wbze.de/p_1g
109.71.253.25301 Moved Permanently 301 B IP 109.71.253.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1fb1256efad3f0df77fd6829c936357a
efff7e9964c9f0cd62b6458af37254528c604e27
2cf806a990343f34af87db6152f4aa764f1e5460a16a4ba7a7a74b52500e454c
GET /p_1g HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 19:34:52 GMT
Server: Apache/2.4.38 (Debian)
Location: https://wbze.de/p_1g
Content-Length: 301
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17263
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 19:34:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 19:09:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nzm-5yiOKJrJtVsxkOfFRGe27GBk-Qvk2uJ1aJS5YAnLvitYxTv5ZA==
Age: 1511
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MZvRIKMeQBRDFbsLqIF18RmoR7FXUwY1YHc9MkBGsdq9LjKQx5LDnQ==
age: 53978
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcd48e85a3edb1f10e37c37f785e8820
9db8a12089269a7a6505d57df401556ad2394261
2a60d91063fa914dba99ed97aa3c33cf9815bb3540a2c0621afb664c4082f60a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A60D91063FA914DBA99ED97AA3C33CF9815BB3540A2C0621AFB664C4082F60A"
Last-Modified: Wed, 14 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19071
Expires: Thu, 15 Sep 2022 00:52:44 GMT
Date: Wed, 14 Sep 2022 19:34:53 GMT
Connection: keep-alive
wbze.de/p_1g
109.71.253.25302 Found 150 B IP 109.71.253.25:0
File type HTML document, ASCII text, with no line terminators
Hash 5007f86a5d8039c1e21373bd60f1830b
f13b34480a8e5fbb7c0598179f673386a993e5d8
7afe6370144dd796f1e19c85eda0b3a1545ddca2bd035bf4e88c73412a27307b
GET /p_1g HTTP/1.1
Host: wbze.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Wed, 14 Sep 2022 19:34:53 GMT
Server: Apache/2.4.38 (Debian)
X-Powered-By: Express
Location: https://directflix.xyz/tv/105837/lovely-da-dhaba.html
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:37:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qy08a94VW0kXmtvxNx7GglAexQLHIHgX1dPcZS9YSBPep0grTeOpxQ==
Age: 1891
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf0d9a14f6ea4bbe23e401c8eec75004
3f9b7aa293f65042c7fa1dc3182e37284cd64eed
e8af75fd18f3605cb1757236c4a3996e70b786339e266ebda852b3ee02b4e97e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8AF75FD18F3605CB1757236C4A3996E70B786339E266EBDA852B3EE02B4E97E"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Thu, 15 Sep 2022 01:33:56 GMT
Date: Wed, 14 Sep 2022 19:34:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf0d9a14f6ea4bbe23e401c8eec75004
3f9b7aa293f65042c7fa1dc3182e37284cd64eed
e8af75fd18f3605cb1757236c4a3996e70b786339e266ebda852b3ee02b4e97e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8AF75FD18F3605CB1757236C4A3996E70B786339E266EBDA852B3EE02B4E97E"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Thu, 15 Sep 2022 01:33:56 GMT
Date: Wed, 14 Sep 2022 19:34:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4759
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:53 GMT
Last-Modified: Wed, 14 Sep 2022 18:15:34 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js
104.17.25.14200 OK 5.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js
IP 104.17.25.14:0
File type HTML document, ASCII text, with very long lines (14586), with no line terminators
Hash f44dd83db06c80bfde06118ae8acde77
42e5c552dc09f431aec9bc7960ffd96677332a4f
aeb59d15e7f5061f8389180bcec7bb9a48c830b1f8a7207c8bf1592be1ee9a1b
GET /ajax/libs/modernizr/2.7.1/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 5231
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-38fa"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 529283
expires: Mon, 04 Sep 2023 19:34:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ns9pTNCydtt5jfKZCyVeeE36Xa%2FLKoS0MDnUnXYVqTubFDpWL9sGD69HotB2oOoWKIYLgw%2F3%2FfoBQQqVkizPt0OSvYkqAMAGUTVjFnEi8E6ckULR1qcQ2w%2FhJ%2BfAnrI%2Btsj27E15"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ab900a6e3cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450
192.0.77.2200 OK 22 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ca1594545d5c7f2b41ada40d30150b3
149703fe206cd56fefcebc35b67bdb8b8aa8c75d
4e2bee3ee916aeb7b8a7e3642e4797b8971af56662d0a01d7e5696e3bc1f8956
GET /image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 21508
last-modified: Wed, 03 Mar 2021 01:54:07 GMT
expires: Fri, 03 Mar 2023 13:54:07 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/tnAuB8q5vv7Ax9UAEje5Xi4BXik.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a908ad21415aee00"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450
192.0.77.2200 OK 30 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 422a6e30d0061f71f165a9c7629cf61d
1c22b6a9d7e4426b7ec9189ee678c0e16d3d435e
952cbd36f4cc6c7cf0cbcaa8d3b74df7ea3df71238f2487ce5156ced83e92186
GET /image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 30398
last-modified: Fri, 16 Apr 2021 21:13:21 GMT
expires: Mon, 17 Apr 2023 09:13:21 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/h8Rb9gBr48ODIwYUttZNYeMWeUU.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1b3c40978f07fe83"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 5.4 kB IP 142.250.74.3:0
Hash cd134471fae36533a845a707719737bd
47baddc83cf2f9b7fee3949d4310a8040646a137
35f0f601110caf5119f94d6e2833e5141b6e3737e6973761700d2ba280e8e738
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450
192.0.77.2200 OK 24 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d9cc67dacd0187701fd2d22f0017818
