f3099a531821c476589c3d2d00d53772
Sha1:   8e539d05a8355d6835a56f94b75f405c6e55f6f3
Sha256: a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
                                        
                                            GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 02:51:33 GMT
expires: Tue, 05 Sep 2023 02:51:33 GMT
cache-control: public, max-age=31536000
age: 389543
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Size:   26304
Md5:    29404b5009a74d47f2a7923da5741fd5
Sha1:   c8c7a68af3f7e4f92d932203efda0c38e4d170ab
Sha256: 0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 156588
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5146
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 15:03:56 GMT
Last-Modified: Fri, 09 Sep 2022 13:38:10 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.1.0.47 HTTP/1.1 
Host: xilften.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.89.81
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Sep 2022 15:03:56 GMT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
expires: Mon, 03 Oct 2022 21:22:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=15768000;
cf-cache-status: HIT
age: 495678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z2GWzesbCzR063pf93ThNFnflAxqs5JfTvpl0ay%2BR%2BjMwY37sfTtxi%2BL4QOv6HleLTVFdqDE94g8O7U5qE%2B%2Bpfu7lUFtgTAgV9ec0rEEpRLUOAE9dqynbbT1bY4Lvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7480d0405dcf0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4756
Md5:    ea5df96a9e683ae5ef81fb533f81e7dd
Sha1:   f9bdd2784bdf859ce637dbf144731eec35ed525a
Sha256: 2f13181a125343baf321733331b29beb75df3412424f527a5cf7a13ee8e35dbc
                                        
                                            GET /video.wixstatic.com/video/51a01e_b207016b8cfa42ca82a8325041077a2e/144p/mp4/file.mp4 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 09 Sep 2022 15:03:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcTzWa2w8zc5U4XuSHocVV5slctyQ0yiH%2FNb6awnnixsl25%2FUYLEedK3hRu6f4prkiSw3rT8rjHYpswRxK0Y1EbDoC6892b0TzrGA4Qz5iDW12V2TeOOXJJjh%2FFFFvGmFKB4HQHbhCMbeJA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d0442f1f0b3d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411)
Size:   195460
Md5:    e70837193b0c1b110beed0b8ff7bf6e2
Sha1:   eb45a82acd238a8a46aaec1beaa86a0cffcaf618
Sha256: 257a3798ad35330cea1ac8998026ca5e6b4b3ecb4eecd349b16ced1e2b170746

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /video.wixstatic.com/video/51a01e_d22d7a840c684bcb9a406863e8ec5eb9/144p/mp4/file.mp4 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 09 Sep 2022 15:03:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfYv43REiHu5J3eFgtUqOaUxoPxfI2X%2BoB83RWDHeBU%2BjUM1EmGVXCrXZoicCdbbweWeib9iipmdYSHCi3QXh%2BHMEG3bBdgu8c4R1OhSrMaYg5ic5G%2FmLZgYZ3KO6O48t%2F1CrF1RLwBg2qM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d0442d900af6-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411)
Size:   195460
Md5:    e70837193b0c1b110beed0b8ff7bf6e2
Sha1:   eb45a82acd238a8a46aaec1beaa86a0cffcaf618
Sha256: 257a3798ad35330cea1ac8998026ca5e6b4b3ecb4eecd349b16ced1e2b170746

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /video.wixstatic.com/video/51a01e_b80e095dde6d4ab9a3ad8a4bd17d9d12/144p/mp4/file.mp4 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 09 Sep 2022 15:03:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLlhUClXj%2FRJfDjekf9wWqRPEx8shXQ8UwDD6%2FmvH58WiZ3XQtivQQc6YxEmiam15VC%2FZ4379q5YP4LJa1kOOzVVdB9ReYRR2TiWvFCvljShz6tRxKGb9Ndit%2BiHcQbYL4%2FrwboWwBc8gS4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d0442e9bb529-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411)
Size:   195460
Md5:    e70837193b0c1b110beed0b8ff7bf6e2
Sha1:   eb45a82acd238a8a46aaec1beaa86a0cffcaf618
Sha256: 257a3798ad35330cea1ac8998026ca5e6b4b3ecb4eecd349b16ced1e2b170746

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /metrika/tag.js?1001 HTTP/1.1 
Host: metrica-yandex.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.11.244
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Fri, 09 Sep 2022 15:03:56 GMT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 29691811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hX7ZUrZArrj3%2BmL74MXaSDrKgU7N2j1X857iqwQrRoBD5Cj8jG%2FwUYcT9%2BJNV01UCFH%2FNoNiTN5mfItY6syZt2T1WEkaQa84RnAesG6b89nGNHat3kecOx9zgvXpZUB734P2sh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d0401b610afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60271), with no line terminators
Size:   214167
Md5:    2a2a39fc997262ab78c35213fe802e84
Sha1:   2c16506bac1959b04a6f232b81a600fc5a927aa2
Sha256: a373f86ef09183ee42fecdc8f9d3818d137d04a7a0d04ab665df357c83c65391
                                        
                                            GET /helper-js/ HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hCkB%2FV3gxWxSZXnRO0B4zjSNOSdYcGdIYGCIx0hU3GzWw6mUJsRf0JNWdMPuBimLG7aI1%2BJei%2BjKW1WtEZ6TE8JgVNJqWXcOXGXEEl%2B3tUV0tlW0VEJVm91uNUnqZ9f7AHQzyalpQEC0WM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d045784a0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2612), with CRLF line terminators
Size:   1025
Md5:    8a512cc3f939cbb1f1f8ed66d051b617
Sha1:   17a59f24fa6e4a348c5c7a4560aba50fb329a532
Sha256: a4c33fe7b7af1ff42c3cb4dbefa91919980b7d2f933a856dbf211762bc3b0695

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ntfc.php?p=2651991 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
If-Modified-Since: Mon, 05 Sep 2022 12:32:41 GMT
If-None-Match: W/"6315ec69-3922"

