94ero.com/videos/701855
104.21.16.154301 Moved Permanently 0 B IP 104.21.16.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /videos/701855 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 18:28:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Sep 2022 19:28:29 GMT
Location: https://94ero.com/videos/701855
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4pydSmd3hvhvgA92OH%2FGlpJIoHxiUydGiZ9mOJLeZTHjeeaihFSwVZPU%2FgqM1deMG5EhXHzKKVo6WYJWP8Z4Xy3NtbBVGgcsM8M73jQRT0eaG2GM1QMLL6xeok%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505d1e1baba0b55-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 18:15:03 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jnIwQTIePU4B104QxHWddePdlvF0jWzbwKOVdqpZuGx7gAoAMjbrmA==
Age: 806
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15153
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 18:28:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oE0OvXHm2WfMLbvYUgtW9BdvbpXkMmQYdz7TpCg-v2doFSRl40-Gcg==
age: 49995
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0dd0652067e8e6c5d4a230b345feb498
0ccf2fd18fa76b26f08b29911ff0b3b3e1c58265
e3f7a9ca657d78e017c91102f2b96e4bf8be1bec5d185aba391c2c429287dde9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 26
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:29 GMT
Last-Modified: Sun, 25 Sep 2022 18:28:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 18:28:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 18:04:17 GMT
Expires: Sun, 25 Sep 2022 18:09:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rbf3If0L1Zx6ky682O1WACqzCBBuaBc0b55vllH6EHPL46Q1JTPsaw==
Age: 1452
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:29 GMT
Last-Modified: Sun, 25 Sep 2022 17:07:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JPvRgqw0PwwG9WljnomRdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DA/KLAwyTyKWcqAH8ozCtIaCG3M=
d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
23.38.201.100200 OK 1.6 kB URL HTTP/2 d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (4730), with no line terminators
Hash 6ca5861dd247b41429ca943bbe2abc4c
17dfbc93696d0d6e1417e9574598deb8b58c62ac
59b9c01979c2f8e64c01f95534f59759e5df6b0d943bd7d1172c1e943b19ec40
GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:56 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000043f87610-006266f963-f4bef5d-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=66942
expires: Mon, 26 Sep 2022 13:04:12 GMT
date: Sun, 25 Sep 2022 18:28:30 GMT
content-length: 1558
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.1 kB IP 142.250.74.3:0
Hash 7552019d72fbfcd0af52c449069ec5c3
a37e4704730ee83d32bb6b75539ea4d84d1f3c95
df4bb2f186e24f76b702aef41a86183d93cf6c09ea857dba065f2f8c0adc84b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 11 kB IP 142.250.74.3:0
Hash 72c0056143f7ece3da0f0bd220174abe
c142b2c9f8b6802dd1caaf6f9f70a0fe99c3914c
36739d7da92b565dc3209793e29ceac29dd8d07861b56b3e33ef98ad9055c3fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b83bb25fb9846b6330684f0a1082fa3c
341c63d4be4fcee9c0cd70cc281abb46876a3e57
afceacedff6c7dddb3db5a28862290be52d50157136ce36796fb357b2b7a1a8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Last-Modified: Sun, 25 Sep 2022 17:02:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c874c863e2e5d4f6ed1e77d82d4fa8ac
7f161c50621be6c2c546299df9e7255f59cd1fac
7ad1d23402de4278d8428714d1e98fc1b2b463c748659c7b9b806ca32e04a3d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 18:28:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 20:27:04 GMT
Expires: Fri, 30 Sep 2022 20:27:03 GMT
Etag: "7f161c50621be6c2c546299df9e7255f59cd1fac"
Cache-Control: max-age=438512,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505d1ea3e0eb4e8-OSL
poweredby.jads.co/js/jads.js
185.94.236.244301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 25 Sep 2022 18:28:30 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ad60af0c83821660a1a13f56fa6154c
e8185c7617072b2326ba9ef9ecfdfe3b4f324a9d
eb32161b3787ee3a3b9c5de68a2228322d2d7fa685dc90bfe0b73c1c73d6dce7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB32161B3787EE3A3B9C5DE68A2228322D2D7FA685DC90BFE0B73C1C73D6DCE7"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2229
Expires: Sun, 25 Sep 2022 19:05:39 GMT