97b062b454d56c346a7a9a39532f49d1c3525cc6
4b059a798c75b1ef790cdb7912c8b8552c0d63580d6bb75e74c504f5bcba3ffd
GET /image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 23532
last-modified: Sat, 09 Jan 2021 01:02:35 GMT
expires: Mon, 09 Jan 2023 13:02:35 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/lPsD10PP4rgUGiGR4CCXA6iY0QQ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88583ac70f7d7ae9"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450
192.0.77.2200 OK 13 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05033a25184263ac705509a42cb8bf44
10d8fe575e6852c40b65ebbe18947127111eb21f
6c42e93d166cfa6cfaf33281e2b390f7b4b9f0def66170b0fb71f8122aeefa77
GET /image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 13358
last-modified: Sat, 10 Apr 2021 08:23:46 GMT
expires: Mon, 10 Apr 2023 20:23:46 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/dkokENeY5Ka30BFgWAqk14mbnGs.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a47f197f05a08c56"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450
192.0.77.2200 OK 6.7 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e18414f04728e6bd60af71ff67a2136c
8fa93f11505b80d469c7e8ea2cd6d2a3f3005d9f
d097fcaaa1589c3fe973e2f4120aaf0ac1050b72724f15a6135e7d02bd6b8d0b
GET /image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 6652
last-modified: Sun, 04 Apr 2021 08:45:38 GMT
expires: Tue, 04 Apr 2023 20:45:38 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/b4gYVcl8pParX8AjkN90iQrWrWO.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8bf501776e84cda1"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450
192.0.77.2200 OK 21 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3663feb339ae0cdf7c3ddc46f3c9343f
fee86d19c2c1dfcda2b3b6042f6bcab82f27776d
b6f26e5047aefd05d5665b0abc5dc81019c81a1197483f6d009cbb53dcff5975
GET /image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 20976
last-modified: Wed, 31 Mar 2021 13:00:06 GMT
expires: Sat, 01 Apr 2023 01:00:06 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/msI5a9TPnepx47JUb2vl88hb80R.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "dad619008a004313"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450
192.0.77.2200 OK 10 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63af2b9b2cc410613d6eec455dedb4e3
52dc791bb3a669b62fbe273dc3e1994e1deb5cd4
90b4238b246ed28238c528776e6427a1d35db118fdf5ff6c15ad0cdf4e58885f
GET /image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 10056
last-modified: Sat, 20 Mar 2021 19:24:17 GMT
expires: Tue, 21 Mar 2023 07:24:17 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/9kg73Mg8WJKlB9Y2SAJzeDKAnuB.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7f96c2e18a6c4ade"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450
192.0.77.2200 OK 9.7 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a119e03763dc502493c3b1128eb3fc3
e5090c2d20f9cc7651a0e53c6310081f9c1a0e62
ee2b5f639c6f708d5d19d129e0ceff4d47d28817ef5f9aab7b7c928439c6cd12
GET /image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 9670
last-modified: Sat, 17 Apr 2021 16:24:09 GMT
expires: Tue, 18 Apr 2023 04:24:09 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/6vcDalR50RWa309vBH1NLmG2rjQ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "804d0c58aef9adb8"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450
192.0.77.2200 OK 19 kB URL HTTP/2 i1.wp.com/image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77b3a672a3b5cbf1d73b3e9f38d76845
51b7381cde2493dadbcd7c5785e29653cf1440fd
4ce9c9a06c90d58fd8b01ecd7c7f3152f59dd3a7d7dc4d7950766b4b6727fde4
GET /image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg?resize=300,450 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 19336
last-modified: Thu, 15 Apr 2021 14:07:51 GMT
expires: Sun, 16 Apr 2023 02:07:51 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/duK11VQd4UPDa7UJrgrGx90xJOx.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e208b3080d0647c5"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 19:09:20 GMT
expires: Wed, 13 Sep 2023 19:09:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 87933
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450
192.0.77.2200 OK 4.5 kB URL HTTP/2 i0.wp.com/image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccbf433f5c46f5d29060bff84734c9b1
9019cfa32844d6c2b622dd41e6a27bd77f3c5017
37b0164b97b83e3f7add8a68a39c0e2940deaa377e7217a0cfc1bf38d00cdce6
GET /image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg?resize=300,450 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 4548
last-modified: Thu, 28 Jul 2022 07:32:22 GMT
expires: Sat, 27 Jul 2024 19:32:22 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/grWS1nNexgCQacAIF6Um5PS5N5y.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "10c9bc9ae4a8d24b"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450
192.0.77.2200 OK 9.5 kB URL HTTP/2 i0.wp.com/image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84bfa15100282b2073b83b8ed75b20c9
30d010f199b94394f8cc567e8d32d2504e0a24b2
8fe734340d1d12d1da2cd03d31e69a9acddcfafabe325476b36377f5662f3da6
GET /image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg?resize=300,450 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: image/webp
content-length: 9492
last-modified: Wed, 25 Nov 2020 19:51:03 GMT
expires: Sat, 26 Nov 2022 07:51:03 GMT