                                         
                                         139.45.197.251
HTTP/1.1 304 Not Modified
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Last-Modified: Mon, 05 Sep 2022 12:32:41 GMT
Connection: keep-alive
ETag: "6315ec69-3922"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /video.wixstatic.com/video/51a01e_abd93ab6725e4a6690756616bf34844d/144p/mp4/file.mp4 HTTP/1.1 
Host: cinefilmeshd.uproxy2.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.89.215
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 09 Sep 2022 15:03:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIisaFoNqCgq9x6P6C%2F4qiNURRPBBKYXLCNDxeLOBY8dhyxRLIepn5r6Zvy5xJPijXWJrzW%2FLjlTJCihM8n1kULAA2lqc8Gat7ITAsEHLEAUxgG6jBhqzRRISeaQCOOJMzJd0dU6bGFMWFQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d04429470b51-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /400/4837723 HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: addbdb082f6b8123fc1dac48b69db701
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=ef174025c4ad492685a8ff8f113a85a3; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30878
Md5:    5415be4aeca151b4a0cb9dc5f3772ddd
Sha1:   857415d68ccff6c9245c4d274f14cce8850d8bd9
Sha256: eb3c88e884f5dfe41bf6f6e84c15b2c558459b3f1ef0370bff24b6dc5c58ee0d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /42/38?z=3372123 HTTP/1.1 
Host: toshelmeton.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: scm=1; OAID=d2b252ee20c244bc8849125f4aee8cd0; oaidts=1662735836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ad08574cc93dd49cf6c9df433596d950
access-control-expose-headers: X-Sc
set-cookie: OAID=d2b252ee20c244bc8849125f4aee8cd0; expires=Sat, 09 Sep 2023 15:03:57 GMT; secure; SameSite=None oaidts=1662735836; expires=Sat, 09 Sep 2023 15:03:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 15:03:57 GMT
Last-Modified: Fri, 09 Sep 2022 13:50:51 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -y5DeMh4NMUgjEnO8ZK7P8ZNZ9gMwXz2ZJeEzMWC3IECmsCRfWr7mg==
Age: 4387

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.28.172.243
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
set-cookie: uid_id2=b4cb04aa-dadd-44bd-90cc-6341980c2252:3:1; expires=Mon, 06 Sep 2032 15:03:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    4fe76d723ec23a3e599054a366381fe2
Sha1:   d5bad7d97af1f54e2e96d18a69f5de9025cfa2d1
Sha256: 022de5a0d19db7f60a73d43538b6a93037ac68c7694b1416bd96715ffb866a2c
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.392 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:56 GMT
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-20481"
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   81858
Md5:    a89e362df703b3c534471ca89b6597ab
Sha1:   45bc16a918407e05815a488cea191ed31102fc60
Sha256: fadafdb08542d5249c0b1f384f50955f73aa68980c302564cccbbb8b0ead45f3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /400/4495524 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: dfa41e86c1ccc942ba58070e03a1093f
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=44a39a825eb0407a94d261ad5f90ea1e; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31212
Md5:    6218f155eb228a0c8d14a4fe1b11d88f
Sha1:   e4ba8354d252260d4507644a9bb64cb8ab739418
Sha256: 506b9d9521751162b70cac02a9d365297f529b336b9503c414084f4132c3d298
                                        
                                            GET /5/2632704 HTTP/1.1 
Host: toshelmeton.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.239
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 52eb1c0088046c8563078e6d25d8c2f6
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=29ec076a75834202bf1c418d4f065c79; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/ oaidts=1662735837; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (62317), with no line terminators
Size:   23211
Md5:    c48e59295a1c17f3108461c2c60c7600
Sha1:   f5ecaa412f7586c1b18108fd413bbc43aeb52227
Sha256: 125e66e416de1e504716e4f78f458530e311173b6419db22c90c1f7a6e901504
                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         104.21.234.232
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 476e83d17944c2aa46d20e2a21cb7eee
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 09 Sep 2022 15:03:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d9sdzb9EIRefZhw%2FZSKTNP%2B4Uap9dPak97S8CL2WLRXZxVrB9u8SF3lSmY9A4Jffzgz3iGYw5FhREIyW5Gp2XdiCb%2BfsNxP8I1yIaw62QO%2FvXVubcdhEFs8VXB32fxyNyVDMhY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d0460fff71f3-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   22840
Md5:    487ad2b48cd98e36abf708a3b60f4a36
Sha1:   ccf7b110523d50bb619becd48c3f013cc5fdce87
Sha256: 768eff747f795e1232d182eb859170e32d4f06ed29da872c09af5363c459668f
                                        
                                            GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=cinefilmeshd.uproxy2.org&var=&ymid=&var_3= HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 705
x-trace-id: 7264bc97cfe230e6f9587ff5b64b9771
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (704)
Size:   705
Md5:    7ad612ba985069de5ed23e191e1460df
Sha1:   d62ec67d002619b410c7779f33c9d8085529712d
Sha256: e864268e094678e08d66bf7d539f3d173cf7d9250e67e1a78b053f9faac42f07

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.392 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 05 Sep 2022 12:32:41 GMT
If-None-Match: W/"6315ec69-20481"
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 304 Not Modified
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: "6315ec69-20481"
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /t/p/w1280/1DBDwevWS8OhiT3wqqlW7KGPd6m.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         54.230.111.115
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 98514
Connection: keep-alive
Date: Sat, 13 Aug 2022 04:07:09 GMT
Server: openresty
Last-Modified: Mon, 01 Aug 2022 20:57:10 GMT
Cache-Control: max-age=31449600
ETag: "d7fed00f974098af440976190307298e"
Expires: Sat, 12 Aug 2023 04:07:09 GMT
X-Rack-Cache: fresh
X-Content-Digest: 9c2e910136b5df93cf045893eed30c3e8bf390ba
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: bgxGVlFjH4fYNhdNnr5UEvZSpt2o8yPCTYQmrx9fE5O8m-Jcz0qkOw==
Age: 2372208


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size:   98514
Md5:    992fc48677aee00118b6c563dcc159b4
Sha1:   9c2e910136b5df93cf045893eed30c3e8bf390ba
Sha256: f5f8c6efdcfdbd66ffab8d55079e21e4ae8b03238383751067d3986de03cf05b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=529882,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7480d047dcecb527-OSL

                                        
                                            GET /gid.js?userId=47f688041ba4494b982340c6ff00e5e0 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 65
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    f58274395de305856c4ea7c5256628a0
Sha1:   4e96c305165580be20ec08d9fd7b44a77d69ee13
Sha256: 4a433f99b44fb8f639ee469a051df9f02cf0ec2633f9626166c9de86c4bf158f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 03:02:17 GMT
Expires: Fri, 16 Sep 2022 03:02:16 GMT
Etag: "7e3edc42b5335cdc558d694b3fd5a610532fa66d"
Cache-Control: max-age=560898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7480d04849edb500-OSL

                                        
                                            GET /400/4495524 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 568f124882980976ef54d8366f70ee73
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=7b1b1b942b604f9cbfce8feaf58886a4; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31212
Md5:    6218f155eb228a0c8d14a4fe1b11d88f
Sha1:   e4ba8354d252260d4507644a9bb64cb8ab739418
Sha256: 506b9d9521751162b70cac02a9d365297f529b336b9503c414084f4132c3d298
                                        