Date: Sun, 25 Sep 2022 18:28:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 44 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fdeb797967b6d81d32fd79359cc64cf5
bb459b57de5e25af95452f8feb4d5eee3e574ea5
7b360d59d7579d017214793d8c3a5ffe54ee6feac76cd8d67d7fc83dc29d704e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "DFDC538A29FC232EE31AD407558FD233D2C3F075796B5845B8D36DE8057E4EF8"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16042
Expires: Sun, 25 Sep 2022 22:55:52 GMT
Date: Sun, 25 Sep 2022 18:28:30 GMT
Connection: keep-alive
poweredby.jads.co/js/jads2.js
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.244:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94ero.com/
Connection: keep-alive
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:28:30 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
static-clst.avgle.com/videos/tmb21/701855/default.jpg
45.133.44.9200 OK 20 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/701855/default.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash fbcd96aee88ae8601e1dc96b0d1d5da8
3a36a4cb393833352f6ec8ee46aa8fcaf8b2f711
47593d4347f2b6cd47c738e53f24a86849302a6ace14a8e92e2e3fb6b9bda32b
GET /videos/tmb21/701855/default.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:30 GMT
content-type: image/jpeg
content-length: 19967
server: nginx/1.22.0
x-object-meta-mtime: 1663365165.914991986
etag: fbcd96aee88ae8601e1dc96b0d1d5da8
last-modified: Fri, 16 Sep 2022 21:52:51 GMT
x-timestamp: 1663365170.93046
x-trans-id: tx901fda6234064954b1da3-006328b76d
x-openstack-request-id: tx901fda6234064954b1da3-006328b76d
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 06 Nov 2022 09:28:30 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 6.0 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2ba1e3e35dad6dffc821ec124d219d64
e78071c17ab520e1e0a8cc41254a6c263b93946d
6f09e9bd6ca7d6210b95caabae00feed9f6e3fc90775bf3e4a6e9a45d5d93ad4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 18:28:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 16:06:37 GMT
ETag: "64dd1b7d3e45e1bf8b14533ad949ac0d285f7349"
Last-Modified: Sun, 25 Sep 2022 16:06:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 521
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505d1ed8a99b50b-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adeb1e022d210d65539e3f866b71ed2e
0c9d4abd7c6a1b3fb0865733a9cd92e6297eab49
ce445413b566d57da062ff5a866f8c249eca6a93e9ca10f115a7b8a33b8de2b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE445413B566D57DA062FF5A866F8C249ECA6A93E9CA10F115A7B8A33B8DE2B5"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1807
Expires: Sun, 25 Sep 2022 18:58:37 GMT
Date: Sun, 25 Sep 2022 18:28:30 GMT
Connection: keep-alive
static-clst.avgle.com/videos/tmb13/422362/1.jpg
45.133.44.9200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb13/422362/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 1f04580311c75ac99529f4c28e3b8fb3
ac508b39dcaca173bf1364c2cc08e2693e93b50b
a73ca4b61143143e6fcce027d04698fb7206690b7827cf1b132c16b8ffe74e0d
GET /videos/tmb13/422362/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: image/jpeg
content-length: 17658
server: nginx/1.16.1
last-modified: Mon, 03 Aug 2020 07:20:43 GMT
etag: 1f04580311c75ac99529f4c28e3b8fb3
x-timestamp: 1596439242.95202
x-object-meta-mtime: 1596439244.88826824
x-trans-id: tx0e5e7f624b4540089112f-0062a87e1f
x-openstack-request-id: tx0e5e7f624b4540089112f-0062a87e1f
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Sun, 06 Nov 2022 09:28:31 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb9/314561/1.jpg
45.133.44.9200 OK 15 kB URL HTTP/2 static-clst.avgle.com/videos/tmb9/314561/1.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
Hash 2837ab3459468f99b19f58c1a4cbc144
93d54dadfd022fe803ee3cb5e1d7bbf440a2c1ba
c53ac73bb41b1552817073e8547c325b58e63ccb695cf1c912d2a5cf6245b872
GET /videos/tmb9/314561/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: image/jpeg
content-length: 14664
server: nginx/1.16.1
last-modified: Thu, 29 Aug 2019 13:27:39 GMT
etag: 8de41144d2ae206ba2e7aaec95589674
x-timestamp: 1567085258.09047
x-object-meta-mtime: 1567085261.903167005
x-trans-id: txa7fa2c7c49994f4ca80e4-0062ab4938
x-openstack-request-id: txa7fa2c7c49994f4ca80e4-0062ab4938