cache-control: public, max-age=63115200
link: <http://image.tmdb.org/t/p/w300/l2UWZATSJRwwwx6XUBHQ6jSt4Ka.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "304533981d5d082b"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,500,700
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700
IP 142.250.74.10:0
Hash 38690bd8be8570fa9f89d8e85ddf50a2
689a4a8ea409268a85947f2ad3651493e06c7b0f
0466b42ea4d261cc9dbfc6efb9d1d490d2bc74ef351b80020570307d6ee84683
GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 19:34:53 GMT
date: Wed, 14 Sep 2022 19:34:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.10.207200 OK 5.9 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (23577)
Hash 09d68debdb33ab0a2f4f766f2b501af9
d901ad7ad9d767ca73f266b84f86050ad4d0e04e
3b624fd54c5546a3cb7848b056272828d5db12778eff23f7ed5bea5ca5eac46e
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 8625692
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab900a3af50b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oQyRk9Tv374Pd+Kl6elF5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xhLIjnrsi7hmp5dQh7fgdDrs958=
r3.o.lencr.org/
23.36.76.226200 OK 22 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a96925ebe65a0de9f2068883b73cb567
cc713a2e5f448579a8c115f4bb75f4635bdf8132
869d6f9cbdb6508d90589e3eac8428d723dc62bf0919332e4138a87df3b126d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7619C5B48EA5279D88BE91B3F36B3F21721D8B21CCEF9D27004BDA16DFDE13C6"
Last-Modified: Wed, 14 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19528
Expires: Thu, 15 Sep 2022 01:00:22 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
image.tmdb.org/t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450
89.187.169.3200 OK 28 kB URL HTTP/2 image.tmdb.org/t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 5c7a364b643bb5638ad8bf5052239d5e
de930867123c8ebf746c118111cad5c50b019000
b545e9163a9a780c5827deff1d8d62c10a0d8ad0d754b7380a57c49b3cd17ab4
GET /t/p/w300/juTJZCgNwcEeKtrxC6EygC2mKfJ.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: image/jpeg
content-length: 28308
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bfe7-6e94"
last-modified: Wed, 04 May 2022 18:03:19 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 302
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:32:41
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 93ec330914453aba17832a5d79035afa
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450
89.187.169.3200 OK 23 kB URL HTTP/2 image.tmdb.org/t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash b21a3636fd2eb3d52f870f7c3125ec6a
a2b3cb6533ec74900938b0786f14be8228c97f43
c8db8be1e1b115efa7aed7e559ca9012824ee4707b164de6369eb1c415e2d475
GET /t/p/w300/o4osJO1dMVw91fA9yssbdoFBSZk.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: image/jpeg
content-length: 23106
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b626-5a42"
last-modified: Wed, 04 May 2022 17:21:42 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/17/2022 18:20:09
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: fcc6fdd0e7194c38bfc2e55ea8dead9b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/nFcuhbTf2aSKGyiiiUQPJmzwPWC.jpg?resize=300,450
89.187.169.3200 OK 39 kB URL HTTP/2 image.tmdb.org/t/p/w300/nFcuhbTf2aSKGyiiiUQPJmzwPWC.jpg?resize=300,450
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash e0796a2f3d0ad47224b2d3da4a6ea925
824bc1e91eec4dbf28ae6b1df0866a03f33e1a28
dded07d7c13d0d272843ad6a7bf1f81a19f95df6bc9f5104d4d068df002b1f35
GET /t/p/w300/nFcuhbTf2aSKGyiiiUQPJmzwPWC.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: image/jpeg
content-length: 39267
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "629aa012-9963"
last-modified: Fri, 03 Jun 2022 23:58:10 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 300
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/22/2022 07:04:10
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 35ad9b8f52ff6efa1f1cb803b17ff690
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450
89.187.169.3200 OK 67 kB URL HTTP/2 image.tmdb.org/t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x900, components 3\012- data
Hash fccbc1d3d5c0110a7dc61fdcecc423be
12953617d9bf7acbbf42dd6bb8e5b8c5e6e14bcf
e587608ffb29b518c180fa16157c3768aa854ba027636f17ac6b776e6bcbe83b
GET /t/p/w600_and_h900_bestv2/xx0qvqa38gnWLZJwFTHXFYCPBB8.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: image/jpeg
content-length: 66669
server: BunnyCDN-DE-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b626-1046d"
last-modified: Wed, 04 May 2022 17:21:42 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 323
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/17/2022 18:20:09
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: b40a825f87eebb56ff30e7760731f4f3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32f5a5bef7e2a34f4ceb25d88b3da26e
7319108998ccd4e30554a37c38cc9c231b00076e
822cbdea56bd37a62b665e8a46da5df858c25a098c7bbb66a1a059f6fc9d1e94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "822CBDEA56BD37A62B665E8A46DA5DF858C25A098C7BBB66A1A059F6FC9D1E94"
Last-Modified: Wed, 14 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15156
Expires: Wed, 14 Sep 2022 23:47:30 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32f5a5bef7e2a34f4ceb25d88b3da26e
7319108998ccd4e30554a37c38cc9c231b00076e