                                            POST /matomo.php?action_name=Xilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&idsite=1&rec=1&r=447507&h=15&m=3&s=48&url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&_id=674b59e87165e686&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NzKnLX&pf_net=21&pf_srv=158&pf_tfr=84&pf_dm1=1086 HTTP/1.1 
Host: matomo.hellohi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         172.67.219.82
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=Xilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&idsite=1&rec=1&r=447507&h=15&m=3&s=48&url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&_id=674b59e87165e686&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=NzKnLX&pf_net=21&pf_srv=158&pf_tfr=84&pf_dm1=1086
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDypwxOnyZaitMD0AiOuMdTGr4RHvVAbiq33RAa0MgPk8e4ohbFarhUUxWufYDGUAPe97TXS7SPPdaV%2FZhMAUcCJzBHrXvFF1nebcIyB3vBABgQXcknAjEC6hFCQIMJrW1%2FQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d0499df4b50f-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    f3099a531821c476589c3d2d00d53772
Sha1:   8e539d05a8355d6835a56f94b75f405c6e55f6f3
Sha256: a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 0
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /gid.js?pub=0&userId=b5950addcf614c9e8abdadfe3f955a2a&zoneId=2651991&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Cookie: ID=47f688041ba4494b982340c6ff00e5e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 65
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    f58274395de305856c4ea7c5256628a0
Sha1:   4e96c305165580be20ec08d9fd7b44a77d69ee13
Sha256: 4a433f99b44fb8f639ee469a051df9f02cf0ec2633f9626166c9de86c4bf158f
                                        
                                            OPTIONS /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=47f688041ba4494b982340c6ff00e5e0 HTTP/1.1 
Host: toshelmeton.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Content-Type: application/json
Origin: http://cinefilmeshd.uproxy2.org
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
content-length: 39
x-trace-id: ef6f4e36552a4e4e7f2d770b33439757
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "53DA5BEC884BAFF9439281C3AA81B8C56A3340E3723068BE76CF1799BDC660D1"
Last-Modified: Thu, 08 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15758
Expires: Fri, 09 Sep 2022 19:26:35 GMT
Date: Fri, 09 Sep 2022 15:03:57 GMT
Connection: keep-alive

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cinefilmeshd.uproxy2.org/
Content-Type: text/plain;charset=UTF-8
Origin: http://cinefilmeshd.uproxy2.org
Content-Length: 1958
Connection: keep-alive

                                         
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 09 Sep 2022 15:03:57 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/3064505?excludes=&oaid=47f688041ba4494b982340c6ff00e5e0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: inpagepush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

                                        
                                            GET /?rb=wEVP9a_A7j7xPuZTJzw9i6FklGpao1ptcSubKAQyGv31GVeUP-h6YyL20Cbk5EO3-m1jBSePBAqD_ZCbbiu7T0T5z5m6Iwt7GOdn0knwbyxFeF4R-QvVgNzsmxeKrDBaoWSb1hNJD_-GcwpfjRmH9_wwPvU1IfdIQF077mOgunkL4beakteg1lri1rx7CBWjJuoA6oPuCxHsButAst3bimKJ8vp_VALCa2T9Bg%3D%3D&request_ab2=0&zoneid=3388548&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=d60fe0ff-e1b2-4f23-89a9-44d4664dd97f&userId=47f688041ba4494b982340c6ff00e5e0&m=link HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8128898f304c79a8ce840ae77a3e9fd4
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/ oaidts=1662735837; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/ syncedCookie=true; expires=Fri, 16 Sep 2022 15:03:57 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2290), with no line terminators
Size:   1779
Md5:    e34752703a9dbe67704ed5d59318e1af
Sha1:   282ed68f99b809d6fa693ed307d147074d5bfec9
Sha256: 0caf5e870901e91fbc16ddb43b92800ed8a82c262295df4d73f03f70c9b20398
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E130B306C2CE41E91439C173DA8C0BB495BD5A9CE04E38F27BD6BF39D858FD90"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3263
Expires: Fri, 09 Sep 2022 15:58:20 GMT
Date: Fri, 09 Sep 2022 15:03:57 GMT
Connection: keep-alive

                                        
                                            GET /500/3064505?excludes=&oaid=47f688041ba4494b982340c6ff00e5e0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: inpagepush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Sep 2022 15:03:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1acf90349422e1fa7c7e2ce1de421024
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Vary: Origin
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (1451), with no line terminators
Size:   1164
Md5:    6d81b0a2db78413e00048a2a6ef3dbee
Sha1:   5def155ddb143aefad9e4c0b2c7abee9ceb6fad3
Sha256: 13f89dcc3eb365edf4d28501bf7097d8e5d6a99b3bb37dcae9325930b58720bc
                                        
                                            GET /401/4837723?oo=1&oaid=47f688041ba4494b982340c6ff00e5e0 HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:57 GMT
x-trace-id: c4723ae64235336cec7ab540ae3c1fb7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2052), with no line terminators
Size:   787
Md5:    94f36f3f58908e7bd354f2a920668acf
Sha1:   f63f0bad59b26ee5bdb96ea4c39c619f264daef0
Sha256: cd5147363993cb9701ef6c4244266240f3d754b8a9f0760d6a827a53ec1869a9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.32.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Sat, 10 Sep 2022 12:30:47 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 9191
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d04c5bde95fa-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   66121
Md5:    3d08aacb36c7474e0d13b60f8f4adc14
Sha1:   e4af2de372b5e3a2211579a5973ef7ed160e7be4
Sha256: 54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.205.240
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 15:03:57 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v2fHH82i3pb%2Br2s332X5oLvKXahUy93vPqrbynTcmxkNcModNbHgGRkEmYUZZIERKP85Jogp5LhofXLPIAR8zyOy0A4ou4GdzpZhgVsmY%2By3hzEUlLCiDliMgxbGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d0476fb81c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Size:   12259
Md5:    a647f2e3420802463792083d2b885225
Sha1:   11aaecff716a5d1568ccb734bade96a9a67f8a69
Sha256: f9ff6bf0016d02c0f09a5b53ca9f78a15fa707fa358d3d35700561fb83a1861e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EAD23C004FB06735A1FC4F6C6846A5CB43D28FC25788B74113CA59670F72154"
Last-Modified: Thu, 08 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1854
Expires: Fri, 09 Sep 2022 15:34:52 GMT
Date: Fri, 09 Sep 2022 15:03:58 GMT
Connection: keep-alive