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Sun, 06 Nov 2022 09:28:31 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb13/428944/10.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 static-clst.avgle.com/videos/tmb13/428944/10.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
Hash cca75d7db411a0a66a35c98dc7c7a8b7
32b50b33925860036592b965cf93d2b7e00f2ec2
9ac50c52024a9c841519420c13b66cf0c72e3b79fe52c7d6f4763fcb57650351
GET /videos/tmb13/428944/10.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: image/jpeg
content-length: 20918
server: nginx/1.16.1
last-modified: Fri, 28 Aug 2020 21:45:07 GMT
etag: b7a8234a693a916df49d85cc07b20343
x-timestamp: 1598651106.44049
x-object-meta-mtime: 1598651112.835688045
x-trans-id: txb0d6a4925ae44dabaf15f-0062a8b036
x-openstack-request-id: txb0d6a4925ae44dabaf15f-0062a8b036
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Sun, 06 Nov 2022 09:28:31 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb21/693447/19.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/693447/19.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
Hash a994b7f3de18bb4d69cc8434390e15db
1ffe474d35987c4422f4f801c2f1a0a0a5791f82
23d5df44d82ec643b3e13976403e14179da9db011155cb3b9fff602e31c0ea06
GET /videos/tmb21/693447/19.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: image/jpeg
content-length: 16149
server: nginx/1.22.0
x-object-meta-mtime: 1660925711.681070723
etag: d2693ef3a693e9c331ccc8683d5b840b
last-modified: Fri, 19 Aug 2022 16:15:20 GMT
x-timestamp: 1660925719.67991
x-trans-id: tx5542f6438a9c419e84ddd-0063035f1a
x-openstack-request-id: tx5542f6438a9c419e84ddd-0063035f1a
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 06 Nov 2022 09:28:31 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.12200 OK 112 kB URL HTTP/2 js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.12:0
File type ASCII text, with very long lines (65533)
Size 112 kB (112216 bytes)
Hash 61ae460a47db3407ea6d99af5d99d6e2
03d45b4cddb036c234531c296463be33b0aee4b8
b9f6d5ad55f8dbcbf4c39a0a05b19e3b41aa99d3df86a404be8241dfdb4c03f2
GET /jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Sun, 25 Sep 2022 18:23:44 GMT
expires: Sun, 25 Sep 2022 18:38:44 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ByzuZzx21yHzCQsvaskHGwSx-0qGcGEY5eVybaxabDZRfExu64fYiw==
age: 286
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 42 kB URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
File type ASCII text, with very long lines (65371)
Hash b6dc12300a0dcf46522ead847d33fe41
8c35a9e9b314cf186abf2a55caa832e3ab7fe271
73550c18e37860094ae6ff8e2ccc5930b01569d0f185055db4fa0ffe684bd3d0
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: application/x-javascript
last-modified: Tue, 14 Jun 2022 06:53:40 GMT
etag: "62a83074-134"
cache-control: max-age=86400
content-encoding: br
age: 33488
accept-ranges: bytes
tracecode: 02441905120249139210092517
ohc-cache-hit: gz3un58 [2], zhuzuncache55 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb13/417506/11.jpg
45.133.44.9200 OK 13 kB URL HTTP/2 static-clst.avgle.com/videos/tmb13/417506/11.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 3d86b80213c52a4a67c3e63c7cbee173
870bae4dd1893f67a55124b676ee832d1ea07aee
302310bd7988f62658805d75cbe54b00379c17d510dacc4ae6ef4886ced8c045
GET /videos/tmb13/417506/11.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
content-type: image/jpeg
content-length: 12989
server: nginx/1.16.1
last-modified: Tue, 14 Jul 2020 22:04:41 GMT
etag: 3d86b80213c52a4a67c3e63c7cbee173
x-timestamp: 1594764280.02327
x-object-meta-mtime: 1594764286.509559806
x-trans-id: tx494525a6c14c49a681f87-0062a93661
x-openstack-request-id: tx494525a6c14c49a681f87-0062a93661
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Sun, 06 Nov 2022 09:28:31 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
js.juicyads.com/jam_min.js
143.204.55.12200 OK 30 kB URL HTTP/2 js.juicyads.com/jam_min.js
IP 143.204.55.12:0
Hash 2a4333fd6eaca1c8a69215cd04aa5d8a
23c89ee0b9d62b5df5c0278680eeec5c3f57dd7c
614643c612246b2ff898a34ab0cbc4b02d9a7426d181d2d6b67391b09790cb52
GET /jam_min.js HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 23 Dec 2019 18:28:44 GMT
server: nginx
content-encoding: gzip
date: Sun, 25 Sep 2022 03:28:25 GMT
etag: W/"5e01075c-5394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dA21zaUBNwob4O4UHoAgWskIzp5fcVw45qOAv0bQAboIQqjUUeyMeQ==
