urlscan.io logo urlscan.io
SecurityTrails logo

new.gdflix.cfd Open in urlscan Pro
2606:4700:3037::6815:5dd5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gdflix.cam/file/2ueeqw7ydv
Effective URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Submission: On February 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 20 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3037::6815:5dd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is new.gdflix.cfd.
TLS certificate: Issued by E1 on January 24th 2024. Valid for: 3 months.
This is the only time new.gdflix.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
5 5.45.74.150 58061 (SCALAXY-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:24f... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
4 172.67.220.203 13335 (CLOUDFLAR...)
5 52.85.132.111 16509 (AMAZON-02)
5 104.21.59.152 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
4 6 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 50.7.24.35 174 (COGENT-174)
1 2606:4700:303... 13335 (CLOUDFLAR...)
48 18
1    2606:4700:3037::ac43:c606 (United States)

ASN13335 (CLOUDFLARENET, US)
gdflix.cam
1    2606:4700:3031::6815:3ca0 (United States)

ASN13335 (CLOUDFLARENET, US)
gdflix.cam
1    2606:4700:3031::ac43:d269 (United States)

ASN13335 (CLOUDFLARENET, US)
ddflix.xyz
3    2606:4700:3037::6815:5dd5 (United States)

ASN13335 (CLOUDFLARENET, US)
new.gdflix.cfd
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
5    5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com
greenfox.ink
1    2606:4700:3030::ac43:a49b (United States)

ASN13335 (CLOUDFLARENET, US)
buzzonclick.com
1    2606:4700::6811:ac3e (United States)

ASN13335 (CLOUDFLARENET, US)
velocecdn.com
5    2600:9000:24f0:9a00:2:c93f:62c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2tvgfsghnrkwb.cloudfront.net
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:e6::ac40:c407 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
4    172.67.220.203 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
5    52.85.132.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-111.iad50.r.cloudfront.net
ourtshipanditlas.info
5    104.21.59.152 (None, )

ASN13335 (CLOUDFLARENET, US)
cathedralinthei.info
1    2a03:2880:f112:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2607:f8b0:4004:c0b::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
3    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3031::ac43:dce7 (United States)

ASN13335 (CLOUDFLARENET, US)
revive.stats.rip
1    50.7.24.35 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)
amd-cdn-1.absole-catenaliggette-i-282.site
1    2606:4700:3035::ac43:be41 (United States)

ASN13335 (CLOUDFLARENET, US)
px.greenfox.ink
Apex Domain
Subdomains		 Transfer
6 google.com
accounts.google.com — Cisco Umbrella Rank: 24
3 KB
6 greenfox.ink
greenfox.ink — Cisco Umbrella Rank: 326321
px.greenfox.ink — Cisco Umbrella Rank: 362210
13 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
challenges.cloudflare.com — Cisco Umbrella Rank: 4394
194 KB
5 cathedralinthei.info
cathedralinthei.info
2 KB
5 ourtshipanditlas.info
ourtshipanditlas.info
6 KB
5 cloudfront.net
d2tvgfsghnrkwb.cloudfront.net
232 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 32929
202 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 gdflix.cfd
new.gdflix.cfd
362 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
149 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
2 KB
2 gdflix.cam
gdflix.cam
1 KB
1 absole-catenaliggette-i-282.site
amd-cdn-1.absole-catenaliggette-i-282.site — Cisco Umbrella Rank: 324745
36 KB
1 stats.rip
revive.stats.rip — Cisco Umbrella Rank: 401571
589 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 39720
1 velocecdn.com
velocecdn.com — Cisco Umbrella Rank: 174389
36 KB
1 buzzonclick.com
buzzonclick.com — Cisco Umbrella Rank: 681974
536 B
1 ddflix.xyz
ddflix.xyz
455 B
48 20
Domain Requested by
6 accounts.google.com 4 redirects new.gdflix.cfd
5 cathedralinthei.info new.gdflix.cfd
d2tvgfsghnrkwb.cloudfront.net
5 ourtshipanditlas.info d2tvgfsghnrkwb.cloudfront.net
5 d2tvgfsghnrkwb.cloudfront.net new.gdflix.cfd
ourtshipanditlas.info
5 greenfox.ink new.gdflix.cfd
greenfox.ink
4 pogothere.xyz d2tvgfsghnrkwb.cloudfront.net
4 cdnjs.cloudflare.com new.gdflix.cfd
cdnjs.cloudflare.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 new.gdflix.cfd new.gdflix.cfd
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com new.gdflix.cfd
www.googletagmanager.com
2 challenges.cloudflare.com 1 redirects new.gdflix.cfd
2 fonts.googleapis.com new.gdflix.cfd
2 gdflix.cam 2 redirects
1 px.greenfox.ink
1 amd-cdn-1.absole-catenaliggette-i-282.site
1 revive.stats.rip 1 redirects
1 www.facebook.com new.gdflix.cfd
1 youradexchange.com buzzonclick.com
1 velocecdn.com new.gdflix.cfd
1 buzzonclick.com 1 redirects
1 ddflix.xyz 1 redirects
48 22

This site contains links to these domains. Also see Links.

Domain
greenfox.ink
t.me
Subject Issuer Validity Valid
gdflix.cfd
E1		 2024-01-24 -
2024-04-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
greenfox.ink
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
pogothere.xyz
GTS CA 1P5		 2024-01-27 -
2024-04-26		 3 months crt.sh
ourtshipanditlas.info
Amazon RSA 2048 M03		 2024-02-20 -
2025-03-20		 a year crt.sh
cathedralinthei.info
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-06 -
2024-03-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://new.gdflix.cfd/file/2ueeqw7ydv
Frame ID: C4E2C16F1C3C5D95BB7713093E5DE317
Requests: 42 HTTP requests in this frame

Frame: https://ourtshipanditlas.info/aFQ4dzcJNlsaCAlpWlFCGjgFUgUucQoxU1ogThBRGzNQGUUDI1pZVAQ7TRNRGjtWAxkGMUxSBS4Aag1tEgVSEFw/BggcdRIaXjEEUBZeAHEtN18HXzAVeQNhAjd0PV4HH3o/YlgTfTFOLRVbQ28gO1omWSExc0ZUDB5pIV89LAgfdTANaTJeMjVdEH0+GlMQWDABDENvESBwMWQQH3IyVCwOfUdaKywMA2YBYVk/TiUwXC91LzZ5H14qEXYGYxFhYTFOWQR2NXkqN1QuTS1kfg50MDdhJgULGHoleSo3U09CPxFuRX8wBgghWSkdaAB1IDVARgYqPBU+TjsXTCN1KzBZO3FQHGIAWCoVCDUGLjppNmEGFXEVBlg2dhtiGhEIMnUgDG0wfxEgbD5fJhZbGw8BAmoQQy0DcTJmERJpOWEDMXIPBlk3fT1AKzlTMG8wBXMUZgwwXDZxARZ9Ok8/B34vdjsnXBNvKhNbJg4YFm0hXDwMVz8RAidXGUdVAVBFdCsTYg4C
Frame ID: DE2FA3F3C3A2800BB9803A8A7CBB9D99
Requests: 2 HTTP requests in this frame