                                        
                                            GET /uJ34BCH.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 13 Sep 2021 20:15:43 GMT
etag: "2f8f75ed615640762ede2730e3fa4dd4"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 15:03:58 GMT
age: 2596044
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662735838.269803,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 7702
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   7702
Md5:    2f8f75ed615640762ede2730e3fa4dd4
Sha1:   74ccac33413ab50404f197f9fb8913b810dedd15
Sha256: 405c80c5d3133e880413d3ae104f7f2525e82bb1ca72bcc4f0d4391a077dfb82
                                        
                                            GET /UdzopGB.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 13 Sep 2021 20:15:22 GMT
etag: "350942a337552b3fbf1cb387213c9257"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 09 Sep 2022 15:03:58 GMT
age: 2690810
x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662735838.270506,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 875
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   875
Md5:    350942a337552b3fbf1cb387213c9257
Sha1:   74e3ef90924c1c97fe45feeb8ae6aad492ebd5df
Sha256: 8003784a9ac0ea603996120f654f49e9f7fc54b17dc131029c30e9b59a89e831
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7364
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 15:03:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7364
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 15:03:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7364
Expires: Fri, 09 Sep 2022 17:06:42 GMT
Date: Fri, 09 Sep 2022 15:03:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12107
x-amzn-requestid: 9ea883d8-b844-49d0-8651-67124d2c0852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgHANIAMF5rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-137ad22c52baa6fb04ae190d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: P5OHHQ3YLSEkmgy4GUF6SfbGkPlrVxokjSQuZLVstQDT1DpLDtGEvg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:01:29 GMT
age: 61349
etag: "15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12107
Md5:    a9ca2de4e61d1aae73da7d13ad3ec727
Sha1:   15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad
Sha256: 911550bc2b8e4c4aad215692361fe494275002f89faa9eae2e2fc2664da1107c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:00:13 GMT
age: 61425
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9011
Md5:    ba8d1b764c2d18807caecb5ee1e046c0
Sha1:   c0e3d10ce67f77a92b54954410e30621af7ee87c
Sha256: f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 61123
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4002
Md5:    c9590b525c8b07a297c8784f02b161a1
Sha1:   cec8428d159a5bde29e89c64cfb04146f759d52b
Sha256: d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
age: 58140
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4532
Md5:    a5fdeb374d4e3669ce5d9ff2cd22cd19
Sha1:   70ede5692526afd351d134a391383461dafdc64f
Sha256: 10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
age: 62229
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7515
Md5:    60fa03262bb3728f24a4c7a8177ec788
Sha1:   09dcbdc6043f01dd56920cca3ce3920d0d07b795
Sha256: e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
age: 37864
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3125
Md5:    0078c7a407144a1ede33aef6f734eecf
Sha1:   113393e0dbabb3aff949d19ab6517ba1082b622d
Sha256: 42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
                                        
                                            GET /contents/s/ae/00/71/6471195c4c285e6808d454f8bc/01304130790376.png HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=wloyb2fsuwVIZzo&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoshelmeton.com%2F12%3Frnd%3D2215763704%26z%3D3372123%26b%3D14692460%26c%3D6046611%26var%3D%26d%3Dhttp%253A%252F%252Fageaccesscheck.online%252F%26cln%3D1%26btp%3D7%26rb%3D5Kn8PlNBDr-1XSBVhWGNPSYrpnKrsC68Q0uYJLuyeWmtMGvBcVsbYeQiUAfjtHY7b43VgShllSYaDfOBVhOuGFHAL0Y5rndHGiGSg1FaWuYdNQi80izc19vasVvjoNESV7NvDg2i7JN7tIwaOZnIuH24yloSJalH2Vrehvnpy6ads_D6HSBGKvwQLETkH2clOTQ-V_h7OCnFMfgzMxgDa7aB9aaTyl9Gg6WSvIUZPyhVcqFDzRxmaOBLIOyaV3Ve1Pca5_ikeMq4yHovHPAOU7_s-iDAadLuOeILgUGEKWln1uGANxCra5UV352S0j2fv2vKkyKCDCD9fEkoLvll7qGaNcOG0rhnUdeSp5nKE4zFLBd0G-nnVGhpz1_8hwCr9sU5GyDSSK2BkkeYxgjN2QRcBajI-9sIaSXEeyEGfZZHPKw0_5p3KLhls1JWuAKUSJoUvfYXWysvpA4gOxMbNFOEwZfy15165Yh_P-XNhyFSc66cGOQXOZessfpUB2aQ_V-vOdqMMPnmiCfUCzBT35jfqTukkkRh62kG2dpix6IkHwHOCO7msDnvG5N-sUOenRenJD2bxfxZpF1EIE31F7XpqoGd-HH1thNmPk1iPiw1r8BRCUr7ua5wvmJs3wI1YKfGlr4bbAC7h98f4aKmig%3D%3D%26bag%3DmNKGnCKTBOKKtZqQS9tgdQ%3D%3D%26ruid%3D82e3cb9e-f9b0-4ff2-928d-86c007285d39%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcinefilmeshd.uproxy2.org%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 5583
last-modified: Sat, 03 Sep 2022 20:39:30 GMT
etag: "6313bb82-15cf"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Size:   5583
Md5:    ae00716471195c4c285e6808d454f8bc
Sha1:   5e45b7984df9c48fd761612db6b9b3d0e6af8cb4
Sha256: 8b1ccb86967967dad18f2212a9db85f83d9aa35f6d782301a81c696c1aa592ba
                                        