822cbdea56bd37a62b665e8a46da5df858c25a098c7bbb66a1a059f6fc9d1e94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "822CBDEA56BD37A62B665E8A46DA5DF858C25A098C7BBB66A1A059F6FC9D1E94"
Last-Modified: Wed, 14 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Thu, 15 Sep 2022 01:34:27 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
coolsuperficialacerbity.com/2d/19/55/2d1955b06d85ee9ad464e4b0a25c7563.js
192.243.59.12200 OK 20 kB URL HTTP/1.1 coolsuperficialacerbity.com/2d/19/55/2d1955b06d85ee9ad464e4b0a25c7563.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59164)
Hash ae9ec8cc7e5b840edfea8044644010f0
b380590535825c6a4a4dabfdf6afd4419028cc2c
0220e558a5996560a2f36eaf6eec6a7a9028541132432a0fba4bf4ead9504faf
Analyzer Verdict Alert quad9 Sinkholed
GET /2d/19/55/2d1955b06d85ee9ad464e4b0a25c7563.js HTTP/1.1
Host: coolsuperficialacerbity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:34:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd28118=0; expires=Thu, 22 Sep 2022 19:34:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad2b7c60a4b1a3eb605ef37db4062fdd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
directflix.xyz/tv/105837/lovely-da-dhaba.html
104.21.8.132200 OK 22 kB URL HTTP/2 directflix.xyz/tv/105837/lovely-da-dhaba.html
IP 104.21.8.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (566)
Hash 445a99a2131dc7a8f7fa78364eedb71f
7b707f471c3b43f2ba78273636f287ce4baaf336
a636041e85173b0c3c706ea7f36379df525b1dd4c8407f39e375cf2ab1fa71cd
GET /tv/105837/lovely-da-dhaba.html HTTP/1.1
Host: directflix.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KQ2fQpTHvYfNLPjx%2FQ1c%2Brj0trKKhUrhq9Iw%2F4pupUnFhsC1bLpBH3l2z7e2jLrrktPas6Bk9X%2B0aQJYuOVi6crfBaOSrg9o0nBwTdjnnsNHnLDrkCzytxse5iQNk8mXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ab90084bf1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b49cbe398634cf2b215910276d9be9a
4ae8f41943046d91a6985339e3964ae9e8173ea5
3794a57946e873b1ebac2b28e1d0712ecf9f6af05a74c63cdb33981f8c1d75f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3794A57946E873B1EBAC2B28E1D0712ECF9F6AF05A74C63CDB33981F8C1D75F7"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15437
Expires: Wed, 14 Sep 2022 23:52:11 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8f4ef8df966072a94580afecf1b35f91
4c677ad586004935c473eac26ca322265456b18f
b3b317b2a3280e034775115498631650ce38188509f61450ad8c642651d06d94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 19:34:54 GMT
Last-Modified: Wed, 14 Sep 2022 18:51:44 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YNvwKyKUOoKbeXD3Zsh77INetUqlJk-E9hvhYEsQZFPDl5q_ohBAfQ==
Age: 2590
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash ddecf4e29c499aa56c4cc3fb251184e2
48c82f06a629ebd239b0d1dcd30db123b0726a0d
3aed2d85ef18026dac03a38975e4a2c2ac3d21324a1074fda85830197cf6e77c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://directflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=0bda381a-d658-4a68-b7fa-baa5dd414278:2:1; expires=Sat, 11 Sep 2032 19:34:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8f4ef8df966072a94580afecf1b35f91
4c677ad586004935c473eac26ca322265456b18f
b3b317b2a3280e034775115498631650ce38188509f61450ad8c642651d06d94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 19:34:54 GMT
Last-Modified: Wed, 14 Sep 2022 18:34:16 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D_mWkU_E5SCaznZvK0qzaoWfkuONAaU0u6vnibt0R6n4OWfUvHQltQ==
Age: 3638
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b49cbe398634cf2b215910276d9be9a
4ae8f41943046d91a6985339e3964ae9e8173ea5
3794a57946e873b1ebac2b28e1d0712ecf9f6af05a74c63cdb33981f8c1d75f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3794A57946E873B1EBAC2B28E1D0712ECF9F6AF05A74C63CDB33981F8C1D75F7"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15437
Expires: Wed, 14 Sep 2022 23:52:11 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash 369e0205429a3b35ddb1737126b1009d
241b54413daaa5b415fa194617913b195290fc2f
5a07a4f52c2fd8ef10845216c191c36759ac754934e934f85568f0a3206fca9c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://directflix.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; expires=Sat, 11 Sep 2032 19:34:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e26ce780f0d305003665605edf3167d1
8492d030707d5bdd89914276352195b9e924a7f6
1c3bf61075af972f2804f1a1fb70bb2080fff20bdb8a0795c54cf2dd32f8f2e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C3BF61075AF972F2804F1A1FB70BB2080FFF20BDB8A0795C54CF2DD32F8F2E3"
Last-Modified: Tue, 13 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Wed, 14 Sep 2022 22:02:28 GMT
Date: Wed, 14 Sep 2022 19:34:54 GMT
Connection: keep-alive
graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1834&rd=1834&fd=901&bv=22.9.v.1&tmpl=70
173.233.137.36200 OK 0 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1834&rd=1834&fd=901&bv=22.9.v.1&tmpl=70
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1834&rd=1834&fd=901&bv=22.9.v.1&tmpl=70 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50bce4aed8c2aeecb33b6baa72ae9604
4cec437019d211c267c7ac6d1ff5cfa39c2a44df
0479fce5e832c8a214ca28391571c265070861caaff6d6589614fc6b2d2ec418
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0479FCE5E832C8A214CA28391571C265070861CAAFF6D6589614FC6B2D2EC418"
Last-Modified: Wed, 14 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Wed, 14 Sep 2022 20:11:49 GMT
Date: Wed, 14 Sep 2022 19:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6240