Frame: https://ourtshipanditlas.info/Y2Zqa3QCBAkGSwJbCE0BEQpXTkYlQ1gtEFESHAwSEAECBQYIEQhFFw8JHw8SEQkEH1oNAx5ORiUODlk6DSk/LiEnJwYNEgQrISoDMVI+WiYFIjI9JiA0ODw4FAIPKjEMVzsBOVI1EiIXKiUSITcnDiwuRC4KOQBBNCU9CBYiAQYOEiUjLSgiE144ACEkPjklPzVWLCU5MQEjPB8uCy0TPSEwECYhJg4JDTohPA8oGDpRIgxMLzEtOTIpMCMzFzUsOD0MJlQiDEQnMAAyMTEKPyE4FCgtPSUPEThbRTsuIiJFMQo/IToLUiQ+JVINOCgyICVZLiQ1MEcmJTkjPD82CA0SLAM6NzIoOQAlAiYXABwsPCIiUxw5MjUlKVgyBSUrUjovJB4sIjsWATkiLio/KBswNAY+PikOIyowJTwFPhglPj0CHyUiKxsXOSM/ByIEEhA8Ii0sLlg6ITMBACQGICA5IlMJDS4lKjA/LCYlLDwiPwcKBjohMV5aOBgqQAAYGw0WVwwHF1M6OQYwDSkgBCop
Frame ID: 4B10C2A62CBEF3825346EBCEF7547EEA
Requests: 2 HTTP requests in this frame

Frame: https://ourtshipanditlas.info/UXR0N0kwFhdadjBJFhE8IxhJEnsXUUZxLWMAAlAvIhMcWTs6AxYZKj0bAVMvIxsaQ2c/EQASexcGF3EMKSEfAx0BGEwHKgAlQGEeaEcncBAbLhpDHh5EPQ4AEDYHVh4AFTx2LTIkPEAaASJEXi02NR9xMAhEMnA+Mi1HAh4BIjUPAgRFR2ENJgAgYAgJOQ1YGjM1IgcGKTIHbw1hRDNjeDU5RkMKFwMmDy89Ih52ET5BM2NwByQgXA01NTpeABAmRHZ7G1FGcRgZTDZTemENEHYHODsmXGxjMjYFEyMlDHocCDxAfhMmIkNWeRscIXQAdEY2fw0DMzpOPjM7MRofYhIwbSIQGSJQGGMXIW4BZC07WyI8PQxPeRAMMkUYPDIQeDAEIhB2Bzg/JmIwBh5FWR8GOTZ6Ggg3JFs+YhVEfhEQMzYPETwxEm0BKTMtdXA6EEVhIxAnMUEPOzYweHslNzJAGzkRIgIgE0clAB0GNVJdOj4aBAoRZyAYYSQ/RhZbJSFMBEI
Frame ID: 9C402A18F459F1C35B9A9CE8CB6AB52C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GDFlix | Elemental.2023.5.1 WEBDL LIGERA.rar

Page URL History Show full URLs

  1. http://gdflix.cam/file/2ueeqw7ydv HTTP 301
    https://gdflix.cam/file/2ueeqw7ydv HTTP 301
    https://ddflix.xyz/file/2ueeqw7ydv HTTP 301
    https://new.gdflix.cfd/file/2ueeqw7ydv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

90 %
HTTPS

78 %
IPv6

20
Domains

22
Subdomains

18
IPs

3
Countries

1285 kB
Transfer

3542 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gdflix.cam/file/2ueeqw7ydv HTTP 301
    https://gdflix.cam/file/2ueeqw7ydv HTTP 301
    https://ddflix.xyz/file/2ueeqw7ydv HTTP 301
    https://new.gdflix.cfd/file/2ueeqw7ydv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
Request Chain 6
  • https://buzzonclick.com/a/display.php?r=7081846 HTTP 302
  • https://velocecdn.com/script/banner.js
Request Chain 25
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ATuJsjyx7NFCKjukHxquS-2n-T31f8WV9VUMoMbQU_HbjXli4l1KAY2Ong3wAaGaA9TbG0PpBdb8xQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjynU8DD1BPoFhsEcSK36CEMaudVd2flGneR2eIRq53FnmCTJPkjr8kJzbRhMItG_C72elfUSQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S202275196%3A1708982804837924&theme=glif
Request Chain 26
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjww3swdX6w9hej97bRyg2v71Nkyvw0v3BM9IbCGJjnFRFtgF_Xm2KJBW8t5z8-VfXeSh5hk0Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyzoG9KbMlcodwk5v52orS9NwV-Vz9EFjOz28XPwHe1Z3lNlYOFuShNBhvjvH9MvaJk6HvrdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-536011138%3A1708982804847542&theme=glif
Request Chain 41
  • https://revive.stats.rip/?type=2&service=test&advertiser=BITZ_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&atype=2&banner=BITZ_nmpl&redirect=https%3A%2F%2Famd-cdn-1.absole-catenaliggette-i-282.site%2Fcontent%2Fstream%2F1xbetIndia%2F500x200_bitz_nmpl.jpg HTTP 302
  • https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/1xbetIndia/500x200_bitz_nmpl.jpg