                                            POST /custom HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Content-Type: application/json
Origin: http://cinefilmeshd.uproxy2.org
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 39
x-trace-id: ad65c782222c9a31deaaced614be35b6
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 15:03:58 GMT
Content-Length: 939
Connection: keep-alive
Expires: Tue, 13 Sep 2022 11:57:09 GMT
ETag: "853452c8d3770d22c8845745f50c7bb94a6ac4d4"
Last-Modified: Fri, 09 Sep 2022 11:57:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 223
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7480d04e1eebb4ee-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F0A10F2F7961A948DE7F64B7530139B1A8ABF691FD981F1B5A7C1AFFF2229C75"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16453
Expires: Fri, 09 Sep 2022 19:38:11 GMT
Date: Fri, 09 Sep 2022 15:03:58 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78 HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:03:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://cinefilmeshd.uproxy2.org
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15816950; expires=Sat, 10 Sep 2022 15:03:58 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 10 Sep 2022 15:03:58 GMT; secure; SameSite=None uncs=1; expires=Sat, 10 Sep 2022 15:03:58 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 10 Sep 2022 15:03:58 GMT; secure; SameSite=None uncs29=1; expires=Sat, 10 Sep 2022 15:03:58 GMT; secure; SameSite=None sleca286902791a7f4c98bcb1e812322cd78=[3364903]; expires=Fri, 09 Sep 2022 15:04:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b0c9e64b9da38c0092cc43be1f17c1aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5509), with no line terminators
Size:   3740
Md5:    4f004ed9b3a5c2170790c96f98f2d9aa
Sha1:   a0af61cc08ed7899eae1fd87c35ea9cae9635441
Sha256: 87ff706677974788f9a9057bc82ec2ff8813b334cfe497a9316b97ebc8620a4a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/4495524?excludes=&oaid=47f688041ba4494b982340c6ff00e5e0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /contents/s/41/b5/6e/8fbbd9acdcc2ccba835efd78d8/0238956222096.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=wloyb2fsuwVIZzo&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoshelmeton.com%2F12%3Frnd%3D2215763704%26z%3D3372123%26b%3D14692460%26c%3D6046611%26var%3D%26d%3Dhttp%253A%252F%252Fageaccesscheck.online%252F%26cln%3D1%26btp%3D7%26rb%3D5Kn8PlNBDr-1XSBVhWGNPSYrpnKrsC68Q0uYJLuyeWmtMGvBcVsbYeQiUAfjtHY7b43VgShllSYaDfOBVhOuGFHAL0Y5rndHGiGSg1FaWuYdNQi80izc19vasVvjoNESV7NvDg2i7JN7tIwaOZnIuH24yloSJalH2Vrehvnpy6ads_D6HSBGKvwQLETkH2clOTQ-V_h7OCnFMfgzMxgDa7aB9aaTyl9Gg6WSvIUZPyhVcqFDzRxmaOBLIOyaV3Ve1Pca5_ikeMq4yHovHPAOU7_s-iDAadLuOeILgUGEKWln1uGANxCra5UV352S0j2fv2vKkyKCDCD9fEkoLvll7qGaNcOG0rhnUdeSp5nKE4zFLBd0G-nnVGhpz1_8hwCr9sU5GyDSSK2BkkeYxgjN2QRcBajI-9sIaSXEeyEGfZZHPKw0_5p3KLhls1JWuAKUSJoUvfYXWysvpA4gOxMbNFOEwZfy15165Yh_P-XNhyFSc66cGOQXOZessfpUB2aQ_V-vOdqMMPnmiCfUCzBT35jfqTukkkRh62kG2dpix6IkHwHOCO7msDnvG5N-sUOenRenJD2bxfxZpF1EIE31F7XpqoGd-HH1thNmPk1iPiw1r8BRCUr7ua5wvmJs3wI1YKfGlr4bbAC7h98f4aKmig%3D%3D%26bag%3DmNKGnCKTBOKKtZqQS9tgdQ%3D%3D%26ruid%3D82e3cb9e-f9b0-4ff2-928d-86c007285d39%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcinefilmeshd.uproxy2.org%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 118207
last-modified: Sat, 03 Sep 2022 20:39:27 GMT
etag: "6313bb7f-1cdbf"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size:   118207
Md5:    41b56e8fbbd9acdcc2ccba835efd78d8
Sha1:   4c5a79269b0d5685ffdc4cbd915e6bf95459e321
Sha256: 63e1710367b21f6d151d129c97f21f47fe0972d5e476d3566fef07c77b39397c
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ea8b86acc20e8897251a485d3059aa20
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /matomo.php?action_name=Xilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&idsite=1&rec=1&r=285605&h=15&m=3&s=48&url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&_id=674b59e87165e686&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9kvXnM&pf_net=21&pf_srv=158&pf_tfr=84&pf_dm1=1086 HTTP/1.1 
Host: matomo.hellohi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         172.67.219.82
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Fri, 09 Sep 2022 15:03:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=Xilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&idsite=1&rec=1&r=285605&h=15&m=3&s=48&url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&_id=674b59e87165e686&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9kvXnM&pf_net=21&pf_srv=158&pf_tfr=84&pf_dm1=1086
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZCQdlZAAJn9dkCZHL50e5U7KJcd1BeQkdu%2B5pjJZwjf2ipQL2bYIcdRaOD78gxSDEIzMtbZ8WcHNx4ZQGSo%2FFlqIE1wifIlkAN6rInHnScIJBTvh%2F8Ok65phJq%2FzBGiqqRPig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7480d04ebccbb50f-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    f3099a531821c476589c3d2d00d53772
Sha1:   8e539d05a8355d6835a56f94b75f405c6e55f6f3
Sha256: a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72380
date: Fri, 09 Sep 2022 15:03:58 GMT
access-control-allow-origin: *
etag: "63186565-11abc"
expires: Fri, 09 Sep 2022 16:03:58 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Size:   72380
Md5:    f948ad97d8bcc64c1eee91e4e703f3f5
Sha1:   b5c35b5c139ddec32fe96bf89863fcf0845262bf
Sha256: 0d2dc3bdec9010c5375ac3fab62d3f33c2a3f961c6c974f2c0da8d584ed441e1
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwW8bRRTGZ9sckDiBegEEsrgAEnJ2187apoeKEIIi0qa0VOQGszNjZ%2FDszmpmx%2BvkFFFR9Yb5Dzafk0aFCIHElQo5lXqIhFRzIQf8P1RIOXFAdi0MT1q99%2FZ7h9%2F33tw7cBPiw9Hztet6TypFl1eqfuXt7SC4WtmUqetX%2Bs3o86h%2BtWJ677Wiqv9O5SPBuno59APfD%2Fygsi6NaOv%2B8lSEzE5aQbXlV%2BthNVipo2%2F%2B31vnwVIPvDchL0Py8dJj7wokGyFNflwTtpvr7N0PE6dorg16%2FPhO2k11kSJZlG3joZ0ez6eh7dP1R9Dp0QwXuvfvYCzHxHvyCHF6PIdE3DucccYKIkXMX0TRG0GoESQdgem7kPwpARjHjS2kyYMb2hR097lKp%2BqYLF38BVmMydKfV5AmP6wq2a%2Fc1srlUqcW%2FXYJ2R9BdkbI3CnyvUuQxSlY%2FhUk%2F40sX2wiTQ63rNKQvJx5l3IE2R5BiQGo9eCmn%2FTg2h5c5iHh5xUWBEHD54z6zRZjNd4QccT9gDbaAQ38qAnHpngD5NkATA3AzD4ys4%2BuHMC4X2F3SljuweZj4n2yjx4vUQiCwhIUlKCQBEVOUPTKI65saMsHXFkXB%2FMcznOtHOq8c0CPdN4RKTnIJuSl2V6ebV%2BgK84rNGxGLT9stKZwddZqxiwORDMIa2HIeKMJK0tIe2lmdW96o3KCTI4J%2BeYPxPQUVp2CyTdB3eugxbAR%2BqA7w3rTx1564tJYadYVvCo5uC6R5UvId70DNSGvzDhq229BsLNrX8TXx88e%2Fg1mSmSmxJfyMUFH3R%2Fe0gU5vKULS37aynKZyD06vd3tnObi8ncfi91CG76xZgcP32dTYVqefCpsvklTLtOOJd%2BvSs6FWdeGCfLLhv1MxDed3Vl1JnXZ5s0P1jeSzAhrpU5HoFNrT87A5Ji88PPR7Fm%2B%2BvU9SDOCcSUSd0bmAalPwbJ92GzBb%2FVlGLWYiTMPhSuHJowXP5UkUGLR07iE%2FU8fL%2BoDex8d8wZofhdpUqJnSvRUCaoGsO7yMM%2FM2bXfa7NArLxhrIx3GCujvn2%2BXCvPK41azadRayVoNKhoxPWw2Y4CTmlYj8IoojXkdsxeuzP5BwAA%2F%2F8BAAD%2F%2F%2FrrMK5hBAAA HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:03:58 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b3ddd198d516ae5252bbc7cfb814c6b6
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/4495524?excludes=&oaid=47f688041ba4494b982340c6ff00e5e0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: OAID=47f688041ba4494b982340c6ff00e5e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
x-trace-id: 5a682e04385f4f45e48a225d13f9722a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:03:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1210
Md5:    099e591e7d8cacc6a977b076c0b54bde
Sha1:   0bb107907c9b15978a66354098fc4b3aa7b9a26e
Sha256: d42c3f69c991489ce8b41307cd3517d9523548096242dff10d0f8f247a052ec2
                                        