Expires: Wed, 14 Sep 2022 21:18:55 GMT
Date: Wed, 14 Sep 2022 19:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6240
Expires: Wed, 14 Sep 2022 21:18:55 GMT
Date: Wed, 14 Sep 2022 19:34:55 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:47 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 209551834
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 59123
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 78521
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 77388
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP 34.120.237.76:0
Hash 4acf178bc12dc72f2f6c020628007b18
71e4711b8a15dad540657ecfd4c0942c81302f27
41ccc6fa102ee83886976ba15a5ecb197b8ff47bf8248b91176c65c1bfa015af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 77281
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 13:36:51 GMT
age: 21484
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 77752
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8e0a186b454a6118235cfaa53aa4b1b4
4cfcaaf353fb31e1c28c19c18a7c1508c780706c
110f5834215d51afd5da995960bc137cc4874c1e768914a772e4c051b8f66d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110F5834215D51AFD5DA995960BC137CC4874C1E768914A772E4C051B8F66D16"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10952
Expires: Wed, 14 Sep 2022 22:37:27 GMT
Date: Wed, 14 Sep 2022 19:34:55 GMT
Connection: keep-alive
s10.histats.com/counters/cc_511.js
46.105.201.240200 OK 6.0 kB URL HTTP/2 s10.histats.com/counters/cc_511.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (14926), with no line terminators
Hash e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:33:40 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 331416311
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:34:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68174f547f2ee133734c8d119a87f5f4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35ed61244af7c92beb3e5fa4261da336
1fcef7c3fb235f88f26100319eda223682e66a85
1ed69f539dd0cabc1f9601c221b9ace8984b10f84379cb5111c2759c87b356b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1ED69F539DD0CABC1F9601C221B9ACE8984B10F84379CB5111C2759C87B356B9"
Last-Modified: Wed, 14 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17843
Expires: Thu, 15 Sep 2022 00:32:18 GMT
Date: Wed, 14 Sep 2022 19:34:55 GMT
Connection: keep-alive
forgerylimit.com/sbar.json?key=383c49f3060d6d36461e4ba7103f21b7&uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548%3A1%3A1
173.233.137.44200 OK 3.1 kB URL HTTP/1.1 forgerylimit.com/sbar.json?key=383c49f3060d6d36461e4ba7103f21b7&uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548%3A1%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (5656), with no line terminators
Hash bc76b98b657e87ba53af4f13d8339b71
5039d30d2880d4e3cbbf016f9ce0b5a3a1c0f678
5e1e7d477d2d1e2a224c339421043d308f2edc25f41731c39a5861e1e1e30b2d
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=383c49f3060d6d36461e4ba7103f21b7&uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548%3A1%3A1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:55 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://directflix.xyz
Access-Control-Allow-Origin: https://directflix.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17519252; expires=Thu, 15 Sep 2022 19:34:55 GMT; secure; SameSite=None
uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; expires=Wed, 21 Sep 2022 19:34:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 15 Sep 2022 19:34:55 GMT; secure; SameSite=None
uncs=1; expires=Thu, 15 Sep 2022 19:34:55 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 15 Sep 2022 19:34:55 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 15 Sep 2022 19:34:55 GMT; secure; SameSite=None
slec383c49f3060d6d36461e4ba7103f21b7=[3364845]; expires=Wed, 14 Sep 2022 19:35:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28f7540cbbc1e78499ec8029f19eb78b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s4.histats.com/stats/0.php?4690921&@f16&@g1&@h1&@i1&@j1663184080889&@k0&@l1&@mWatch%20Lovely%20Da%20Dhaba%20Full%20Movie%20on%20123Movies%20on%20directflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:191763731&@b3:1663184081&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirectflix.xyz%2Ftv%2F105837%2Flovely-da-dhaba.html&@w
192.99.13.63200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4690921&@f16&@g1&@h1&@i1&@j1663184080889&@k0&@l1&@mWatch%20Lovely%20Da%20Dhaba%20Full%20Movie%20on%20123Movies%20on%20directflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:191763731&@b3:1663184081&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirectflix.xyz%2Ftv%2F105837%2Flovely-da-dhaba.html&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4690921&@f16&@g1&@h1&@i1&@j1663184080889&@k0&@l1&@mWatch%20Lovely%20Da%20Dhaba%20Full%20Movie%20on%20123Movies%20on%20directflix&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:191763731&@b3:1663184081&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdirectflix.xyz%2Ftv%2F105837%2Flovely-da-dhaba.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 19:34:55 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfUOYvzzr2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NSajsQTuot%2F161KgHyxH69v%2FYFR4c9SB6p%2BRFKDFZeOxdhOJjpN3vVqXbzk12%2BZ1uoWluLHri8IN0OzVliu58TKyHJD08U8O4p2uPYNKDmV2Y3r9CpibEe%2FIILD08MwnW25%2F5ZBoyBRMXUPbGkHoMRcfg5g6UeEoALnD9BtLuvevGlnTnGUun7IQs%2FPUnVDkhC79eRNp9uKJVv3bL6CJXJnXoJxVUfwzVGSMrjpAPzkGVR%2BD5p1CCIO1WUOLktcBvC8HafDFOOF2MRBQs0iSKF4VoN2nMBVuOWrNglBpDJWNoOQR1HorppzwUiYci89AVJzUeBEHTF5z6rTbnoWhKFgs%2FoM0koIEft1Dwqfch8mwIrofgdheZ3cW2GsIWP8FtVXDCg8sJeqJCKQlKR1BSglIRlDlB2asOhHYNV90T2hUsOOuNsx5WI5N39uiByTsyJXvZKXlhGph3YfNrbMuTWtgKedROQj%2F2RSzCOIoDGTHaDPwwaQSsCacqKHdu9syBmpBLXywgUxPy3Fc%2Fg9EjOH0ErjzQ4hJoOWo2fNCtUdTyMUgfCmUlzxOt%2BvX%2BzgDCVMjyBeQ73p4%2BJS%2FNVhfe%2Fh2SH1%2F9mF2b%2FHH%2Fb3BbIbMVPlGPCTr67mjTlGR%2F05SOfH8jy1VXDeh0rbdymsvz37wnd0pjxfqqG95%2Fi0%2BJ6fjgfenyDZoKlXYc%2BXZFCSHtmrFckh%2FX3W3JbhZua6WwaZFt3Hx7bb2bWemcMukYVE0IeXIMribk%2BR8OZhf78mcllB3DFhW6xTE5KyhzBJ7twmVz%2F86ch9VzDcs8lEU1sg02%2F6kVgZZzTFkF9x%2FM5vOeu4uOfQU0vzM71J6t0NMVqB7CFedHeWaPr%2F4SzgpMeyOmrbfPtNVfPgvXqZNaMwx9GreXg2aTyiaLGq0kDgSljShuxDENkbsJf%2FXyb%2F8AAAD%2F%2FwEAAP%2F%2FUaKVgHwEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfUOYvzzr2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NSajsQTuot%2F161KgHyxH69v%2FYFR4c9SB6p%2BRFKDFZeOxdhOJjpN3vVqXbzk12%2BZ1uoWluLHri8IN0OzVliu58TKyHJD08U8O4p2uPYNKDmV2Y3r9CpibEe%2FIILD08MwnW25%2F5ZBoyBRMXUPbGkHoMRcfg5g6UeEoALnD9BtLuvevGlnTnGUun7IQs%2FPUnVDkhC79eRNp9uKJVv3bL6CJXJnXoJxVUfwzVGSMrjpAPzkGVR%2BD5p1CCIO1WUOLktcBvC8HafDFOOF2MRBQs0iSKF4VoN2nMBVuOWrNglBpDJWNoOQR1HorppzwUiYci89AVJzUeBEHTF5z6rTbnoWhKFgs%2FoM0koIEft1Dwqfch8mwIrofgdheZ3cW2GsIWP8FtVXDCg8sJeqJCKQlKR1BSglIRlDlB2asOhHYNV90T2hUsOOuNsx5WI5N39uiByTsyJXvZKXlhGph3YfNrbMuTWtgKedROQj%2F2RSzCOIoDGTHaDPwwaQSsCacqKHdu9syBmpBLXywgUxPy3Fc%2Fg9EjOH0ErjzQ4hJoOWo2fNCtUdTyMUgfCmUlzxOt%2BvX%2BzgDCVMjyBeQ73p4%2BJS%2FNVhfe%2Fh2SH1%2F9mF2b%2FHH%2Fb3BbIbMVPlGPCTr67mjTlGR%2F05SOfH8jy1VXDeh0rbdymsvz37wnd0pjxfqqG95%2Fi0%2BJ6fjgfenyDZoKlXYc%2BXZFCSHtmrFckh%2FX3W3JbhZua6WwaZFt3Hx7bb2bWemcMukYVE0IeXIMribk%2BR8OZhf78mcllB3DFhW6xTE5KyhzBJ7twmVz%2F86ch9VzDcs8lEU1sg02%2F6kVgZZzTFkF9x%2FM5vOeu4uOfQU0vzM71J6t0NMVqB7CFedHeWaPr%2F4SzgpMeyOmrbfPtNVfPgvXqZNaMwx9GreXg2aTyiaLGq0kDgSljShuxDENkbsJf%2FXyb%2F8AAAD%2F%2FwEAAP%2F%2FUaKVgHwEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfUOYvzzr2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NSajsQTuot%2F161KgHyxH69v%2FYFR4c9SB6p%2BRFKDFZeOxdhOJjpN3vVqXbzk12%2BZ1uoWluLHri8IN0OzVliu58TKyHJD08U8O4p2uPYNKDmV2Y3r9CpibEe%2FIILD08MwnW25%2F5ZBoyBRMXUPbGkHoMRcfg5g6UeEoALnD9BtLuvevGlnTnGUun7IQs%2FPUnVDkhC79eRNp9uKJVv3bL6CJXJnXoJxVUfwzVGSMrjpAPzkGVR%2BD5p1CCIO1WUOLktcBvC8HafDFOOF2MRBQs0iSKF4VoN2nMBVuOWrNglBpDJWNoOQR1HorppzwUiYci89AVJzUeBEHTF5z6rTbnoWhKFgs%2FoM0koIEft1Dwqfch8mwIrofgdheZ3cW2GsIWP8FtVXDCg8sJeqJCKQlKR1BSglIRlDlB2asOhHYNV90T2hUsOOuNsx5WI5N39uiByTsyJXvZKXlhGph3YfNrbMuTWtgKedROQj%2F2RSzCOIoDGTHaDPwwaQSsCacqKHdu9syBmpBLXywgUxPy3Fc%2Fg9EjOH0ErjzQ4hJoOWo2fNCtUdTyMUgfCmUlzxOt%2BvX%2BzgDCVMjyBeQ73p4%2BJS%2FNVhfe%2Fh2SH1%2F9mF2b%2FHH%2Fb3BbIbMVPlGPCTr67mjTlGR%2F05SOfH8jy1VXDeh0rbdymsvz37wnd0pjxfqqG95%2Fi0%2BJ6fjgfenyDZoKlXYc%2BXZFCSHtmrFckh%2FX3W3JbhZua6WwaZFt3Hx7bb2bWemcMukYVE0IeXIMribk%2BR8OZhf78mcllB3DFhW6xTE5KyhzBJ7twmVz%2F86ch9VzDcs8lEU1sg02%2F6kVgZZzTFkF9x%2FM5vOeu4uOfQU0vzM71J6t0NMVqB7CFedHeWaPr%2F4SzgpMeyOmrbfPtNVfPgvXqZNaMwx9GreXg2aTyiaLGq0kDgSljShuxDENkbsJf%2FXyb%2F8AAAD%2F%2FwEAAP%2F%2FUaKVgHwEAAA%3D HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35a1bb9e3b8becf7477d7470e4e86fa4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42b63da6c6313abc8a4ad5e40cc9879f
46890c99dd612d363b080276dfb3f6a656f443b0
47e28a460ee3207f975d9e91d7232659cc625155137b45efa499bd92a0cc3cb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47E28A460EE3207F975D9E91D7232659CC625155137B45EFA499BD92A0CC3CB2"
Last-Modified: Tue, 13 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3143
Expires: Wed, 14 Sep 2022 20:27:19 GMT
Date: Wed, 14 Sep 2022 19:34:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8114
Expires: Wed, 14 Sep 2022 21:50:10 GMT
Date: Wed, 14 Sep 2022 19:34:56 GMT
Connection: keep-alive
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
104.26.6.19200 OK 444 B URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
IP 104.26.6.19:0
File type HTML document text\012- HTML document, ASCII text
Hash 4c1fd36459653fdbb6ad371a722bf2de
77883a039c3356fd53e87b675925c033f8f5b75d
9438cb218958c3a91446d30fc57939a372473b7c5455ff7f4f37afbeb2981c68
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:56 GMT
content-type: text/html
last-modified: Thu, 10 Feb 2022 09:30:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXjn%2BxVp%2B0gk6Q%2FiZtnzFaWgkuyTZK6ihVW0bb%2FlPSTSEyzegt6YQ894OgRMq0QHFwVwSBS%2FqEYr%2F1ou9M%2BS0HTvUJEcMw5D%2B%2BODyiSSZC3Nkq5sxhS8s8Qup%2F8AJpwntY1B2LI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab90189d2e0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=2d1955b06d85ee9ad464e4b0a25c7563&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=2d1955b06d85ee9ad464e4b0a25c7563&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=2d1955b06d85ee9ad464e4b0a25c7563&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:34:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62b552b74f5d875b111d50d1f6441984
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg
172.64.200.2200 OK 74 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg
IP 172.64.200.2:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 500x333, components 3\012- data
Hash edc025c8802080bcfb154c337fdb21a4
41d8d08c7984fcffbeeffee40e680e0a23d7f7e7
343eec76860bcb772bd3b2db18b495c7bd557cc20635141b3173c933b1df8592
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:56 GMT
content-type: image/jpeg
content-length: 73837
last-modified: Thu, 10 Feb 2022 09:31:00 GMT
etag: "6204db54-1206d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3663038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZleX28ZV0EfK2nEt8q2cT5nEN3TqMH08EL%2Feq68UBi6IvpZiM5vfbjQ%2BM3hpnTgFz1eaLh%2FQ7pIAjqMxtQwb0qBDQMkMs%2B%2FN67CiCQhLHXvEoLaFCfOMJWiENpKkZSnpaWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab901d2a964052-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=383c49f3060d6d36461e4ba7103f21b7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=383c49f3060d6d36461e4ba7103f21b7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=109ddb9c-6fca-4d41-af46-dd97a6cdb548&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=383c49f3060d6d36461e4ba7103f21b7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 14 Sep 2022 19:34:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ead4b6fde472c908f1bf461aec9b1e0
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8114
Expires: Wed, 14 Sep 2022 21:50:10 GMT
Date: Wed, 14 Sep 2022 19:34:56 GMT
Connection: keep-alive
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=223
173.233.137.44200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=223
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=223 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fanimate.css&l=79249&fd=334
173.233.137.44200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fanimate.css&l=79249&fd=334
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fanimate.css&l=79249&fd=334 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
forgerylimit.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfWOYvzzj2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NQajsQTuot%2F161KgHyxH69v%2B7Kzw46kH0TsmLUGKy8Ni7CMXHSLvfrUq3nZvs8jvdQtPcWPTE4QfpdmrKFN35mFgPSXp4xoZxT9cewaQHM7kwvX%2BJTE2I9%2BQRWHp4JhKstz%2FTyTRkCiYuoOyNIfUYio7BzR0o8ZQAXOD6DaTde9eNLenOM5RO0QlZ%2BOtPqHJCFn69iLT7cEWrfu2W0UWuTOrQTyqo%2FhiqM0ZWHCEfnIMqj8DzT6EEQdqtoMTJa4HfFoK1%2BWKccLoYiShYpEkULwrRbtKYC7YctWbGKDWGSsbQcgjqPBTTT3koEg9F5qErTmo8CIKmLzj1W23OQ9GULBZ%2BQJtJQAM%2FbqHgU%2B1D5NkQXA%2FB7S4yu4ttNYQtfoLbquCEB5cT9ESFUhKUjqCkBKUiKHOCslcdCO0arrontCtYcNYbZz2sRibv7NEDk3dkSvayU%2FLC1DDvwubX2JYntbAV8qidhH7si1iEcRQHMmK0Gfhh0ghYE05VUO7c7JkDNSGXvlhApibkua9%2BBqNHcPoIXHmgxSXQctRs%2BKBbo6jlY5A%2BFMpKnida9ev9nQGEqZDlC8h3vD19Sl6anS68%2FTskP776Mbs2%2BeP%2B3%2BC2QmYrfKIeE3T03dGmKcn%2Bpikd%2Bf5GlquuGtDpWW%2FlNJfnv3lP7pTGivVVN7z%2FFp8C0%2FHB%2B9LlGzQVKu048u2KEkLaNWO5JD%2Buu9uS3Szc1kph0yLbuPn22no3s9I5ZdIxqJoQ8uQYXE3I8z8czBL78mcllB3DFhW6xTE5KyhzBJ7twmVz%2Fc6ch9VzDss8lEU1sg02%2F6kVgZbznbIK7j87m8977i469hXQ%2FM4sqD1boacrUD2EK86P8sweX%2F0lnBWY9kZMW2%2Bfaau%2FfGauUye10BdNJhPZZDJajhI5zfIy83nCWShaLY7cTfirl3%2F7BwAA%2F%2F8BAAD%2F%2F9F2QGh8BAAA
173.233.137.44200 OK 667 B URL HTTP/1.1 forgerylimit.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfWOYvzzj2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NQajsQTuot%2F161KgHyxH69v%2B7Kzw46kH0TsmLUGKy8Ni7CMXHSLvfrUq3nZvs8jvdQtPcWPTE4QfpdmrKFN35mFgPSXp4xoZxT9cewaQHM7kwvX%2BJTE2I9%2BQRWHp4JhKstz%2FTyTRkCiYuoOyNIfUYio7BzR0o8ZQAXOD6DaTde9eNLenOM5RO0QlZ%2BOtPqHJCFn69iLT7cEWrfu2W0UWuTOrQTyqo%2FhiqM0ZWHCEfnIMqj8DzT6EEQdqtoMTJa4HfFoK1%2BWKccLoYiShYpEkULwrRbtKYC7YctWbGKDWGSsbQcgjqPBTTT3koEg9F5qErTmo8CIKmLzj1W23OQ9GULBZ%2BQJtJQAM%2FbqHgU%2B1D5NkQXA%2FB7S4yu4ttNYQtfoLbquCEB5cT9ESFUhKUjqCkBKUiKHOCslcdCO0arrontCtYcNYbZz2sRibv7NEDk3dkSvayU%2FLC1DDvwubX2JYntbAV8qidhH7si1iEcRQHMmK0Gfhh0ghYE05VUO7c7JkDNSGXvlhApibkua9%2BBqNHcPoIXHmgxSXQctRs%2BKBbo6jlY5A%2BFMpKnida9ev9nQGEqZDlC8h3vD19Sl6anS68%2FTskP776Mbs2%2BeP%2B3%2BC2QmYrfKIeE3T03dGmKcn%2Bpikd%2Bf5GlquuGtDpWW%2FlNJfnv3lP7pTGivVVN7z%2FFp8C0%2FHB%2B9LlGzQVKu048u2KEkLaNWO5JD%2Buu9uS3Szc1kph0yLbuPn22no3s9I5ZdIxqJoQ8uQYXE3I8z8czBL78mcllB3DFhW6xTE5KyhzBJ7twmVz%2Fc6ch9VzDss8lEU1sg02%2F6kVgZbznbIK7j87m8977i469hXQ%2FM4sqD1boacrUD2EK86P8sweX%2F0lnBWY9kZMW2%2Bfaau%2FfGauUye10BdNJhPZZDJajhI5zfIy83nCWShaLY7cTfirl3%2F7BwAA%2F%2F8BAAD%2F%2F9F2QGh8BAAA
IP 173.233.137.44:0
File type gzip compressed data, max compression\012- data
Hash cf0a55b1c474cdca97ba07ca66e5e8b8
fafffadd847d673c8dd7a6f7636433381b4beb0d
460230eb7b3d6b76fbd32e370cfeb600355e1b94ebda915f60ac713e8a82eacd
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NRNQmJUyG4WRRlwoTDpVXZXqbmcxGGMkmPkgo4w7fV%2FVeeZ1veK9qq5Or4KDMhuhRX9A5XQyYXQYFNw6SGdghKymXWVh%2FAUuRHDlQron2HqhuPfWOYvzzj2f7xWnxEdBT1avmYHSmi4t1%2F3a6x8GwZXahkqLfq3fij%2BKoys123uzHdf9N2rvSr5tlhp%2B4PuBH9TWlJWJ6S9NQajsQTuot%2F161KgHyxH69v%2B7Kzw46kH0TsmLUGKy8Ni7CMXHSLvfrUq3nZvs8jvdQtPcWPTE4QfpdmrKFN35mFgPSXp4xoZxT9cewaQHM7kwvX%2BJTE2I9%2BQRWHp4JhKstz%2FTyTRkCiYuoOyNIfUYio7BzR0o8ZQAXOD6DaTde9eNLenOM5RO0QlZ%2BOtPqHJCFn69iLT7cEWrfu2W0UWuTOrQTyqo%2FhiqM0ZWHCEfnIMqj8DzT6EEQdqtoMTJa4HfFoK1%2BWKccLoYiShYpEkULwrRbtKYC7YctWbGKDWGSsbQcgjqPBTTT3koEg9F5qErTmo8CIKmLzj1W23OQ9GULBZ%2BQJtJQAM%2FbqHgU%2B1D5NkQXA%2FB7S4yu4ttNYQtfoLbquCEB5cT9ESFUhKUjqCkBKUiKHOCslcdCO0arrontCtYcNYbZz2sRibv7NEDk3dkSvayU%2FLC1DDvwubX2JYntbAV8qidhH7si1iEcRQHMmK0Gfhh0ghYE05VUO7c7JkDNSGXvlhApibkua9%2BBqNHcPoIXHmgxSXQctRs%2BKBbo6jlY5A%2BFMpKnida9ev9nQGEqZDlC8h3vD19Sl6anS68%2FTskP776Mbs2%2BeP%2B3%2BC2QmYrfKIeE3T03dGmKcn%2Bpikd%2Bf5GlquuGtDpWW%2FlNJfnv3lP7pTGivVVN7z%2FFp8C0%2FHB%2B9LlGzQVKu048u2KEkLaNWO5JD%2Buu9uS3Szc1kph0yLbuPn22no3s9I5ZdIxqJoQ8uQYXE3I8z8czBL78mcllB3DFhW6xTE5KyhzBJ7twmVz%2Fc6ch9VzDss8lEU1sg02%2F6kVgZbznbIK7j87m8977i469hXQ%2FM4sqD1boacrUD2EK86P8sweX%2F0lnBWY9kZMW2%2Bfaau%2FfGauUye10BdNJhPZZDJajhI5zfIy83nCWShaLY7cTfirl3%2F7BwAA%2F%2F8BAAD%2F%2F9F2QGh8BAAA HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c41d194921e82a06e3191a7578a2cfa0
Strict-Transport-Security: max-age=0; includeSubdomains
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=344
173.233.137.44200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=344
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=344 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
forgerylimit.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Cookie: u_pl=17519252; uid_id2=109ddb9c-6fca-4d41-af46-dd97a6cdb548:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec383c49f3060d6d36461e4ba7103f21b7=[3364845]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 14 Sep 2022 19:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg
172.64.200.2200 OK 73 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg
IP 172.64.200.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash f7f43cbaf44cecd9379a5b68f07f3544
3270f551cddd02455c8371ffb4b271f6399da804
97a82a26d156ffa5f6adfeeff7227f3a3db97f81fe487c45a92130d0243250d1
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:56 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 09:30:59 GMT
etag: W/"6204db53-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3663038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTIvmLs%2FmnxEwNaHh1VmAVNjDyI3ueO%2BY6M2e51h1m69aubYBTC6l1h2oMlCaa%2F7JOM24mnq1UEV%2FOhGcABwLMta2LcE5bKa1SQFxI2EnIlJZuWQRAGy95VOIm%2BbtkfrVOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab901d2a854052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80786e640acccfa61ef2aaa27a2a95fa
94663318844e6567f2d160d620eb9ed777fba2a3
686348c1aa038c5109c39c3491524a98bcfc5b1559568391ba7fb240a285a064
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9467
x-amzn-requestid: d14b460e-2aa5-41c8-9a8b-4da671156014
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv3HJJoAMFWgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7fe-0643dea6458034ab51d840d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rVAqQoiN5d1Ph-lVvB7luXmG0zQJuvLi8I_B-xGbJjLkyyAid6rktw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:07:08 GMT
etag: "94663318844e6567f2d160d620eb9ed777fba2a3"
content-type: image/jpeg
age: 77274
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js
IP 172.64.200.2:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 09:31:01 GMT
etag: W/"6204db55-18d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZQoH9fnEgT5qwgwa5vvkkm2fS509Nf9OJyKLEPqnaXLMLI7DonI%2F%2BzUGAoUXbYxdBGCIlJxxZfgSFRZk0eeO2%2BV1831nNxDJzsut0bZ%2FndlwZxNYpTtm2dHYqI8kZ3zCsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab901ce9f54052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
IP 172.64.200.2:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:57 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:57 GMT
etag: W/"6204db51-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzxL8LYRlcykpnD4GOMa%2FKhw%2F%2F8KK0pXztjzFjNDpJZXrJfnwzdo8zZRierPcJ9iL0hC%2BpKqe3I1FIyXrhkNUIw0d7tx%2F%2BdM6E6hlHijra99ZPCtTSNrCbaKqVkOAzZJGMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab901ce9ec4052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
IP 172.64.200.2:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://directflix.xyz
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:57 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:56 GMT
etag: W/"6204db50-15b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMS%2FbTauAU1ylQ0BfLNsancAVL6XLlKdxkpQQzowwZ35e6N596nNwFCrEI6ZLGPdYU2HS23hXSfhNUIAnf19cOkCo1xeq%2FbMP%2FwatC22BbR8rdPCxL589nik35XKtyEpERA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab901ce9f94052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/24/2022 14:58:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
cdn-cache: HIT
cf-cache-status: HIT
age: 8633479
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab900a4b040b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:53 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:48:47
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 39b7a4107ac99785daf3883d73227d5f
cdn-cache: HIT
cf-cache-status: HIT
age: 11294413
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab900a5b160b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5582a33a61e5fccabad9ed7a1daa4d04
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 14 Sep 2022 19:34:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ohu7i461VbSe7z%2FzIVPBzfngMCAnkcdQ9J4r%2BDqV%2BTR7nnkuekDt%2FbO4ct9jbkt3x5yW0vPbvCKX1JJvb%2F%2FMyfmhuiQDkndp0%2BShKxC6P0uZJVjk87Z058zPTBYGdIoWkRAGbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab900f7f037470-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directflix.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:34:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 34677144c14f798e361e8dfcb540c459
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 14 Sep 2022 19:34:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpwQJMe%2FkuH%2Fic4YgRmfvTXhuhv4uLOwSX9Ko4jtqv3jSPgI4yEniIRagJ7wYlpvxfzFLcaNvSdZe4mk%2B8zwH8zv%2F1EbueVJ81KJf2pz9jNa1s7k%2Fvrh%2Bmqw5Pf14YDuPzAvGZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab900ff81bbbb0-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2