age: 54005
X-Firefox-Spdy: h2
daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
192.243.61.227200 OK 24 kB URL HTTP/1.1 daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f4b395788f2a4adaf9e80e7e59cc8fd4
448f6bfd964a1126225576f1ce8b95b7a23f15a6
807d7815c25a1c26124380eac2321dadfeda4b253c711bf149fd0323f007eb9f
GET /67/1d/ba/671dbadbf37814e321f252eac8aa2500.js HTTP/1.1
Host: daisycontroversy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 25 Sep 2022 18:28:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8803c88e2cb47bfa402877112297dc37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 3.6 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94b624e4fa6651bc7f18b3a5c1209e56
486a00f58395d9e5f1e30187eda038bb2b2a6e61
5dee47d15fd1714058e197d525dcf7831002a0749a01cd2fd2cb61325b434076
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 74233
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 75072
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 75085
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 73562
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 36718
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zDl5u8ndYwMQ2-4aH1sRDit8p-G3OK9bvGNj1hOab9dWo5389KPGg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:15:05 GMT
age: 36806
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 470c3c3d2ebfbe6d7773c0191b7b978c
9d0f430c8d9b85d91e326317eba71c14e1b6d53d
672008d20d4594fef781c0f8dc413a0c5c33db1470b3c84774fde2c85e1b6058
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "672008D20D4594FEF781C0F8DC413A0C5C33DB1470B3C84774FDE2C85E1B6058"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6440
Expires: Sun, 25 Sep 2022 20:15:51 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dab3e5282ac0f1ca4b167bf147382439
746358bc1c029a5ddeb3f8679020f07109f9fbea
fd299b43eafa48b711fafa6509c1d7580681e2a11ded1c24678e76a9fcef555d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:28:31 GMT
Last-Modified: Sun, 25 Sep 2022 16:55:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d556b916dd7b237f767af5f971254291
42f73d07aa6cabae12fdb8c418128a9e88ce414c
93fe579fb097ec3523cc4f2c0b5d394a4e6b91493070a04885b50dd0b94244a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93FE579FB097EC3523CC4F2C0B5D394A4E6B91493070A04885B50DD0B94244A7"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19510
Expires: Sun, 25 Sep 2022 23:53:41 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f038194067eb0a255d9b9a1a70503e3b
63f77e7ab6971b42bc28dc3aed1a783bc2993efe
299e978fbedd998983ca109f8f7998bce61d822803925aefa78e91d7d9987f73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "299E978FBEDD998983CA109F8F7998BCE61D822803925AEFA78E91D7D9987F73"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17038
Expires: Sun, 25 Sep 2022 23:12:29 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:04 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 713163833
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=675182
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=675182
IP 185.94.236.244:0
Hash 70f9413c03ee61b73e566e4273ed697a
609b2ac162952bfaab148c6cacb9fb0eeea03ec3
01e8310f535d522e74c6e3898c94f87ac7995afcb9c837cdf886b7d5f63c99d5
GET /adshow.php?adzone=675182 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:28:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: imps52682=2; expires=Mon, 26-Sep-2022 18:28:31 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; expires=Wed, 28-Sep-2022 18:28:31 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 28-Sep-2022 18:28:31 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user5410/52682-1663959733-0241617001663959733.png
69.16.175.42200 OK 45 kB URL HTTP/2 i.jads.co/network/user5410/52682-1663959733-0241617001663959733.png
IP 69.16.175.42:0
File type PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data
Hash db05cc5b4e6a1271b02606edfcaad33a
e0b1f365b19522084b624fdf1ca75115e44b9cfd
b815181beac7aab86bc369398d9fb3b4153c920d1f77a777dd8572622386ae8a
GET /network/user5410/52682-1663959733-0241617001663959733.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
etag: "1663959733"
cache-control: max-age=31449073
content-length: 45419
content-type: image/png
last-modified: Fri, 23 Sep 2022 19:02:13 GMT
accept-ranges: bytes
x-hw: 1664130511.dop009.sk1.t,1664130511.cds071.sk1.hn,1664130511.cds206.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=853015
185.94.236.244200 OK 1.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=853015
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 5e8863abb1b3343540c77144d30fb10f
b9b2ba3edbbb9e1cb575a41b7133e0b7f6c4c966
0d151cfeb97ad4de7c10c2acc2368e4ad79694ded9e9077f00ae209720e4b691
GET /adshow.php?adzone=853015 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:28:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: imps22340=1; expires=Mon, 26-Sep-2022 18:28:31 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToyOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O2k6NTkyOTgwO2k6MTY2NDM4OTcxMDt9; expires=Wed, 28-Sep-2022 18:28:30 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 28-Sep-2022 18:28:30 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e5350e90e905718799a5dfdc05851
fd0dcb58ece4eda0b7e5fea119e2a40e8939d964
6e0f8632f31ffd27b24da762eb458a1b10a7b2a47fe4222f93c90f60b8822196
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E0F8632F31FFD27B24DA762EB458A1B10A7B2A47FE4222F93C90F60B8822196"
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4187
Expires: Sun, 25 Sep 2022 19:38:18 GMT
Date: Sun, 25 Sep 2022 18:28:31 GMT
Connection: keep-alive
i.jads.co/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToyOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O2k6NTkyOTgwO2k6MTY2NDM4OTcxMDt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=2; imps22340=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
etag: "1457030838"
cache-control: max-age=23094755
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664130511.dop009.sk1.t,1664130511.cds071.sk1.hn,1664130511.cds217.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/22340-1505050856.gif
69.16.175.42200 OK 171 kB URL HTTP/2 i.jads.co/network/user500/22340-1505050856.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 171 kB (171317 bytes)
Hash 180dc33ec80c6b74134c11cef704f1d7
a080dac3932e29bfdd11bf105be49a5193a7ed7e
aca783083a2095296ec6d146027df96f66b465bb3ac713d14c1ff9965cce38d5
GET /network/user500/22340-1505050856.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToyOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O2k6NTkyOTgwO2k6MTY2NDM4OTcxMDt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=2; imps22340=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:31 GMT
etag: "1505050856"
cache-control: max-age=20876817
content-length: 171317
content-type: image/gif
last-modified: Sun, 10 Sep 2017 13:40:56 GMT
accept-ranges: bytes
x-hw: 1664130511.dop009.sk1.t,1664130511.cds071.sk1.hn,1664130511.cds257.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=731571
185.94.236.244200 OK 2.1 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=731571
IP 185.94.236.244:0
File type ASCII text, with very long lines (394), with CRLF, LF line terminators
Hash 3df580ae7c15ed1605890e940aadcbc9
5efa53370b30c54f1fd225ff07dd31843abeeb4b
4b9c5835bc68e128c58795869e83e02dd4ef19645e7394a20e3fe21b1e5af770
GET /adshow.php?adzone=731571 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToxOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:28:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: imps271=1; expires=Mon, 26-Sep-2022 18:28:31 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToyOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O2k6Nzk2NjUzO2k6MTY2NDM4OTcxMTt9; expires=Wed, 28-Sep-2022 18:28:31 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 28-Sep-2022 18:28:31 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user4057a/271-1569119961-0159563001569119961.jpg
69.16.175.42200 OK 72 kB URL HTTP/2 i.jads.co/network/user4057a/271-1569119961-0159563001569119961.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash 76863b7305bce0a361a33fb60ff6ddf5
c69d413c020b4a57946c619f7c1b1b55539d2400
ab804d9cb6d1173e0e9944c867159958122ba8e420f6e1d4ecb8be3511157b1d
GET /network/user4057a/271-1569119961-0159563001569119961.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=14e3c9361cae931e74336bc69a3f76f7; imps131=1; juicy_data_1=YToyOntpOjE0NjQ1NTQ7aToxNjY0Mzg5Njg1O2k6Nzk2NjUzO2k6MTY2NDM4OTcxMTt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps52682=2; imps22340=1; imps271=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:32 GMT
etag: "1569119961"
cache-control: max-age=21438329
content-length: 72069
content-type: image/jpeg
last-modified: Sun, 22 Sep 2019 02:39:21 GMT
accept-ranges: bytes
x-hw: 1664130512.dop009.sk1.t,1664130512.cds071.sk1.hn,1664130512.cds205.sk1.c
X-Firefox-Spdy: h2
d24ak3f2b.top/advertisers.js
142.0.204.220200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 25 Sep 2022 18:28:32 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/701855
183.232.231.173200 OK 311 B URL HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/701855
IP 183.232.231.173:0
ASN #56040 China Mobile communications corporation
Hash cf61497419b6aeea5d01b91a393fc92f
f5c4a27c5917f8f809545af226521b20e3f85dbb
b3d39b73633b1b117c57c3993f62e926386d5133e3d8b9485f4fb7c0d4963a30
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/701855 HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 25 Sep 2022 18:28:31 GMT
s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:153935903&@b3:1664130510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Ff421c3439a04d206b600&@w
192.99.13.63200 OK 122 B URL HTTP/1.1 s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:153935903&@b3:1664130510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Ff421c3439a04d206b600&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 488ba66b3cd3aa1ab82c0c9043570c17
fc6408817842c0934dffb1b1ec718849ccd5851a
5063d4c2c791c7c9f24510e4ce51c1506655a329d64100051971c43e0431c327
GET /stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:153935903&@b3:1664130510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Ff421c3439a04d206b600&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 18:28:32 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 122
Connection: close
s10.histats.com/counters/cc_1032.js
46.105.201.240200 OK 5.6 kB URL HTTP/2 s10.histats.com/counters/cc_1032.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (15441), with no line terminators
Hash 0ec7f2a21cef271e478d52652b3ce8f0
7644885c01d5197c2d8b26cfcdcbeb6d60b3f792
ce0aaf0880f892c04c6e8070b036cbf3822255136e47052eca1f9b712d56e84b
GET /counters/cc_1032.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:20:41 GMT
etag: "-33105628"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 589104636
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5573
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 287d2412da1baf3c6215a6fcd00c7093
11d609821fa875407c9a943ff30875aa44459adb
accdc26685c3a61244f0fdc3b054c1cf26093c167e7a2e633f35f258dd7a2e45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 18:28:32 GMT
Last-Modified: Sun, 25 Sep 2022 16:51:49 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HbcD64MdvojQJQyzMnZtlMwWiNhSDVS6v8V-_I_cwWH4Cp_NWPAudw==
Age: 5803
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash ec0904fb5bd13b856ae37e73312016e7
63ef606c40278c934b54de0c43036dff80696bef
665e180486c305c177c3c5ec6e88ef1bfe121a25bc5620ae74c241bf8784cf7b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avgle.com
Connection: keep-alive
Referer: https://avgle.com/
Cookie: uid_id2=a219ff5d-bbd9-445b-bbeb-677cf285c956:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:28:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://avgle.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
103.235.46.191200 OK 12 kB URL HTTP/1.1 hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash beb8676eeb0bf9764c739e5b6fe528f6
177f5293a912c8b8e2ecabb3697133ed3dc18d29
d9d3a2eb5eeb7cdc2946ae24d63dde4cda141833ebc03c435243174e0a6a829c
GET /hm.js?e810e7f85127761c3b5d14c6b42b9ce4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 18:28:31 GMT
Etag: 5a83e6d3dcefba808df04ae24ecd3381
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2B22CBB9EB157052; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1664130511&rnd=1428730400&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=2&sn=256&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F701855&tt=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9-
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1664130511&rnd=1428730400&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=2&sn=256&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F701855&tt=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9-
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1664130511&rnd=1428730400&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=2&sn=256&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F701855&tt=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9- HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 18:28:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DB6E9E6A0C18FBDF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 968198a1616f58bae179ece51ddee081
255d4fd03085e47ca29f32aa918ecb9e2c6d0f31
5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14769
Expires: Sun, 25 Sep 2022 22:34:41 GMT
Date: Sun, 25 Sep 2022 18:28:32 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=a219ff5d-bbd9-445b-bbeb-677cf285c956&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 476 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a219ff5d-bbd9-445b-bbeb-677cf285c956&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash 18021f6f5cb777e2f1376ee7d3b8ea77
081b1a0e1a00792b91521fe188c9be472f59f6cd
164cc008ef09dc81dca8a8c5501376715685ddb06beb5f8981e895443406186b
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a219ff5d-bbd9-445b-bbeb-677cf285c956&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 25 Sep 2022 18:28:33 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b5004d9b481fbabb15344e0cae261e0
Strict-Transport-Security: max-age=0; includeSubdomains
social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F701855&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F701855&title=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9-&env=REAL
23.38.200.34200 OK 801 B URL HTTP/1.1 social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F701855&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F701855&title=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9-&env=REAL
IP 23.38.200.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 77161a2c0af12df194c72ee696d0e85d
db8717979bdbf341d0119d3eb7658e4ecafc697e
799450eff202e414c3a5ccb6e45fdd2225a18ac5c5287cecca45952c31976736
GET /widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F701855&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F701855&title=94ERO%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%E8%8B%A5%E3%81%84%20%E7%BE%8E%E3%81%97%E3%81%95%20%E5%AE%98%E8%83%BD%E7%9A%84%E3%81%AA%20%E3%82%AA%E3%83%BC%E3%83%A9%E3%83%AB%20%E3%82%BB%E3%83%83%E3%82%AF%E3%82%B9-&env=REAL HTTP/1.1
Host: social-plugins.line.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 25 Sep 2022 18:28:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Sep 2022 18:28:33 GMT
Content-Length: 801
Connection: keep-alive
Vary: Accept-Encoding
www.line-website.com/social-plugins/img/common/line_icon_v3.png
23.38.201.100200 OK 906 B URL HTTP/2 www.line-website.com/social-plugins/img/common/line_icon_v3.png
IP 23.38.201.100:0
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced\012- data
Hash 5b5dbfdf26951c09f907b46805f10b5a
fe16f44110501e5d82aeb2b91ba9c6760108f271
6ba9ecf0a6e418c4c8772d4d2bc546945e156e7d333112410b88bdc04b947423
GET /social-plugins/img/common/line_icon_v3.png HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: image/png
content-length: 906
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:08:00 GMT
x-rgw-object-type: Normal
etag: "5b5dbfdf26951c09f907b46805f10b5a"
x-amz-meta-s3cmd-attrs: md5:5b5dbfdf26951c09f907b46805f10b5a
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000066ed51ed-0062a8958d-f4bef5d-jp2
strict-transport-security: max-age=15768000
cache-control: public, max-age=10900061
date: Sun, 25 Sep 2022 18:28:34 GMT
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/css/widget.1.17.0.0.css
23.38.201.100200 OK 2.2 kB URL HTTP/2 www.line-website.com/social-plugins/css/widget.1.17.0.0.css
IP 23.38.201.100:0
File type Unicode text, UTF-8 text, with very long lines (8338), with no line terminators
Hash 5244ad6ebba20429622947ed6f87cc09
8f9de79bcf2045f053c8f686f5ad31e699e59519
081085d173cc7dff128909b2f6c806ad84982da56309edb77c35485eaa2ce17e
GET /social-plugins/css/widget.1.17.0.0.css HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: text/css
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:58 GMT
x-rgw-object-type: Normal
etag: "0bf065d0cd685dac6d59c469a52b9720"
x-amz-meta-s3cmd-attrs: md5:0bf065d0cd685dac6d59c469a52b9720
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004395aeec-0062661229-f4bc22f-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=9767724
date: Sun, 25 Sep 2022 18:28:34 GMT
content-length: 2245
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
23.38.201.100200 OK 9.3 kB URL HTTP/2 www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
IP 23.38.201.100:0
File type Unicode text, UTF-8 text, with very long lines (31934)
Hash 1aa2fab97e3e6f41d6d58ef636bfa099
0cfcbb77989bc2bf5cf8926764ebc041980fb9a6
42d02ca6a30ea5dab01d024764f14f88461d25ce59b88d3e613f194e27897735
GET /social-plugins/js/widget/button.1.17.0.0.js HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:57 GMT
x-rgw-object-type: Normal
etag: "ddbc80bdec4dfa544bda15e3f65c4630"
x-amz-meta-s3cmd-attrs: md5:ddbc80bdec4dfa544bda15e3f65c4630
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004398d491-0062661229-f4bc21a-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=298978
date: Sun, 25 Sep 2022 18:28:34 GMT
content-length: 9315
X-Firefox-Spdy: h2
d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
23.38.201.100200 OK 8.7 kB URL HTTP/2 d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (32963), with no line terminators
Hash 926a122b2f2a293991fe1571de214d8c
c7e0a134f2f04237c10d857937c987fb091cbe57
ec6b37e265ba072b9d9bc1688ab36d0087f06fbc57b0da01117aa5641a01424e
GET /n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Nov 2020 03:02:38 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2865
expires: Sun, 25 Sep 2022 19:16:19 GMT
date: Sun, 25 Sep 2022 18:28:34 GMT
content-length: 8672
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b223f1be536390177416dff36a63db9c
599044ba4c9edfc989ff13f51b298848a9afa7f8
1aa288d0bb99ed7a7a66ee8c40471e69347830ced1eaec630031299029d79bc8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 18:28:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 15:38:24 GMT
ETag: "599044ba4c9edfc989ff13f51b298848a9afa7f8"
Last-Modified: Sun, 25 Sep 2022 15:38:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 227
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505d2042885b50b-OSL
torimochi.line-apps.com/1/req?cid=b1b7852486db7f50&threshold=76&eventType=pageview×tamp=1664130512527&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=b1b7852486db7f50&userAttr0=0&sessionId=b1b7852482532340&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1664130512527&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=36&windowY=57&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%22d1a809340a986619%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
147.92.191.144200 OK 43 B URL HTTP/1.1 torimochi.line-apps.com/1/req?cid=b1b7852486db7f50&threshold=76&eventType=pageview×tamp=1664130512527&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=b1b7852486db7f50&userAttr0=0&sessionId=b1b7852482532340&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1664130512527&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=36&windowY=57&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%22d1a809340a986619%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
IP 147.92.191.144:0
ASN #38631 LINE Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /1/req?cid=b1b7852486db7f50&threshold=76&eventType=pageview×tamp=1664130512527&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=b1b7852486db7f50&userAttr0=0&sessionId=b1b7852482532340&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F701855%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F701855%26title%3D94ERO%2520%25E6%2597%25A5%25E6%259C%25AC%25E8%25AA%259E%2520%25E8%258B%25A5%25E3%2581%2584%2520%25E7%25BE%258E%25E3%2581%2597%25E3%2581%2595%2520%25E5%25AE%2598%25E8%2583%25BD%25E7%259A%2584%25E3%2581%25AA%2520%25E3%2582%25AA%25E3%2583%25BC%25E3%2583%25A9%25E3%2583%25AB%2520%25E3%2582%25BB%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25B9-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1664130512527&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=36&windowY=57&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%22d1a809340a986619%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D HTTP/1.1
Host: torimochi.line-apps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:28:34 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 40763
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2