                                            GET /fv.js?t=72747&cb=1406852485 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Fri, 09 Sep 2022 15:03:58 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 23eb976d71aeae8322a5defa13b59634
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 09 Sep 2022 15:03:58 GMT
content-length: 631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2b-732"
last-modified: Mon, 04 May 2020 16:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 472294
expires: Wed, 30 Aug 2023 15:03:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn%2B1t6%2FKEZnu3GTm1zva3NEoesqWwE6vVJXARouPl0aMpfToC%2BOWIyIfn%2BSiMInOtZ56aiQbLq2ej2MPWBKWFrxe9nNP7EvAssiV5bddZ2vINLNThKkrI0tCY1d%2F%2Bu8urJiGgbWF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7480d0510caa0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1796)
Size:   631
Md5:    c27520fe60c6f5f7cba22d6912e04494
Sha1:   59bdd4f097d44825326bfa7fdf075669deabaa09
Sha256: bfbb841e763e8cd7a378b0a6bb83b08251eb3ee0afd7bfcb6d55dae63f6f514d
                                        
                                            GET /watch/55692553/1?wmode=7&page-url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1059%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1318565596981%3Ahid%3A866239346%3Az%3A0%3Ai%3A20220909150349%3Aet%3A1662735830%3Ac%3A1%3Arn%3A332454936%3Arqn%3A1%3Au%3A1662735830180509298%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662735826899%3Aco%3A0%3Awv%3A2%3Ads%3A21%2C1%2C158%2C0%2C-5%2C0%2C%2C1143%2C13%2C%2C%2C%2C1560%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662735830%3At%3AXilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Referer: http://cinefilmeshd.uproxy2.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 419
date: Fri, 09 Sep 2022 15:03:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 15:03:58 GMT
last-modified: Fri, 09-Sep-2022 15:03:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    d87a7a2190423d4b5dbf9e222fed6a04
Sha1:   458e8cfc85d28a95d10733b9e968047e78a55a13
Sha256: 23b25332f55696085358829517ce3b4b5557f70841ad6ea81e452544e233f3df
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html HTTP/1.1 
Host: cdn.yourwebbars.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.6.19
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
last-modified: Wed, 09 Feb 2022 11:25:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKkIutP2X44sNitGTKFQzLxjPOVjsdSzta1C%2FHrUKuuVxypynzePn5e9BUJWf8WEYZ0290%2FQohNI6kLv16eVKuqNsSdl0gxx4BbbOK%2FhF9khr4ABdpq%2BlnRWVforcx6sHeWbdDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d04f2afcfab4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   772
Md5:    42571c1136c11b3a2e6b8568ec86f696
Sha1:   75bf33ef08699028e58c4a4ea83a59661f489b70
Sha256: 109796f057c4b820843727a5c33f584c65ecae05def79b2e649a1b79d07c3d9f
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3694
Expires: Fri, 09 Sep 2022 16:05:33 GMT
Date: Fri, 09 Sep 2022 15:03:59 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.183.56
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
content-length: 82807
last-modified: Tue, 08 Feb 2022 14:25:26 GMT
etag: "62027d56-14377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3214696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m6WJ2VUIC%2Fi1flQ18u%2BZvBCGt%2B3YVoPFsuqLK26z6IRlxgsRGS8Jb3uemplPFQxpzpXm5YNtHPjZe4SqSTXIh40Hr5M%2BQtWO%2BKN1HVqEQHmvco1Xkrz5AZ815okKoXcdcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d0538a0db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 435x290, components 3\012- data
Size:   82807
Md5:    85f73b8e6875d66c6d73ebdefc72c793
Sha1:   7281bfc203aa9c27601828765ba37b28b79c2476
Sha256: f2772dd68c9e122cb84b4c535502d3c7034437ca7c053fc781da626cf1a1064f
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.183.56
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3214697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLZqjJ%2FulquXQ6MbGWQyutQtmFxnOXGhoakoRsyOL3l%2BgMZ5VH0Gb9zsHPaF%2FUgXeFW2FytnBn2moOS0DeOw3JHVEQgUqZdlJLD6amD8sSavmY9QZmfZzjAewy6VS3eLfl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d0538a0cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   796
Md5:    f806a2774ac6096ae84d3a1bfa33bf36
Sha1:   a6266d8c0fee8a61c0b6fff9a824ee29390cc260
Sha256: 8261a7123e9696910e3af25cf4f0553a1bbfa22fd1c1e93cd1bc782664f68df3
                                        