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2ueeqw7ydv
new.gdflix.cfd/file/
Redirect Chain
  • http://gdflix.cam/file/2ueeqw7ydv
  • https://gdflix.cam/file/2ueeqw7ydv
  • https://ddflix.xyz/file/2ueeqw7ydv
  • https://new.gdflix.cfd/file/2ueeqw7ydv
82 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5dd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6733e993006053958d71a04ca0cc9b82cfc7ffe44ba5f0b5cfecc3519e6f4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85bb449daabc6aee-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 21:26:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDC72FB7lMn5Ny%2BtwDGEVLpC5dtx1Jpx1zsVP9wNSmfLbGvl6uDKN%2Fr0gGmtdwB8Oif4XgtHe7VU959YklUXt%2FjjiNjsctQgP6S3GYUL70XL240joTPVh179JeBEmeiZdTJrh0ZHDSCw3SR4TA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
85bb449cde154bc0-BUF
date
Mon, 26 Feb 2024 21:26:43 GMT
expires
Mon, 26 Feb 2024 22:26:43 GMT
location
https://new.gdflix.cfd/file/2ueeqw7ydv
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8h%2FeYuce9Bo0fa1OBnRUCF5i6eAW%2B07DUm0nwoirrVzuiuKqNsOu%2BkEfIxX3G%2BULvdCEqLYHxGDsPIkxS%2B2MRfTKRNocI0xVjY8YDZhz8U46xqmTiH1SKVFU56w15pS4MDDcyF1PhRX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
mdb.dark.min.css
new.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/ 		445 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://new.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5dd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af69b44f9772cbccf9012e1fdb22e7d7351572caa28b81c1536eba0b5de320fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/file/2ueeqw7ydv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
139281
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMjes4QAMM22cRg53nVvypaJNQY5bAZkuSWt7SKZZG8R26o2dO86LQRsKrK3Oaz4GR6vIhwEsi07fPNYbCApJv621wfpJXOqb78FOv1RBWrHaQKnnV7SirqDC8932CIRqAycODppbWuPIBd9Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
85bb449e2b076aee-BUF
alt-svc
h3=":443"; ma=86400
expires
Sun, 03 Mar 2024 06:45:23 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5737573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8ntX7xQxawMk7s64UnG96SCXpXsS4xYoTX9lo%2B09GiT2BlgnMJ8sigac8RDT%2BnozmWsG4bksAlXbmhBokvRcNY7Zyi88%2BphCgkkk50CLkl%2BDvI9C8Q6K4Ze7b47%2B2%2FiELmkvefJc55qM9yAusAImObI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85bb449e8b446aee-BUF
expires
Sat, 15 Feb 2025 21:26:44 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 21:26:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 21:26:44 GMT
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ff25e8bd5fa3581780ef508ad129d6a9140ee5a72fb46360957da629dfb493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 21:20:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 21:26:44 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f72bc26cb8c6bf06b1b8c706a51b2fb326d11b23d02e7b6f455ab8e20ea3b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
85bb449f9d5d4bc1-BUF
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 26 Feb 2024 21:26:44 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/0f752fefe334/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cf-ray
85bb449f5d414bc1-BUF
alt-svc
h3=":443"; ma=86400
asyncjs.php
greenfox.ink/d/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncjs.php
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 21:26:44 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
ETag
1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Expire
Mon, 26 Feb 2024 22:26:44 GMT
banner.js
velocecdn.com/script/
Redirect Chain
  • https://buzzonclick.com/a/display.php?r=7081846
  • https://velocecdn.com/script/banner.js
110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocecdn.com/script/banner.js
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Server
2606:4700::6811:ac3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99b9620efa54add9ccf6284f7225effcbaafecb86f3b287d069e942eaa12ddf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3535
x-guploader-uploadid
ABPtcPpC6A6JbnooSmcHMMiT0e5FeGMYhrigcriS-J4fmpdbnH_SEMxLhmpa3-FOY7aYZitgoCDnwskKnw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 26 Feb 2024 11:53:14 GMT
server
cloudflare
etag
W/"46e700da69dac23fd7ca3805a1d446d7"
vary
Accept-Encoding
x-goog-hash
crc32c=J/01iQ==, md5=RucA2mnawj/XyjgFodRG1w==
x-goog-generation
1708948394746400
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
113017
cf-ray
85bb449fefdc4bcf-BUF
expires
Tue, 27 Feb 2024 01:26:44 GMT

Redirect headers

date
Mon, 26 Feb 2024 21:26:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
location
https://velocecdn.com/script/banner.js
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3TuRVZZhOcVun6AOKOA9zTS0GxQQJ9Vt5CHIz8P7xvAX%2BfUqHEmgnA8nBi8JtudpbwRE7vqO7J7iUSzBmJLo0reBr%2BFBZ1TCrg08hXvEPCKGd%2FnFpByeSFma78zsn%2BJY5%2B12rsChNeyU1q0ngk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
85bb449ebfbe4bc9-BUF
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
/
d2tvgfsghnrkwb.cloudfront.net/ 		354 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9a00:2:c93f:62c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c89f45cd55b50c18c618c3f67e5cb7412bade4ba3c1919e8766b9a8b3670c443

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
117502
x-amz-cf-id
kfzPk33Hr171U_zNShU34k1gWH2B8FAY91S-r_eltsLQssGuEEUdpA==
js
www.googletagmanager.com/gtag/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
057deb1a8884e70a271756b171f571ce43bd897134aa756106fd4926037e5ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70794
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Feb 2024 21:26:44 GMT
mdb.min.js
new.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/ 		1 MB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5dd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/file/2ueeqw7ydv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
139281
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZJ5i3LBC6zqaiTdPwBIXgVGpwypDVdYN8FGUwpDnszqgdNle4xukkDT3l0X68gfg8HSOOyk4xS3STM6CDJ1JSD4nj0YGyWG6pKbLg0vADnuKf47L1lm%2BvA%2BwcmBry%2Bi2iYRNYGFEMn9idytVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
85bb449e2b086aee-BUF
alt-svc
h3=":443"; ma=86400
expires
Sun, 03 Mar 2024 06:45:23 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new.gdflix.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5944141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcERMeRPnexHhj1HTBXeuV7RTT7hkr20R%2Fk1JrXdFerv7CAwmkhwU5ogGoN6lC6FKNan0N96PMDQ8lY1eqbUk0oGbf2zkM7B%2FjJN8Ugw3iuRZ%2BzP6yTjkwwWw5jkeqyu6%2B1Qw1J6aNB06E55aeiZGJjN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85bb449f1f924bbb-BUF
expires
Sat, 15 Feb 2025 21:26:44 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://new.gdflix.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:37:39 GMT
x-content-type-options
nosniff
age
395345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:37:39 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new.gdflix.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8169679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13548
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-34ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM%2BXPLIh5ctSaKa9As3gt%2F9JtdYlAP2MLXm1N5ySOuq%2B2GskhlNfwJ%2FNiJBps9kE%2FWpOgxS0yC%2F5od0lTAu2mmRxoZ49caD27ROgfsD0yPzrDBO4UajzIgf3G7A%2BGm5OqJW7F4eYBuUfoVoYOgLUW3LH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85bb449f1f934bbb-BUF
expires
Sat, 15 Feb 2025 21:26:44 GMT
banner.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/banner.php?r=7081846&cbpage=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv&cbref=&cbdescription=&cbkeywords=&cbtitle=GDFlix%20%7C%20Elemental.2023.5.1%20WEBDL%20LIGERA.rar&srs=44e1c2ac20cc4148b6d8b1125c21b004&atv=44.0
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/a/display.php?r=7081846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVg0339jE2c4SXODlmqYfwjSUYzKj%2FyWk8gG1zmUSDATF84sTGKtCxItDcDCtSiDa3I5cC5rtst8eIuOFnDEeNSPYO5O8HsHO%2F3tq31fbDx1pjNVrzoefQ0TnpPmaO%2BYzv2mbdsUoQ98v5V4jcSFo88%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85bb44a0da815e76-EWR
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 26 Feb 2024 16:31:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://new.gdflix.cfd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpR9EyFTqyA5VrVYstaG7AujXjcbimeIakvQUf2hTfj1zXenFQnphYwWBZdud0f43ZUv9KVpkBU%2Bwm%2F7a3mnM%2FlenJ9ljEi%2BPMBkRmxraons23MciX7kNq9wqH7ImDDf"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
85bb44a0cf3d4bd8-BUF
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		26 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a685a4bbaeb5192fbbfcdd1f7a95b60bd966aead6885e460f451c00b26cd140f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEKVFR%2FqD8XqmRzzmsZrZF2ccn8slCqGMrmxNfD5WIzemwEfLAumRpugRCjj8XzexwNRDYYTC%2BOnh166A1nzEokwXfKl5YtdN%2FTUAbjx7pfvBcvIf165NtKAVjEgq4TO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://new.gdflix.cfd
content-type
text/plain
access-control-allow-credentials
true
cf-ray
85bb44a0cf414bd8-BUF
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
ourtshipanditlas.info/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ourtshipanditlas.info/utx?cb=W6MDFWMMWgxf&top=new.gdflix.cfd&tid=987702
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-111.iad50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:44 GMT
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://new.gdflix.cfd
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
Zst0U0E-aqdUWT50XkfN8uW0nz_kMk5ff9Pk2iZsJIFe1SBM-vL9YQ==
B34vdjsnXBNvKhNbJg4YFm0hXDwMVz8RAidXGUdVAVBFdCsTYg4C
ourtshipanditlas.info/aFQ4dzcJNlsaCAlpWlFCGjgFUgUucQoxU1ogThBRGzNQGUUDI1pZVAQ7TRNRGjtWAxkGMUxSBS4Aag1tEgVSEFw/BggcdRIaXjEEUBZeAHEtN18HXzAVeQNhAjd0PV4HH3o/YlgTfTFOLRVbQ28gO1omWSExc0ZUDB5pIV89LAgfdTA... Frame DE2F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ourtshipanditlas.info/aFQ4dzcJNlsaCAlpWlFCGjgFUgUucQoxU1ogThBRGzNQGUUDI1pZVAQ7TRNRGjtWAxkGMUxSBS4Aag1tEgVSEFw/BggcdRIaXjEEUBZeAHEtN18HXzAVeQNhAjd0PV4HH3o/YlgTfTFOLRVbQ28gO1omWSExc0ZUDB5pIV89LAgfdTANaTJeMjVdEH0+GlMQWDABDENvESBwMWQQH3IyVCwOfUdaKywMA2YBYVk/TiUwXC91LzZ5H14qEXYGYxFhYTFOWQR2NXkqN1QuTS1kfg50MDdhJgULGHoleSo3U09CPxFuRX8wBgghWSkdaAB1IDVARgYqPBU+TjsXTCN1KzBZO3FQHGIAWCoVCDUGLjppNmEGFXEVBlg2dhtiGhEIMnUgDG0wfxEgbD5fJhZbGw8BAmoQQy0DcTJmERJpOWEDMXIPBlk3fT1AKzlTMG8wBXMUZgwwXDZxARZ9Ok8/B34vdjsnXBNvKhNbJg4YFm0hXDwMVz8RAidXGUdVAVBFdCsTYg4C
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-111.iad50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4f90de74647c6363e4bdc738e64a92a6a6f108293a2b4a8ef73fb4e4af15ca1a

Request headers

Referer
https://new.gdflix.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1229
content-type
text/html
date
Mon, 26 Feb 2024 21:26:44 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
x-amz-cf-id
tsy5UWyG67IvcSyTrN4IYHrUTKQoOuxqiVFr2uZhY_7zM7P3e1flzA==
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 26 Feb 2024 16:31:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://new.gdflix.cfd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXBHROrA%2FF7nBm6l8%2FNTQre7aeKcMQj0QcOAoDVPs0bNJkm0BR2Zx4T%2Bhrzo4%2FJjXbRsf8p5%2FKykyyiVRx6pqQoP1vmCqAHt%2FBhIizO1SxK1u%2B9HnHcu%2B8UTOrIO8j6v"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
85bb44a0cf3f4bd8-BUF
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		27 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c995d44f6c47fe5537cf149e7f9a68f3881993238cef550e7cfcf5f9c7b5f4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C57metraiEzPWH%2BEBroIvzwUcCzqAcP%2FVo%2BizLMGe%2Bxb1BuEH1kfOR48XAryKUYohHVBzrY3lx1ngWjy2S59t0ZBdHXQrXtkuLZwhIxyXMqc2ufSuegemQqS2Fh%2BC93"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://new.gdflix.cfd
content-type
text/plain
access-control-allow-credentials
true
cf-ray
85bb44a0cf404bd8-BUF
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
ourtshipanditlas.info/ 		0
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ourtshipanditlas.info/utx?cb=rLMFIgpOp1gE&top=new.gdflix.cfd&tid=987844
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-111.iad50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:44 GMT
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://new.gdflix.cfd
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
L8NmMdNdYUrVaDjNxh24upp7BiG6wFRWG-r-KPsOhtPcRgTgWe7D3A==
LCYlLDwiPwcKBjohMV5aOBgqQAAYGw0WVwwHF1M6OQYwDSkgBCop
ourtshipanditlas.info/Y2Zqa3QCBAkGSwJbCE0BEQpXTkYlQ1gtEFESHAwSEAECBQYIEQhFFw8JHw8SEQkEH1oNAx5ORiUODlk6DSk/LiEnJwYNEgQrISoDMVI+WiYFIjI9JiA0ODw4FAIPKjEMVzsBOVI1EiIXKiUSITcnDiwuRC4KOQBBNCU9CBYiAQYOEiU... Frame 4B10 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ourtshipanditlas.info/Y2Zqa3QCBAkGSwJbCE0BEQpXTkYlQ1gtEFESHAwSEAECBQYIEQhFFw8JHw8SEQkEH1oNAx5ORiUODlk6DSk/LiEnJwYNEgQrISoDMVI+WiYFIjI9JiA0ODw4FAIPKjEMVzsBOVI1EiIXKiUSITcnDiwuRC4KOQBBNCU9CBYiAQYOEiUjLSgiE144ACEkPjklPzVWLCU5MQEjPB8uCy0TPSEwECYhJg4JDTohPA8oGDpRIgxMLzEtOTIpMCMzFzUsOD0MJlQiDEQnMAAyMTEKPyE4FCgtPSUPEThbRTsuIiJFMQo/IToLUiQ+JVINOCgyICVZLiQ1MEcmJTkjPD82CA0SLAM6NzIoOQAlAiYXABwsPCIiUxw5MjUlKVgyBSUrUjovJB4sIjsWATkiLio/KBswNAY+PikOIyowJTwFPhglPj0CHyUiKxsXOSM/ByIEEhA8Ii0sLlg6ITMBACQGICA5IlMJDS4lKjA/LCYlLDwiPwcKBjohMV5aOBgqQAAYGw0WVwwHF1M6OQYwDSkgBCop
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-111.iad50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b1905bd93b355e771ef8889377c541a933fcacb3c77745eff24a812c6e227022

Request headers

Referer
https://new.gdflix.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1240
content-type
text/html
date
Mon, 26 Feb 2024 21:26:44 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
x-amz-cf-id
Vt9h1yFypfpGmfn-Wa_CLO6nXBBW7P_mZ7K1b4k9w3-_s66CfTtOqw==
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
RhZbJSFMBEI
ourtshipanditlas.info/UXR0N0kwFhdadjBJFhE8IxhJEnsXUUZxLWMAAlAvIhMcWTs6AxYZKj0bAVMvIxsaQ2c/EQASexcGF3EMKSEfAx0BGEwHKgAlQGEeaEcncBAbLhpDHh5EPQ4AEDYHVh4AFTx2LTIkPEAaASJEXi02NR9xMAhEMnA+Mi1HAh4BIjUPAgR... Frame 9C40 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ourtshipanditlas.info/UXR0N0kwFhdadjBJFhE8IxhJEnsXUUZxLWMAAlAvIhMcWTs6AxYZKj0bAVMvIxsaQ2c/EQASexcGF3EMKSEfAx0BGEwHKgAlQGEeaEcncBAbLhpDHh5EPQ4AEDYHVh4AFTx2LTIkPEAaASJEXi02NR9xMAhEMnA+Mi1HAh4BIjUPAgRFR2ENJgAgYAgJOQ1YGjM1IgcGKTIHbw1hRDNjeDU5RkMKFwMmDy89Ih52ET5BM2NwByQgXA01NTpeABAmRHZ7G1FGcRgZTDZTemENEHYHODsmXGxjMjYFEyMlDHocCDxAfhMmIkNWeRscIXQAdEY2fw0DMzpOPjM7MRofYhIwbSIQGSJQGGMXIW4BZC07WyI8PQxPeRAMMkUYPDIQeDAEIhB2Bzg/JmIwBh5FWR8GOTZ6Ggg3JFs+YhVEfhEQMzYPETwxEm0BKTMtdXA6EEVhIxAnMUEPOzYweHslNzJAGzkRIgIgE0clAB0GNVJdOj4aBAoRZyAYYSQ/RhZbJSFMBEI
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-111.iad50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
fd16de9d1b2ddb8b6250c2ccf0f9366d59381231191cf23a6ec10e0295a97d50

Request headers

Referer
https://new.gdflix.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1223
content-type
text/html
date
Mon, 26 Feb 2024 21:26:44 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
x-amz-cf-id
d4KuNGFMmFN-7V1e5MPyatgBO0jYZKWyiZTe3gj-qCulZk_2Ctzhkw==
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
UzRwVjl8CxMlBB1ZFAVoB3E1A24ZQzExewVuQz19ElgmPFo0bVYiUDcJSW4OZARCcEk6UE1nHyBAESJMIAlBcFA9Uh9rHyUJQXgKZxpDYxdiEgVrCHVAADdebgVWJk0nWE1nDmMMSW4LawREYwpg
cathedralinthei.info/ 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cathedralinthei.info/UzRwVjl8CxMlBB1ZFAVoB3E1A24ZQzExewVuQz19ElgmPFo0bVYiUDcJSW4OZARCcEk6UE1nHyBAESJMIAlBcFA9Uh9rHyUJQXgKZxpDYxdiEgVrCHVAADdebgVWJk0nWE1nDmMMSW4LawREYwpg
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKBX8H0zIiFSfkZGh8E2AwXXvFKLHPQxxUIrwX%2Fi6Wrl2032WHlMo5IjMA7IBdsJ4698rSP0zG6BBlDFHI%2BOtHOlG8inUhtwq56R1qixMU%2FEJacCmoi%2FYu7z58ALdjxDMTcDhCg1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85bb44a1c8661122-ORD
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ATuJsjyx7NFCKjukHxquS-2n-T31f8WV9VUMoMbQU_HbjXli4l1KAY2Ong3wAaG...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjynU8DD1BPoFhsEcSK36CEMaudVd2flGneR2eIRq53FnmCTJPkjr8kJzbRhMItG_C72elfUSQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjynU8DD1BPoFhsEcSK36CEMaudVd2flGneR2eIRq53FnmCTJPkjr8kJzbRhMItG_C72elfUSQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S202275196%3A1708982804837924&theme=glif
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H3
Server
2607:f8b0:4004:c0b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date
Mon, 26 Feb 2024 21:26:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bbFSHpGNQuCoW3v029qZhQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjynU8DD1BPoFhsEcSK36CEMaudVd2flGneR2eIRq53FnmCTJPkjr8kJzbRhMItG_C72elfUSQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S202275196%3A1708982804837924&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjww3swdX6w9hej97bRyg2v71Nkyvw0v3BM9IbCGJjnFRFtgF_Xm2KJ...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyzoG9KbMlcodwk5v52orS9NwV-Vz9EFjOz28XPwHe1Z3lNlYOFuShNBhvjvH9MvaJk6HvrdA&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyzoG9KbMlcodwk5v52orS9NwV-Vz9EFjOz28XPwHe1Z3lNlYOFuShNBhvjvH9MvaJk6HvrdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-536011138%3A1708982804847542&theme=glif
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H3
Server
2607:f8b0:4004:c0b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date
Mon, 26 Feb 2024 21:26:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-ShpjSxgazfnFwlFmM-byFA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyzoG9KbMlcodwk5v52orS9NwV-Vz9EFjOz28XPwHe1Z3lNlYOFuShNBhvjvH9MvaJk6HvrdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-536011138%3A1708982804847542&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
V25kSXp4UQc6RxkFXXobZxkmLD8zOgEYT2E8CAdOFSZVCi0PGUI9EzNTXXFNb1pQbwo+Cll4XCQaBT0PJFNVbxM5CAt0XCFTVWdJY0BXfFRmSBF0S3EaFCgdal9COQ4jAll4TWdWXXFIb15QfEJk
cathedralinthei.info/ 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cathedralinthei.info/V25kSXp4UQc6RxkFXXobZxkmLD8zOgEYT2E8CAdOFSZVCi0PGUI9EzNTXXFNb1pQbwo+Cll4XCQaBT0PJFNVbxM5CAt0XCFTVWdJY0BXfFRmSBF0S3EaFCgdal9COQ4jAll4TWdWXXFIb15QfEJk
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkOH7VF6%2B%2FO5SZFrGewz%2F0LJ7p6fFUyAUMpO%2BEnj54T3BE2ZFBomyhurwtppeLcEWnTDjlq5eXopJkyZ7evG9tYlP%2FVm392BJIxjaXLFBPY2mZLDeFr%2FHzicqE4XTOeJYMzpY2SzVA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85bb44a1c85e1122-ORD
alt-svc
h3=":443"; ma=86400
dFVzBWtwXHYNY31SdA0
cathedralinthei.info/U0lkRDV8dgc3CAQcEHB6Bh8RIXAkGQIDBCkdEwIFMidRC3ELGEIwXDd0XXwCa31RYkU6LVl1DXU6ECVBJjpZdRM6JwIrCHU/WXUbY2dWagF1PFl1Eyc5BSMIYm8UMEE/ 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cathedralinthei.info/U0lkRDV8dgc3CAQcEHB6Bh8RIXAkGQIDBCkdEwIFMidRC3ELGEIwXDd0XXwCa31RYkU6LVl1DXU6ECVBJjpZdRM6JwIrCHU/WXUbY2dWagF1PFl1Eyc5BSMIYm8UMEE/dFVzBWtwXHYNY31SdA0
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XjuWbfTePCzzS%2BYGSdmFspXHBhqu%2Br%2Ftm12vuqgfPr5rvUhKcJfVhBCS7V2gqKUB%2FoEXIJabNe%2FYZhq2XuBGqvKLPXvPG5sYhxs%2FgfXGVurJIEF%2BdGXHzoWHQcEhKJ7sEi39JOKIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85bb44a1c8631122-ORD
alt-svc
h3=":443"; ma=86400
/
d2tvgfsghnrkwb.cloudfront.net/ 		354 KB
115 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9a00:2:c93f:62c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61eb8674a4fefeaa39649e01594fc03ac6f6d960ed1a439bffcb03c59f63a5d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://new.gdflix.cfd
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
117496
x-amz-cf-id
32g2G-V1gQwdPRUBac7LBNDXPZK7gi5nwUBZ4b8L21UlrHRwNB0hjQ==
asyncjs.php
greenfox.ink/d/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncjs.php
Requested by
Host: new.gdflix.cfd
URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 21:26:44 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
ETag
1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Expire
Mon, 26 Feb 2024 22:26:44 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://new.gdflix.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:33:36 GMT
x-content-type-options
nosniff
age
312788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Feb 2025 06:33:36 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new.gdflix.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2232091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78460
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FGQ7NosrF2Eecp3lGxmP2DbjLZdcRgqz0nAgIXmvX%2BmOc%2Bk5rbojLAIR6Ouy%2F1kaSeXkurMiYMyAXqOYVM70wKS7xRn7TKPIfVaKSwhS2G2bIxSfs6nFRIEh%2F9SK%2FrR8LWGSQI8vEVRPfQJ1N0mNNHI"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85bb44a168f44bbb-BUF
expires
Sat, 15 Feb 2025 21:26:44 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZYPDHMSKVK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
809202b6a8b5cf9659767fe4779cf2e27bbbc33e222c5741d9035e114f69a2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81111
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Feb 2024 21:26:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Feb 2024 19:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5702
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 26 Feb 2024 21:51:42 GMT
TRzZzQjgkWR0kBzNfF38BfwFEcgphXAAtVjcLJioKBHU0GEFyEAc4XHobQnIeK1cdJQVhUx0hBXYQEiZaegJVNkgoXU44XytHFSxKJEcDZE0mCx4tQi5aHyMddXBGbAhiBENqTy5YFy1PNBNBclYzE0FyCXcYQ2cLBRNBck8uWEV2HXR0VnAIPwBHax11Bh-IySCt...
d2tvgfsghnrkwb.cloudfront.net/ Frame DE2F 		741 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tvgfsghnrkwb.cloudfront.net/TRzZzQjgkWR0kBzNfF38BfwFEcgphXAAtVjcLJioKBHU0GEFyEAc4XHobQnIeK1cdJQVhUx0hBXYQEiZaegJVNkgoXU44XytHFSxKJEcDZE0mCx4tQi5aHyMddXBGbAhiBENqTy5YFy1PNBNBclYzE0FyCXcYQ2cLBRNBck8uWEV2HXR0VnAIPwBHax11Bh-IySCtTBCdaLF8HZwoBA0B1FnQAVnAIb10bNlUrE0EBHXUGHytTIhNBcl8iVRgtEWIEQyFQNVkeJx11cEJwCmkGXXQKcQdddAFiBEMxWSFXASsddXBGcQ9pBUVkTXoH
Requested by
Host: ourtshipanditlas.info
URL: https://ourtshipanditlas.info/aFQ4dzcJNlsaCAlpWlFCGjgFUgUucQoxU1ogThBRGzNQGUUDI1pZVAQ7TRNRGjtWAxkGMUxSBS4Aag1tEgVSEFw/BggcdRIaXjEEUBZeAHEtN18HXzAVeQNhAjd0PV4HH3o/YlgTfTFOLRVbQ28gO1omWSExc0ZUDB5pIV89LAgfdTANaTJeMjVdEH0+GlMQWDABDENvESBwMWQQH3IyVCwOfUdaKywMA2YBYVk/TiUwXC91LzZ5H14qEXYGYxFhYTFOWQR2NXkqN1QuTS1kfg50MDdhJgULGHoleSo3U09CPxFuRX8wBgghWSkdaAB1IDVARgYqPBU+TjsXTCN1KzBZO3FQHGIAWCoVCDUGLjppNmEGFXEVBlg2dhtiGhEIMnUgDG0wfxEgbD5fJhZbGw8BAmoQQy0DcTJmERJpOWEDMXIPBlk3fT1AKzlTMG8wBXMUZgwwXDZxARZ9Ok8/B34vdjsnXBNvKhNbJg4YFm0hXDwMVz8RAidXGUdVAVBFdCsTYg4C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9a00:2:c93f:62c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de3d97ca3a8c581a823808f7db30f0e444b8d180e3e94ab4bd4163c356450c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ourtshipanditlas.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
522
x-amz-cf-id
xjVPyr1f4cPt13RoKpAN9y-7qP4B8weJfFpaP-GxdretiuLTusfMQQ==
hd2NnOUEUDAlffgMKAwR4T1RfDXVRCRRWLwdeAEo1QjM1SxIcICxJCDhFE0MlSk5WCWcbAglefFEGCVp8RkUGXSNKV0FNMRgIWkMmGxIBVzMUEhcfNBZeClY7Hg8LWGRFJVIXcVJRVxE2Hg0DVjYERlUJLwNGVQlwR01XHHI1RlUJNh4NUQ1kRCFCC3EPVV-MQZEV...
d2tvgfsghnrkwb.cloudfront.net/ Frame 4B10 		746 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tvgfsghnrkwb.cloudfront.net/hd2NnOUEUDAlffgMKAwR4T1RfDXVRCRRWLwdeAEo1QjM1SxIcICxJCDhFE0MlSk5WCWcbAglefFEGCVp8RkUGXSNKV0FNMRgIWkMmGxIBVzMUEhcfNBZeClY7Hg8LWGRFJVIXcVJRVxE2Hg0DVjYERlUJLwNGVQlwR01XHHI1RlUJNh4NUQ1kRCFCC3EPVV-MQZEVTBkkxGwYQXCMcChMcczFWVA5vRFVCC3FfCA9NLBtGVXpkRVMLUCoSRlUJJhIADFZoUlFXWikFDApcZEUlVgtzWVNJD3NBUkkPeFJRV0ogEQIVUGRFJVIKdllQUR80SlI
Requested by
Host: ourtshipanditlas.info
URL: https://ourtshipanditlas.info/Y2Zqa3QCBAkGSwJbCE0BEQpXTkYlQ1gtEFESHAwSEAECBQYIEQhFFw8JHw8SEQkEH1oNAx5ORiUODlk6DSk/LiEnJwYNEgQrISoDMVI+WiYFIjI9JiA0ODw4FAIPKjEMVzsBOVI1EiIXKiUSITcnDiwuRC4KOQBBNCU9CBYiAQYOEiUjLSgiE144ACEkPjklPzVWLCU5MQEjPB8uCy0TPSEwECYhJg4JDTohPA8oGDpRIgxMLzEtOTIpMCMzFzUsOD0MJlQiDEQnMAAyMTEKPyE4FCgtPSUPEThbRTsuIiJFMQo/IToLUiQ+JVINOCgyICVZLiQ1MEcmJTkjPD82CA0SLAM6NzIoOQAlAiYXABwsPCIiUxw5MjUlKVgyBSUrUjovJB4sIjsWATkiLio/KBswNAY+PikOIyowJTwFPhglPj0CHyUiKxsXOSM/ByIEEhA8Ii0sLlg6ITMBACQGICA5IlMJDS4lKjA/LCYlLDwiPwcKBjohMV5aOBgqQAAYGw0WVwwHF1M6OQYwDSkgBCop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9a00:2:c93f:62c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44acad3abfe7f0eb6c25f230b2e4da07e9edf88048330acd7d39803375eadac6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ourtshipanditlas.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
527
x-amz-cf-id
6hE4ErD0xWi9a6trT6U_MoK7999Am3IYHKoccYzbV159BDEHV4iFUg==
B2ZrQxMUYH4IZwV7a0JhUCI+HDRGNywbOE-V3fDZkAmVgQ2cUYH5YOlkmIxx0AxFrQmFdOyUVdANiKRUyWj1nVWMBMSYCPlw3a0IXAGB8XmEfZHxGYB9kd1VjASEvFjBDO2tCFwRheV5iB3Q7TWA
d2tvgfsghnrkwb.cloudfront.net/rcFExUk4TPl80cQQ4VW93SGYJZntWO0I9IABsaWQaHAdcPHwSPV0idgAkFyY0FGwcY35WPVA8KU13VDwtTWAXMyoSbAV0OxFsXD00GT1dM2tCFwR8flVjAXo5GT9VPTkDdANiIAR0A2J/QH8Bd30ydANiORk/ Frame 9C40 		207 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tvgfsghnrkwb.cloudfront.net/rcFExUk4TPl80cQQ4VW93SGYJZntWO0I9IABsaWQaHAdcPHwSPV0idgAkFyY0FGwcY35WPVA8KU13VDwtTWAXMyoSbAV0OxFsXD00GT1dM2tCFwR8flVjAXo5GT9VPTkDdANiIAR0A2J/QH8Bd30ydANiORk/B2ZrQxMUYH4IZwV7a0JhUCI+HDRGNywbOE-V3fDZkAmVgQ2cUYH5YOlkmIxx0AxFrQmFdOyUVdANiKRUyWj1nVWMBMSYCPlw3a0IXAGB8XmEfZHxGYB9kd1VjASEvFjBDO2tCFwRheV5iB3Q7TWA
Requested by
Host: ourtshipanditlas.info
URL: https://ourtshipanditlas.info/UXR0N0kwFhdadjBJFhE8IxhJEnsXUUZxLWMAAlAvIhMcWTs6AxYZKj0bAVMvIxsaQ2c/EQASexcGF3EMKSEfAx0BGEwHKgAlQGEeaEcncBAbLhpDHh5EPQ4AEDYHVh4AFTx2LTIkPEAaASJEXi02NR9xMAhEMnA+Mi1HAh4BIjUPAgRFR2ENJgAgYAgJOQ1YGjM1IgcGKTIHbw1hRDNjeDU5RkMKFwMmDy89Ih52ET5BM2NwByQgXA01NTpeABAmRHZ7G1FGcRgZTDZTemENEHYHODsmXGxjMjYFEyMlDHocCDxAfhMmIkNWeRscIXQAdEY2fw0DMzpOPjM7MRofYhIwbSIQGSJQGGMXIW4BZC07WyI8PQxPeRAMMkUYPDIQeDAEIhB2Bzg/JmIwBh5FWR8GOTZ6Ggg3JFs+YhVEfhEQMzYPETwxEm0BKTMtdXA6EEVhIxAnMUEPOzYweHslNzJAGzkRIgIgE0clAB0GNVJdOj4aBAoRZyAYYSQ/RhZbJSFMBEI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9a00:2:c93f:62c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b3f76b4d2d51a937ff14c5e2254a13320c096708a23d2ccc0de3ef3663be79bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ourtshipanditlas.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:44 GMT
content-encoding
gzip
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
199
x-amz-cf-id
q3GakZF0DZ9B6oXG7Z7hGNLhAT1x-vorrVQTuCM6uJlIWcwXhM--6Q==
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1511737468&t=pageview&_s=1&dl=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv&ul=en-us&de=UTF-8&dt=GDFlix%20%7C%20Elemental.2023.5.1%20WEBDL%20LIGERA.rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1517851381&gjid=666580047&cid=350943026.1708982805&tid=UA-156019198-1&_gid=1887861526.1708982805&_r=1&gtm=457e42l0za220&gcd=13l3l3l3l1&dma=0&jsscut=1&z=2096898591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://new.gdflix.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new.gdflix.cfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZYPDHMSKVK&gtm=45je42l0v9116605141za200&_p=1708982804641&gcd=13l3l3l3l1&npa=0&dma=0&cid=350943026.1708982805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708982804&sct=1&seg=0&dl=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv&dt=GDFlix%20%7C%20Elemental.2023.5.1%20WEBDL%20LIGERA.rar&en=page_view&_fv=1&_ss=1&tfd=1327
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZYPDHMSKVK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 21:26:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new.gdflix.cfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
asyncspc.php
greenfox.ink/d/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew.gdflix.cfd&loc=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv
Requested by
Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
f133df63b903e5ddfe6acf3e88e083ea99acd9ca34e36623c7c7bfd42a276ed7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Feb 2024 21:26:45 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://new.gdflix.cfd
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
500x200_bitz_nmpl.jpg
amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/1xbetIndia/
Redirect Chain
  • https://revive.stats.rip/?type=2&service=test&advertiser=BITZ_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&atype=2&banner=BITZ_nmpl&redirect=https%3A%2F%2Famd-cdn-1.absole-c...
  • https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/1xbetIndia/500x200_bitz_nmpl.jpg
35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/1xbetIndia/500x200_bitz_nmpl.jpg
Protocol
H2
Server
50.7.24.35 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
b71cdc8e88c2f07c155c3cd637c30aa48a1fc86f8a8f8d443602b526600969ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:45 GMT
last-modified
Tue, 20 Feb 2024 14:57:04 GMT
server
nginx
etag
"65d4bdc0-8d11"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length
36113

Redirect headers

date
Mon, 26 Feb 2024 21:26:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNTS%2FyyfCq1c%2BVjFBPzyyrdNiKHpXVf5TQpFZ1r24YiWi9hp8nUJVBMbOJNzESaLbNVdWzIy5jwkWOiZFdquWrSfTNrDDq%2FTC3Ii%2BSRZXeBsv4SQBiulZi6u4a1Gu7%2B1MY98VICYFYXoneYdR%2FdC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://amd-cdn-1.absole-catenaliggette-i-282.site/content/stream/1xbetIndia/500x200_bitz_nmpl.jpg
cf-ray
85bb44a4e9ab4bc6-BUF
alt-svc
h3=":443"; ma=86400
pixel.gif
px.greenfox.ink/ 		42 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.greenfox.ink/pixel.gif?ad_type=1&banner=47&advertiser=6&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&event_type=1&rand=15adef026f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:be41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 21:26:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZvs3ojAOWuF4UYb9hwdEHH65rhCsYCtHBxwsRkX7SUtg3N5O31AAuiVI3e8fEn790MbD2E1qK5AkzRBKctRxmDGXNgRYW4Et04IFFwCYX%2BfNLhSYw7wDdctpLX5ElBGKxOhBwHJQKgTjrAAeFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
85bb44a508884bc1-BUF
alt-svc
h3=":443"; ma=86400
content-length
42
lg.php
greenfox.ink/d/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=47&campaignid=15&zoneid=6&loc=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv&cb=15adef026f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Feb 2024 21:26:45 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lg.php
greenfox.ink/d/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew.gdflix.cfd%2Ffile%2F2ueeqw7ydv&cb=6442819269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Feb 2024 21:26:45 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
popunder.gif
cathedralinthei.info/ 		35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cathedralinthei.info/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Feb 2024 21:26:45 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Feb 2024 18:35:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
269489
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpFufIxpjhDXPxpJvHDlpoSNCPvnBqoL%2FPoUl1ZM8D14zLJEVixOTtxkv%2FEQNZw0GGXyHnerZrUwG8oVk4%2FnLbYJBxmArH3Dv2DnxiO96eOylAhFy8juJOm4SxabbZJzPEw%2BazRobg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
85bb44a45be71122-ORD
alt-svc
h3=":443"; ma=86400
popunder.gif
cathedralinthei.info/ 		35 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cathedralinthei.info/popunder.gif
Requested by
Host: d2tvgfsghnrkwb.cloudfront.net
URL: https://d2tvgfsghnrkwb.cloudfront.net/?fgvtd=987702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://new.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Feb 2024 21:26:45 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Feb 2024 18:35:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
269489
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N3Iaolj08RTksp35FRH5bdy38rV4MChR7xWqxrUsgnsy5jcIcfvx2EQl5DacSy8Ks4pVcSHnCAngY%2F4LZyXBR%2Bm9fXJssuPiVgG85GTjJDDJTRZ8Nb0vJ7VKivLG1Mx6yDo%2BTSawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
85bb44a4cc881122-ORD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| convertToUserTime object| turnstile object| regeneratorRuntime string| rgxngibqxq number| LAST_CORRECT_EVENT_TIME object| utr_987702 number| userTrackingInterval number| _472583492 object| utr_987844 number| _2591566408 function| s3ii function| P7Q boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| G2tt string| cf_token function| toastr function| generate function| setan function| taskaction function| tasktype function| gtag object| dataLayer object| e number| n object| c number| uidEvent function| Color function| Chart object| mdb object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| reviveAsync object| gaplugins object| gaGlobal object| gaData number| iinf function| trackBannerClick

9 Cookies

Domain/Path Name / Value
new.gdflix.cfd/ Name: PHPSESSID
Value: 0abe529ab1a7052550cb021f6a4a4f9d
pogothere.xyz/ Name: csu
Value: 566218933608446@1@1708982804
greenfox.ink/ Name: OAGEO
Value: 2%7CUS%7CNA%7C%7CBuffalo%7C14202%7C42.8867%7C-78.8927%7C20%7CAmerica%2FNew_York%7C514%7CNY%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.gdflix.cfd/ Name: _gid
Value: GA1.2.1887861526.1708982805
.gdflix.cfd/ Name: _gat_gtag_UA_156019198_1
Value: 1
.gdflix.cfd/ Name: _ga_ZYPDHMSKVK
Value: GS1.1.1708982804.1.0.1708982804.0.0.0
.gdflix.cfd/ Name: _ga
Value: GA1.1.350943026.1708982805
greenfox.ink/ Name: OAID
Value: 7dc486c9df8c8c48ec4d87494795b4a1
.px.greenfox.ink/ Name: unq-user-id
Value: aaaaaaaaaa

15 Console Messages

Source Level URL
Text
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv(Line 513)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv(Line 513)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv(Line 513)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjynU8DD1BPoFhsEcSK36CEMaudVd2flGneR2eIRq53FnmCTJPkjr8kJzbRhMItG_C72elfUSQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S202275196%3A1708982804837924&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyzoG9KbMlcodwk5v52orS9NwV-Vz9EFjOz28XPwHe1Z3lNlYOFuShNBhvjvH9MvaJk6HvrdA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-536011138%3A1708982804847542&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new.gdflix.cfd/file/2ueeqw7ydv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
amd-cdn-1.absole-catenaliggette-i-282.site
buzzonclick.com
cathedralinthei.info
cdnjs.cloudflare.com
challenges.cloudflare.com
d2tvgfsghnrkwb.cloudfront.net
ddflix.xyz
fonts.googleapis.com
fonts.gstatic.com
gdflix.cam
greenfox.ink
new.gdflix.cfd
ourtshipanditlas.info
pogothere.xyz
px.greenfox.ink
revive.stats.rip
velocecdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
104.21.59.152
172.67.220.203
2600:9000:24f0:9a00:2:c93f:62c0:21
2606:4700:3030::ac43:a49b
2606:4700:3031::6815:3ca0
2606:4700:3031::ac43:d269
2606:4700:3031::ac43:dce7
2606:4700:3035::ac43:be41
2606:4700:3037::6815:5dd5
2606:4700:3037::ac43:c606
2606:4700::6811:190e
2606:4700::6811:3b8
2606:4700::6811:ac3e
2606:4700:e6::ac40:c407
2607:f8b0:4004:c0b::54
2607:f8b0:4006:809::200a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:821::2003
2a03:2880:f112:83:face:b00c:0:25de
5.45.74.150
50.7.24.35
52.85.132.111
057deb1a8884e70a271756b171f571ce43bd897134aa756106fd4926037e5ab1
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
28f72bc26cb8c6bf06b1b8c706a51b2fb326d11b23d02e7b6f455ab8e20ea3b1
44acad3abfe7f0eb6c25f230b2e4da07e9edf88048330acd7d39803375eadac6
47ff25e8bd5fa3581780ef508ad129d6a9140ee5a72fb46360957da629dfb493
487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864
4c995d44f6c47fe5537cf149e7f9a68f3881993238cef550e7cfcf5f9c7b5f4c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f90de74647c6363e4bdc738e64a92a6a6f108293a2b4a8ef73fb4e4af15ca1a
61eb8674a4fefeaa39649e01594fc03ac6f6d960ed1a439bffcb03c59f63a5d4
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
809202b6a8b5cf9659767fe4779cf2e27bbbc33e222c5741d9035e114f69a2d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a685a4bbaeb5192fbbfcdd1f7a95b60bd966aead6885e460f451c00b26cd140f
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af69b44f9772cbccf9012e1fdb22e7d7351572caa28b81c1536eba0b5de320fa
b1905bd93b355e771ef8889377c541a933fcacb3c77745eff24a812c6e227022
b3f76b4d2d51a937ff14c5e2254a13320c096708a23d2ccc0de3ef3663be79bb
b71cdc8e88c2f07c155c3cd637c30aa48a1fc86f8a8f8d443602b526600969ef
c89f45cd55b50c18c618c3f67e5cb7412bade4ba3c1919e8766b9a8b3670c443
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3d97ca3a8c581a823808f7db30f0e444b8d180e3e94ab4bd4163c356450c68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f133df63b903e5ddfe6acf3e88e083ea99acd9ca34e36623c7c7bfd42a276ed7
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f99b9620efa54add9ccf6284f7225effcbaafecb86f3b287d069e942eaa12ddf
fb6733e993006053958d71a04ca0cc9b82cfc7ffe44ba5f0b5cfecc3519e6f4a
fd16de9d1b2ddb8b6250c2ccf0f9366d59381231191cf23a6ec10e0295a97d50