                                            GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Sep 2022 15:03:59 GMT
Date: Fri, 09 Sep 2022 15:03:59 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   660
Md5:    55130bf120bd75a4bba7d678be617cdf
Sha1:   77b172c0cc1d15e60ab95edccf3ac1e640d16812
Sha256: 262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Findex.html&l=1659&fd=607 HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:03:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D95B58E41E1C427E623E8E510FC2D9152920B1DE1592586102EFDE8AC963BFFD"
Last-Modified: Wed, 07 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8124
Expires: Fri, 09 Sep 2022 17:19:23 GMT
Date: Fri, 09 Sep 2022 15:03:59 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=b4cb04aa-dadd-44bd-90cc-6341980c2252&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.29&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 15:03:59 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b4cb6553557d5c4bee2ae666f378979
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /mailbox/nodes/Lm9uFArs7gdDx3PidedHsA HTTP/1.1 
Host: warden.arc.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Content-Type: text/plain;charset=UTF-8
Origin: http://cinefilmeshd.uproxy2.org
Content-Length: 275
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.223.141.84
HTTP/2 204 No Content
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

                                        
                                            GET /watch/55692553?wmode=7&page-url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1059%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1318565596981%3Ahid%3A866239346%3Az%3A0%3Ai%3A20220909150349%3Aet%3A1662735830%3Ac%3A1%3Arn%3A332454936%3Arqn%3A1%3Au%3A1662735830180509298%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662735826899%3Aco%3A0%3Awv%3A2%3Ads%3A21%2C1%2C158%2C0%2C-5%2C0%2C%2C1143%2C13%2C%2C%2C%2C1560%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662735830%3At%3AXilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 302 Found
                                        
location: /watch/55692553/1?wmode=7&page-url=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1059%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1318565596981%3Ahid%3A866239346%3Az%3A0%3Ai%3A20220909150349%3Aet%3A1662735830%3Ac%3A1%3Arn%3A332454936%3Arqn%3A1%3Au%3A1662735830180509298%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662735826899%3Aco%3A0%3Awv%3A2%3Ads%3A21%2C1%2C158%2C0%2C-5%2C0%2C%2C1143%2C13%2C%2C%2C%2C1560%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662735830%3At%3AXilften%20-%20Veja%20Filmes%20e%20S%C3%A9ries%20Online%20Gr%C3%A1tis&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 15:03:58 GMT
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
set-cookie: yandexuid=271097911662735838; Expires=Sat, 09-Sep-2023 15:03:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=271097911662735838; Expires=Sat, 09-Sep-2023 15:03:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=1255646171662735838; Path=/; SameSite=None; Secure i=UC9oFGRoEs/qQceOFZNYcZebCF9TW84ao79lUFBifzZz0Gu75p+Qy1GAw2zitrBE23FinYOwOmzliOGUfyh38hLZ3OM=; Expires=Mon, 06-Sep-2032 15:03:40 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1694271838.yrts.1662735838#1694271838.yrtsi.1662735838; Expires=Sat, 09-Sep-2023 15:03:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 15:03:58 GMT
last-modified: Fri, 09-Sep-2022 15:03:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2459
Md5:    8f3a4f5cc81ddebb09501e82a8677e67
Sha1:   5928a7eeae41d0fc95fc1cd12245baa57ed7cb61
Sha256: ab02cb06ea931d32466f575fc6287da35821a67953d71055332b21eae0283447
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fstyle.css&l=10065&fd=332 HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:03:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 09 Sep 2022 15:03:59 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Fri, 09 Sep 2022 16:03:59 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fjs%2Fscript.js&l=468&fd=649 HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:03:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 20:15:31 GMT
Expires: Thu, 07 Sep 2023 20:15:31 GMT
Cache-Control: public, max-age=31536000
Age: 154109
Last-Modified: Wed, 11 May 2022 19:24:48 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.183.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5hwCylIu0nj7Wev2lZDO4xSBHWd%2BOLsjb%2BKiwQW7fsdFAbFg1kCIs%2FlykXkMG8TGBtD2FDQRqDDGTv9KieGLcRKcUE51Hn2LiphpgE%2Bbw1ZD8ChubcbtPsFshdtGqa2N08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d05339bfb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   20675
Md5:    3dc4d4b6b0d08d02130362a7dc0e4fd0
Sha1:   68e248add624490a760d884ceb71361141e677c1
Sha256: 2e2f1f341b83e8c79fa70d9db28649168e2d772d97f85dc0d64325f14ae30d14
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz28bRRTHZ9sckDiBegEEsrgAEnJ2145%2F0ENFKUERaVNaKnKD%2BWVn8OzOambH6%2BQUUVH1hvkPNl8njQoRAokrFXIq9RAJqeZCDvh%2FqJBy4oDsRhietHrv7fcdPt%2F35t6en5IQnp5eu252lNZ0eaUaVt7ejKLLlXWV%2BkFl0Gp83qhfrtj%2Be%2B1GNXyn8pHkPbMch1EYRmFUWVVWdsxgeSZCZUftqNoOq%2FW4Gq3UMbD%2F750P4GgA0Z%2BSl6HEZOlxcAmKj5EmP16Trpeb7N0PE69pbiz64vBO2ktNkSJZlB0boJMenk%2FDuKerj2DSgzkuTP%2FfQaYmJHjyCCw9PIcE6%2B%2FPOZmGTMHEiyj6Y0g9hqJjcHMXSjwlABe4sYE0eXDD2IJuP1fpTJ2QpbO%2FoIoJWfrzEtLkh6taDSq3jfa5MqnDoFNCDcZQ3TEyf4x85wJUcQyefwUlfiPLZ%2BtIk%2F0Npw2UKOfelRpDdcbQcgjqAvjZpwL4TgCfBUjEaYVHUdQMBadhq815TTQla4gwos1ORKOw0YLnM7wh8mwIrofgdheZ3UVPDWH9r3BbJZwI4PIJCT7ZRV%2BUKCRB4QgKSlAogiInKPrlgdAuduUDoZ1n0XmOz3OtHJm8u0cPTN6VKdnLpuSl%2BV6ebZ6hJ08rNG412mHcbM%2Fg6rzdYpxFshXFtTjmotmCUyWUuzC3ujO7UTlFpiaEfPMHGD2G08fg6k1Q%2FzpoMWrGIejWqN4KsZMe%2BZRpw3tSVJWAMCWyfAn5drCnp%2BSVOUdt8y1IfnLlC3Z98uzh3%2BC2RGZLfKkeE3T1%2FdEtU5D9W6Zw5KeNLFeJ2qGz293OaS4vfvex3C6MFWvX3PDh%2B3wmzMqjT6XL12kqVNp15PurSghpV43lkvyy5j6T7KZ3W1e9TX22fvOD1bUks9I5ZdIx6MzakxNwNSEv%2FHwwf5avfn0Pyo5hfYnEn5DzgDLH4NkuXLbgd%2BYirF7MsCxA4cuRjdnip1YEWi56ykq4%2F%2FRsUe%2B5%2B%2BjaN0Dzu0iTEn1boq9LUD2E8xdHeWZPrvxemweYDkZM22Cfaau%2Ffb5cp04rtVA0mezIJpP1lXpHcsFWVljIO5zVRKvFkbsJf%2B3O9B8AAAD%2F%2FwEAAP%2F%2Fej%2FlRmEEAAA%3D HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:04:00 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ad8211e75c4f83b6cad81c4671b7dbc
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.183.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 15:03:59 GMT
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0PJc3OCk8SGACqbGwVsBPYXGlZKXuyJPm0IMNzMfaGXNFGzkAGzMr25MlH1JtihZM5Mw3oKXtORTMVSfTgv%2F7K2Swg%2FTTa4Z5dCNmDxrlVSCjkpJOorEGckQOrOZ5kPQno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7480d0552bf4b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   351754
Md5:    1307ad0d628eba7269c0997e6ecc8b7f
Sha1:   8e9f4cb4d622879fa058f14fa64716d4ab6e8098
Sha256: 383408ff4c7625ac7aaf2dd4679c8b41a6e43620d6ca7a4373966468ad258a25
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: siegepolitical.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 15:04:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ipfs/QmRAsVUQcqHogtS5QjJDko6t172sDgH57tjr64YXVo9Nvt?clientId=39924a3d-62e3-4451-abab-8386153efc0e HTTP/1.1 
Host: strn.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         37.19.222.215
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 09 Sep 2022 15:04:01 GMT
content-length: 645263
cache-control: public, max-age=29030400, immutable
saturn-node-id: e44da331-851c-4786-b630-8e600f8ac2f3
saturn-node-version: 342_6a9edb9
etag: "QmRAsVUQcqHogtS5QjJDko6t172sDgH57tjr64YXVo9Nvt"
x-ipfs-path: /ipfs/QmRAsVUQcqHogtS5QjJDko6t172sDgH57tjr64YXVo9Nvt
x-ipfs-roots: QmRAsVUQcqHogtS5QjJDko6t172sDgH57tjr64YXVo9Nvt
x-ipfs-datasize: 645263
saturn-cache-status: HIT
saturn-transfer-id: 23493fdaf14c23ab58bd58ec36e7906d
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 480 x 480\012- data
Size:   645263
Md5:    15d06b53d5b23acf054c44d3fca47435
Sha1:   2721c8bb8b4e549291f1f40de93b4f429b70d7a7
Sha256: 7eb29ba275c179544f9336d88f256429f72b89396f14a28108909b98c34fa5ff
                                        
                                            OPTIONS /500/4837723?excludes=&oaid=47f688041ba4494b982340c6ff00e5e0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=8&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://cinefilmeshd.uproxy2.org/
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.238
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Sep 2022 15:04:02 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102077
Date: Fri, 09 Sep 2022 15:04:02 GMT
Etag: "631a282f-1d7"
Expires: Sat, 10 Sep 2022 19:25:19 GMT
Last-Modified: Thu, 08 Sep 2022 17:36:47 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nNkOIKDhJCrAYgBS3QLLJQbBfXlLj3cnFdMDScP33eLlthxhm42QIQ==
Age: 6512

                                        
                                            GET /11?rnd=1647638401&z=3372123&b=14692460&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=5Kn8PlNBDr-1XSBVhWGNPSYrpnKrsC68Q0uYJLuyeWmtMGvBcVsbYeQiUAfjtHY7b43VgShllSYaDfOBVhOuGFHAL0Y5rndHGiGSg1FaWuYdNQi80izc19vasVvjoNESV7NvDg2i7JN7tIwaOZnIuH24yloSJalH2Vrehvnpy6ads_D6HSBGKvwQLETkH2clOTQ-V_h7OCnFMfgzMxgDa7aB9aaTyl9Gg6WSvIUZPyhVcqFDzRxmaOBLIOyaV3Ve1Pca5_ikeMq4yHovHPAOU7_s-iDAadLuOeILgUGEKWln1uGANxCra5UV352S0j2fv2vKkyKCDCD9fEkoLvll7qGaNcOG0rhnUdeSp5nKE4zFLBd0G-nnVGhpz1_8hwCr9sU5GyDSSK2BkkeYxgjN2QRcBajI-9sIaSXEeyEGfZZHPKw0_5p3KLhls1JWuAKUSJoUvfYXWysvpA4gOxMbNFOEwZfy15165Yh_P-XNhyFSc66cGOQXOZessfpUB2aQ_V-vOdqMMPnmiCfUCzBT35jfqTukkkRh62kG2dpix6IkHwHOCO7msDnvG5N-sUOenRenJD2bxfxZpF1EIE31F7XpqoGd-HH1thNmPk1iPiw1r8BRCUr7ua5wvmJs3wI1YKfGlr4bbAC7h98f4aKmig==&ruid=82e3cb9e-f9b0-4ff2-928d-86c007285d39&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcinefilmeshd.uproxy2.org%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: toshelmeton.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cinefilmeshd.uproxy2.org
Connection: keep-alive
Referer: http://cinefilmeshd.uproxy2.org/
Cookie: scm=1; OAID=47f688041ba4494b982340c6ff00e5e0; oaidts=1662735836
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Sep 2022 15:04:03 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://cinefilmeshd.uproxy2.org
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 87ea4deb041b408a8f06bf4e814e86cc
access-control-expose-headers: X-Sc
set-cookie: OAID=47f688041ba4494b982340c6ff00e5e0; expires=Sat, 09 Sep 2023 15:04:03 GMT; secure; SameSite=None oaidts=1662735836; expires=Sat, 09 Sep 2023 15:04:03 GMT; secure; SameSite=None oaidvc=1; expires=Sat, 09 Sep 2023 15:04:03 GMT; secure; SameSite=None CNT=1_v1_bDDgAAEAAAAsS1NN; expires=Fri, 09 Sep 2022 16:04:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cinefilmeshd.uproxy2.org/
Content-Type: text/plain;charset=UTF-8
Origin: http://cinefilmeshd.uproxy2.org
Content-Length: 956
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.32.96.104
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Fri, 09 Sep 2022 15:04:03 GMT
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: 2d217aa6-3b5f-4aed-a49b-86e0d00d25f9
Access-Control-Allow-Origin: http://cinefilmeshd.uproxy2.org
Vary: Origin
X-Amzn-Trace-Id: root=1-631b55e3-6ccf51e32c8c47bb756f0ab0;sampled=0
Access-Control-Allow-Credentials: true

                                        
                                            POST /mailbox/statusReport HTTP/1.1 
Host: warden.arc.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzi