firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 19:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HpPT-6H85PW2CGspdrQixwcqcPoPWfp8KNvlhqKnOrvo5l7e-ojPIA==
Age: 2631
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2580
Expires: Fri, 09 Sep 2022 20:32:46 GMT
Date: Fri, 09 Sep 2022 19:49:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y_A4tZVrHOBv2X5MH7XUafzV1ID1CRR8gN7fs4TRO9qoTRmEsbukNw==
age: 57792
X-Firefox-Spdy: h2
freedatacx.xyz/3108508758927234
104.21.8.9200 OK 2.3 kB URL HTTP/1.1 freedatacx.xyz/3108508758927234
IP 104.21.8.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 3cad215d185384c5dafacc95dddb42b0
fed83fec873b5a648f04c2c132c56a9449901fc0
daa940aba1af9b2bd0718c67028cc1774e2946a1407b34ab2cbf42a5ea01f782
GET /3108508758927234 HTTP/1.1
Host: freedatacx.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: pid=3108508758927234; expires=Mon, 12-Sep-2022 19:49:46 GMT; Max-Age=259200; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=748Mc46PufC6UWrjcgoUai1BtlCKOL6gejYNGfCrsMLXnqCOgyJGav2uu6rJW8B5zVG4taSQl42njXW2vgRLS6U6J3SsPpxwNbjCJ3IgQRC8yNdM6Vd4bcM54hupMYBBIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f26bd00afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:49:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33434
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 05:00:09 GMT
Expires: Thu, 07 Sep 2023 05:00:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 226177
4gdatacu.xyz/js/bootstrap.min.js?1662752986&_=1662752977507
188.114.97.1200 OK 18 kB URL HTTP/1.1 4gdatacu.xyz/js/bootstrap.min.js?1662752986&_=1662752977507
IP 188.114.97.1:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1662752986&_=1662752977507 HTTP/1.1
Host: 4gdatacu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Sat, 10 Sep 2022 07:49:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O1nVOuuG6BAVba5NKQZ9qEyLOTW8jJI7o9EmXfJUVOsl72BpXovo9MSj%2Bb14JQ2qPthIna%2FF2YHD6Gadh4m3%2FmQ89nmPASjNYgAbqYQGsxRwIkEi3hol4yfeOU7j5o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f66c88b51e-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 18:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 19:45:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rflMVSMuAtwgcbk44wB0LdCPAwi69gihpBDtCJvCF6Bbrp6OXYMK3w==
Age: 3220
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3207
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:47 GMT
Last-Modified: Fri, 09 Sep 2022 18:56:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-228184982-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-228184982-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash fc509a82aaa77755cda7e29d1b770e0e
a0145b5ccfee9969a35b2b901854538b74e8c79f
370808d37e14de12063ab836c2238a7b32d38f73fc60445a263a8486391a9d46
GET /gtag/js?id=UA-228184982-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 19:49:47 GMT
expires: Fri, 09 Sep 2022 19:49:47 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b45a8683d302368eb675654f0e167ca
fa2dc3d5ab5541d0ea14770a6a308cdf1d22f1e3
afecf4e4f6ad4da8b04a3bf444aafaf6ce4b4ecfdeaab84a8ba37ba18e4bdb5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFECF4E4F6AD4DA8B04A3BF444AAFAF6CE4B4ECFDEAAB84A8BA37BA18E4BDB5A"
Last-Modified: Fri, 09 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4439
Expires: Fri, 09 Sep 2022 21:03:46 GMT
Date: Fri, 09 Sep 2022 19:49:47 GMT
Connection: keep-alive
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V23XLG1EcqfSeXBNQb+i5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3FjnbKcTy+adv2BXROJ7/pExPzo=
ulogin.ru/js/ulogin.js
95.163.118.168200 OK 19 kB IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (580)
Hash 2a0c0923151479ada7471cdac3948867
2c4963de82442c3b9aa4aa1a2b470f97d2dac40f
a0d2d1dbde89b1f3acaaf5adf4d3ab4a9ad62ac219c01627ca437da996e84d74
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 19:49:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 29 Aug 2022 19:41:34 GMT
Set-Cookie: ulogin_token=u35afe3b12a78adedc19980fb24a81a4e; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Mon, 12 Sep 2022 19:49:56 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
allfree4ghm.xyz/js/bootstrap.min.js?1662752986&_=1662752977499
172.67.181.161200 OK 14 kB URL HTTP/1.1 allfree4ghm.xyz/js/bootstrap.min.js?1662752986&_=1662752977499
IP 172.67.181.161:0
Hash 2bba9918d326d36341047740a8c47dc4
337d89b784afc33aaa00b2dff09c7cc9b0c6b484
801ae829738821b5e306aea6650c821cd9d980a3f71f9f53c301deb492b443fe
GET /js/bootstrap.min.js?1662752986&_=1662752977499 HTTP/1.1
Host: allfree4ghm.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Sat, 10 Sep 2022 07:49:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gpdj0j5mEc8fF7yie0O9xkqwDYNDK77Aw%2BaAWRFCvNOcDtQ%2FMGVrOQMqieZ9B8TTEWqP2FSfS3lKNA8Z9z%2FQeoCdeoZAaBp2jj2llPpYH69nKUzGQM%2Bf5kbcDj7y1%2BaiP0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f62e18b524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 34 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c075548c011f920cd0ceaf3929c786ec
e9729abd12f48f89247e74ef1a8a880f5b7b285b
dd350f48e1ab7e0454f322d37ae82583e940e9da3602d715a2638551d2ba445d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:59 GMT
age: 78409
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
free4gdataji.xyz/js/bootstrap.min.js?1662752986&_=1662752977500
172.67.137.74200 OK 13 kB URL HTTP/1.1 free4gdataji.xyz/js/bootstrap.min.js?1662752986&_=1662752977500
IP 172.67.137.74:0
Hash 836496604b3478b8a53ee7cce29032c9
ac36ce504fdf32d6abe4788db8c9f383ce60c32a
bbd265c879f66a30d2fc546b4919f640f8d0e0f4142cf8869f557d6e3a71adad
GET /js/bootstrap.min.js?1662752986&_=1662752977500 HTTP/1.1
Host: free4gdataji.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Sat, 10 Sep 2022 07:49:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0OlbiRKme0KAMkOJP0L8dltqYE6G8TcODOCaUY9X0awE1eHl4YlmH4Zc6iZAi1%2B%2BL6CwlwGD2S%2B5Fa5W6S%2FdJ%2Fn9GENgONszSA44Ey2k%2BYY%2BYn5YiUMOsBftmS7Gkp6gFuS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f62f6c0afe-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
IP 34.120.237.76:0
Hash 316bcc6251faa84cdd4ab78a1bd43030
26c1d1617e3844b551d0998a9727c4721c752681
30d30744f340988fa0b31b2dab9f7375211ee0143c10c6beb06b1ee4e64466ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16161
x-amzn-requestid: 041df785-47cb-476f-9c22-d1f776c34bdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThG4uoAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-66d92cab4181c30f66fe59c3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WB79ZqWSIlt3JU8KdLx7tROSorUqBoLEB7wdLSDotNfYOfz53wEB7w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:53:13 GMT
age: 78995
etag: "712d9774b838f4d0ade26b674e8d038295cf3a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 117 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
Size 117 kB (117297 bytes)
Hash 4449159a04d9efa17c06cb95cb9335cd
890605a75386a023648427d2bef5aae16ea95858
2ffab9a42aaa797b2160dec85e387daead53a9eabae15092101716c133988383
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 75290
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
Hash 8f40bad04f830deec6e60949a1be1329
94efe38fd75e5e917c853b76ab617b6448869192
e29eae3891aa887e1c8816468676c3d65f8ce14366dc74119d3b3c9d72050dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 79437
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
freedatabg.xyz/js/bootstrap.min.js?1662752986&_=1662752977498
172.67.213.1200 OK 9.3 kB URL HTTP/1.1 freedatabg.xyz/js/bootstrap.min.js?1662752986&_=1662752977498
IP 172.67.213.1:0
Hash 171458e5665c5e320549442161c880a2
6f69d82b66fa94068a945dbcbe553fdda3097e4f
f849012259649c018093d38b343e75120daef9d3bf4b559ad0cdf1e4e19a4e8d
GET /js/bootstrap.min.js?1662752986&_=1662752977498 HTTP/1.1
Host: freedatabg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Sat, 10 Sep 2022 07:49:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM6aB1MakCXZ4X2R2zoLhptihfByGCVN11Q3pZ4az%2FZY01D%2BOu1plyCEr9oQ1D9uKlIyjiZWRJDV5vp%2FF3h%2F6Ar56n7blgRuW3ik4uynFdGxvMYiapsMcN5OAZ%2B9e1Wyfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f5ffa0b51b-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
Hash 85531c9ead26d98f0c62dcd121c739e6
a747190f5a06b1a46b5fcf2120ad8b5b2cc43635
decce11789ab760e82912bd9b9cf9ad19dccdb960bc927c48f36c9bd61eb065a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 78273
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ulogin.ru/stats.html?r=2126&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4752&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=2126&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4752&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=2126&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4752&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 19:49:57 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/stats.html?r=11389&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4753&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=11389&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4753&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=11389&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4753&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 19:49:57 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2114553be18ab16b70e4476a1cf015f
289a6463c065858fdec8d511decf747bd888c36f
2cf4458ad720ebb6e461a33f3a8c5fd8ed85926e6367f529df0fc75366528a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CF4458AD720EBB6E461A33F3A8C5FD8ED85926E6367F529DF0FC75366528A1E"
Last-Modified: Thu, 08 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7209
Expires: Fri, 09 Sep 2022 21:49:57 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
95.163.118.168200 OK 8.4 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
Hash 9544e00746924b084a9300ed4d019b28
26eff8a9bb47b928624daa22201ceef66b90a870
76a2bd1bda43ea6be02cbaba0742e48bb9c3e8bb85f0dfa150686c99fba7c756
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=2126&type=panel&xdm_e=https%3A%2F%2F4gdatacu.xyz&xdm_c=default4752&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 19:49:57 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Mon, 12 Sep 2022 19:49:57 GMT
Cache-Control: max-age=259200, public
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 770d17bfdecdd150744e5788e76bfcf7
692119022cc9ceb9126bed9e1df669644051f3c5
58bd8c77a52b0832d5ab9891aa695c83b9f067ef817caaaf53ab1f4524a35edf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58BD8C77A52B0832D5AB9891AA695C83B9F067EF817CAAAF53AB1F4524A35EDF"
Last-Modified: Thu, 08 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3666
Expires: Fri, 09 Sep 2022 20:50:54 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df96dcb4429d18306a91cc1b874a3497
7645b815f8cc3755c76245704e7671cfd00005be
fa8030320abb621f366e9d76a1840d9c734741578a2e2a302c68d144eb03ffa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA8030320ABB621F366E9D76A1840D9C734741578A2E2A302C68D144EB03FFA2"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15759
Expires: Sat, 10 Sep 2022 00:12:27 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8319f6320b485998164e87c227649f0b
086219418909ad17aa02b969e4a3ef19bf23eb81
087901acc8548a84353c98f6a3d86c914ef8b64b0846adf3c086f8cfb23323b9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Sep 2022 18:19:42 GMT
ETag: "086219418909ad17aa02b969e4a3ef19bf23eb81"
Last-Modified: Fri, 09 Sep 2022 18:19:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 498
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74827303cec10b59-OSL
counter.yadro.ru/hit?t26.6;rhttps%3A//4gdatacu.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D11389%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252F4gdatacu.xyz%26xdm_c%3Ddefault4753%26xdm_p%3D1;0.8591448982339939
88.212.202.52200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//4gdatacu.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D11389%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252F4gdatacu.xyz%26xdm_c%3Ddefault4753%26xdm_p%3D1;0.8591448982339939
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//4gdatacu.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D11389%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252F4gdatacu.xyz%26xdm_c%3Ddefault4753%26xdm_p%3D1;0.8591448982339939 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 09 Sep 2022 19:49:48 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Wed, 08 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
cdn.smntq.com/c83ul/smart.js
95.217.109.66200 OK 888 B URL HTTP/2 cdn.smntq.com/c83ul/smart.js
IP 95.217.109.66:0
ASN #24940 Hetzner Online GmbH
Hash d16972bf479a591f209784ef64053a81
26429fc2f15c894ba9d6b999932d946742189024
3bad3fa6a66726b662a13c813c660dc0805ba3e8d7bc0c544cffc984144134c1
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 09 Sep 2022 19:49:48 GMT
content-type: text/javascript;charset=UTF-8
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
algoaspace.ru/rev/
185.246.65.16200 OK 5.6 kB IP 185.246.65.16:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c6f0fefb9af1bb7349a8c886a7709943
3c5ffb009bebced7b102fb1f8955d789212926a1
d9f9e13efc4f672ee7dc554ec4c1ebf7cc17a2b7b7a4b38f2e9aaa3ee6306b47
GET /rev/ HTTP/1.1
Host: algoaspace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Fri, 09 Sep 2022 19:49:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: utm1=1:cc5e318b-f885-449a-9d71-f68de252ee30; expires=Sat, 09 Sep 2023 19:49:48 GMT; Max-Age=31536000; Path=/
ttl_NGdkYXRhY3UueHl6=0; Path=/
Last-Modified: Friday, 09-Sep-2022 19:49:48 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2340d71e852ee660e9f4b5de50ea0dc4
b86e2eda39bebb0d0ede2b2c108c68354cde50ab
e8fff3c3f13c5894bfcc0ab25a7a8f74c0385c1cfab79655f30c12448ee81acd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8FFF3C3F13C5894BFCC0AB25A7A8F74C0385C1CFAB79655F30C12448EE81ACD"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20792
Expires: Sat, 10 Sep 2022 01:36:20 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1487c8f79c70d11227aea429abca43a
625e0714ce780f242c89347d2d16c8c1f9311836
fc4d6f8861f3c818ba7d5de36d01fb5aa496fe1055bc158288bfb842b97a3492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC4D6F8861F3C818BA7D5DE36D01FB5AA496FE1055BC158288BFB842B97A3492"
Last-Modified: Wed, 07 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5658
Expires: Fri, 09 Sep 2022 21:24:06 GMT
Date: Fri, 09 Sep 2022 19:49:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/pVSTwSU3Fx4/hqdefault.jpg
142.250.74.142200 OK 39 kB URL HTTP/2 img.youtube.com/vi/pVSTwSU3Fx4/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 5bfef6fc36dda3cb30b943ed560d3352
62fccec002dd097ed46a306bde110a02a8cd787c
8bce98d0b717d85aca5afe9f52c484bdcf69059200270bb5230faca638de2900
GET /vi/pVSTwSU3Fx4/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 38638
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1528111693"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/b0uPVYQhhJY/hqdefault.jpg
142.250.74.142200 OK 26 kB URL HTTP/2 img.youtube.com/vi/b0uPVYQhhJY/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8f40f7ba18383be9d1dae4296dbbe753
cdfe850a6866b0f4679a516659912e4b7ee382b4
4200a50be38d3ffda83baa6555e286ddcb3d180a2ec0f270a1b6754e0ae3d700
GET /vi/b0uPVYQhhJY/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26172
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1609930453"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 09 Sep 2022 18:41:12 GMT
expires: Fri, 09 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4117
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/AkFi90lZmXA/hqdefault.jpg
142.250.74.142200 OK 31 kB URL HTTP/2 img.youtube.com/vi/AkFi90lZmXA/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 68add9d15116ae8d9bb322bbaa2d5137
edcc5dde0a07b241deaba812e5f7d8fb4d13ad4d
87de798ad54fea6c0a7cb00bfbbe6a7beb3390eaee83b806659b6b03348befb5
GET /vi/AkFi90lZmXA/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 30775
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1534356835"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/pa8pkW67LSM/hqdefault.jpg
142.250.74.142200 OK 26 kB URL HTTP/2 img.youtube.com/vi/pa8pkW67LSM/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 7ce2fac55bfc404cf5ed852a92d7ccc5
d39830f3c7dbf360426471a3035a2e444c8267d9
5ebf4456ffb2800e32618cf14aaa1f19013679b49690f91a24e11a04252e5e33
GET /vi/pa8pkW67LSM/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26012
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1629218599"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/a_G2cQqpGtU/hqdefault.jpg
142.250.74.142200 OK 34 kB URL HTTP/2 img.youtube.com/vi/a_G2cQqpGtU/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8c63d474d4af57c3c4678d8eed669915
8a4afcda8f94496f199d6f41229b27d6874e8a9b
8f35523dd3e9e91d716691085cbe7565c39992310f9c9546e9cb30711d59d228
GET /vi/a_G2cQqpGtU/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33810
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1591431005"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/4us3pBg187A/hqdefault.jpg
142.250.74.142200 OK 21 kB URL HTTP/2 img.youtube.com/vi/4us3pBg187A/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash b2e67797395ce25f296dcb75d5e6837e
5f02ab145c4df8aeba368219ce05e3f4345e2c81
3eb515d98bdae6a85a3e97cce0e14f78fde0cc710e43051d223a1a979e98809a
GET /vi/4us3pBg187A/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 21066
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 18:27:49 GMT
expires: Fri, 09 Sep 2022 20:27:49 GMT
cache-control: public, max-age=7200
age: 4920
etag: "1412668920"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/hJAfGVpjCBI/hqdefault.jpg
142.250.74.142200 OK 34 kB URL HTTP/2 img.youtube.com/vi/hJAfGVpjCBI/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash ca7216c6f4aab656345ddd3d252572dc
9a3c8db073df89d5cd573bcd21f7e6ac02cca777
7a5b813f460598b74d260090c3ff461dfe4a664dc19ff8c86172a5b50b5174ba
GET /vi/hJAfGVpjCBI/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33541
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1631903077"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5573
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Last-Modified: Fri, 09 Sep 2022 18:16:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
img.youtube.com/vi/QuZPsaTcUUM/hqdefault.jpg
142.250.74.142200 OK 35 kB URL HTTP/2 img.youtube.com/vi/QuZPsaTcUUM/hqdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 18d023f666383aa7889d81e36e2157b8
ad2a8c12f33c6ee9886dd80eb485327a4b987cd0
55f8a15896180b3957b60295732d46f9849286f1eb2554a5516cb33d2ab9ddbd
GET /vi/QuZPsaTcUUM/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35013
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 19:49:49 GMT
expires: Fri, 09 Sep 2022 21:49:49 GMT
cache-control: public, max-age=7200
etag: "1628612722"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash f7a9036b47c98b3f5e14f425e0929b36
a013585b7ce09cdb30e1ba4b88825ee2158800cf
6138b5683c31052fe2975104d14b3ed7c73cd6a7dd3538fa3d2f99345408e837
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4gdatacu.xyz
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4a3908dd680d635ac7bc2e470aed4df7
etag: "e77fc7cc1edd94e3f19d7510cdf00ed0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Sep 2022 20:04:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 96kDa0fJiz9eFPQl4JKbNg==
x-fb-debug: njyj6q3jEbBO1VppP0hMERK0oW8WYMo2x5+hAWK8kWRI+qTXrolGmXgYQ1FHy+AgIbv5qALTrqz7bTn12XBvcQ==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1679558926
date: Fri, 09 Sep 2022 19:49:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=1550233605&t=pageview&_s=1&dl=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D&dr=http%3A%2F%2Ffreedatacx.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=226437798&gjid=1135790522&cid=766755267.1662752980&tid=UA-228184982-1&_gid=205078449.1662752980&_r=1>m=2ou970&z=1393897295
142.250.74.142200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1550233605&t=pageview&_s=1&dl=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D&dr=http%3A%2F%2Ffreedatacx.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=226437798&gjid=1135790522&cid=766755267.1662752980&tid=UA-228184982-1&_gid=205078449.1662752980&_r=1>m=2ou970&z=1393897295
IP 142.250.74.142:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1550233605&t=pageview&_s=1&dl=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D&dr=http%3A%2F%2Ffreedatacx.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=226437798&gjid=1135790522&cid=766755267.1662752980&tid=UA-228184982-1&_gid=205078449.1662752980&_r=1>m=2ou970&z=1393897295 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://4gdatacu.xyz
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://4gdatacu.xyz
date: Fri, 09 Sep 2022 19:49:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash acfb111cf5adeccbd08b8b8c5d41ac3b
954cc53399695bd51a49c6b473badc7ea69f3c04
1044cabc71320319e145e7cd6a22d8050739b194e0c848a0cfab4204e2301470
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:49 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 13 Sep 2022 18:17:04 GMT
ETag: "954cc53399695bd51a49c6b473badc7ea69f3c04"
Last-Modified: Fri, 09 Sep 2022 18:17:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2965
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74827306a9890b59-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5573
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:49:49 GMT
Last-Modified: Fri, 09 Sep 2022 18:16:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
mc.yandex.ru/metrika/watch.js
77.88.21.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 1d55754e516a64479901a61dc8a0d136
7c47529b53f613bb2ffac7a32530e8fd594c194b
b4e7cd831347d3faeebe62c6e8595fc01804895f0bb5e30a5ceae7b400318649
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57251
date: Fri, 09 Sep 2022 19:49:49 GMT
access-control-allow-origin: *
etag: "63186565-dfa3"
expires: Fri, 09 Sep 2022 20:49:49 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (631)
Hash 8911a55a82fa7135e636b716abf8564d
e4dfc2f6ecb6f656f7ed22bcb7a5302dd8824bcb
1b2c913d8534943de0e7e92b20ceab14321b2357277ba1900421e7483c43771c
GET /hm.js?ca39fa08836e125f6ea13e25b34bd166 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11344
Content-Type: application/javascript
Date: Fri, 09 Sep 2022 19:49:49 GMT
Etag: ba2bcd76978f055a814ec889cb400104
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=044CE945EBF7D4C3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 19:49:50 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Fri, 09 Sep 2022 20:49:50 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash f2acd21090d0797d2632f9b5bc735d69
0db09d3be079746d5de35696a53095364fdff44e
16325c65e7afd8e1dcfd7e92b2a6f08e0c9f0246f142fb662ffe014bc0e24bcc
GET /watch/82412725/1?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4gdatacu.xyz
Referer: https://4gdatacu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 09 Sep 2022 19:49:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://4gdatacu.xyz
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 19:49:50 GMT
last-modified: Fri, 09-Sep-2022 19:49:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390964271&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Ffreedatacx.xyz%2F&v=1.2.97&lv=1&sn=64496&r=0&ww=1280&ct=!!&u=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&tt=Paid%20video%20viewing
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390964271&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Ffreedatacx.xyz%2F&v=1.2.97&lv=1&sn=64496&r=0&ww=1280&ct=!!&u=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&tt=Paid%20video%20viewing
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1390964271&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Ffreedatacx.xyz%2F&v=1.2.97&lv=1&sn=64496&r=0&ww=1280&ct=!!&u=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&tt=Paid%20video%20viewing HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 09 Sep 2022 19:49:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4DFB175D6779A745; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
connect.facebook.net/en_US/sdk.js?hash=32e39ada211f062d5ac64372b38defee
157.240.200.14200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=32e39ada211f062d5ac64372b38defee
IP 157.240.200.14:0
GET /en_US/sdk.js?hash=32e39ada211f062d5ac64372b38defee HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4gdatacu.xyz
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: bcec6204e0fcbc10df66e1bc587d7ca5
etag: "98a0e38249648cc5162dd6e6743d69ab"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 09 Sep 2023 19:28:22 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: nnXO3XzQXRsLbAcRMtsH3g==
x-fb-debug: RstKBvAKnpqcQNdBFE/x3lOj2AdescKU01FU0vnC4OlKyrz26M6vKN4xzuyKZFyvhP6/yfRTyCyJiLpMtL/CAg==
priority: u=3,i
content-length: 87983
x-fb-trip-id: 1679558926
date: Fri, 09 Sep 2022 19:49:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
GET /watch/82412725?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4gdatacu.xyz
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2F4gdatacu.xyz%2F%3Fcode%3DMzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo%3D%231662752979589&page-ref=http%3A%2F%2Ffreedatacx.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A1103%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1100921681847%3Ahid%3A88081203%3Az%3A0%3Ai%3A20220909194940%3Aet%3A1662752981%3Ac%3A1%3Arn%3A1037229160%3Arqn%3A1%3Au%3A1662752981567782121%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662752977979%3Aco%3A0%3Ads%3A78%2C16%2C345%2C1%2C%2C0%2C%2C983%2C9%2C%2C%2C%2C1462%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662752981%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 19:49:49 GMT
access-control-allow-origin: https://4gdatacu.xyz
set-cookie: yandexuid=5298634791662752989; Expires=Sat, 09-Sep-2023 19:49:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5298634791662752989; Expires=Sat, 09-Sep-2023 19:49:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1491957271662752989; Path=/; SameSite=None; Secure
i=ykulCj7IbQUwe7GKbRJ5fI/jh+2RxLuokC29+jK712dwht8laWSpyl21QAeUh7s8MyxuCmmq4TdylEqYskdKiLd7p80=; Expires=Mon, 06-Sep-2032 19:49:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694288989.yrts.1662752989#1694288989.yrtsi.1662752989; Expires=Sat, 09-Sep-2023 19:49:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 19:49:49 GMT
last-modified: Fri, 09-Sep-2022 19:49:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
edn.whilen.ru/sta453b3qh45lr/1.4.5.js
92.223.97.97200 OK 0 B URL HTTP/2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Analyzer Verdict Alert fortinet Malware
GET /sta453b3qh45lr/1.4.5.js HTTP/1.1
Host: edn.whilen.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:49:48 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"e22b559d6fc3241ea271ecf13869d8fc"
last-modified: Fri, 26 Nov 2021 15:33:27 GMT
x-timestamp: 1637940806.16302
x-trans-id: 16bb227c2a251146
age: 1
cache: HIT
x-cached-since: 2022-09-09T19:42:03+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
myfreeqs.xyz/js/bootstrap.min.js?1662752986&_=1662752977495
172.67.170.134200 OK 0 B URL HTTP/1.1 myfreeqs.xyz/js/bootstrap.min.js?1662752986&_=1662752977495
IP 172.67.170.134:0
GET /js/bootstrap.min.js?1662752986&_=1662752977495 HTTP/1.1
Host: myfreeqs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freedatacx.xyz/
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:49:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Sat, 10 Sep 2022 07:49:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvb5jAHp8K8LXmKkHE4B3lRYLJVDfLWnPlnH428FuhGy8MLzi14tKGjzd5AJkSny5JMYQnkmE4SoTBH0V7XMOvBrquSPoKBLA4Yh3wr38Xf7f3Z8SE19naivzD%2F4yjI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748272f5fabc1c12-OSL
alt-svc: h2=":443"; ma=60
nordw.ingeitn.ru/i/k.js
92.223.97.97200 OK 0 B IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /i/k.js HTTP/1.1
Host: nordw.ingeitn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:49:48 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"d0226560a2d22923fc0b287025fd9906"
last-modified: Fri, 26 Nov 2021 15:34:02 GMT
x-timestamp: 1637940841.37913
x-trans-id: 16bb22845d641b0a
age: 194652
expires: Sun, 11 Sep 2022 07:49:48 GMT
cache-control: max-age=129600
cache: HIT
x-cached-since: 2022-09-09T19:31:18+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.retget.ru/pwk/mc.php
95.217.109.66200 OK 0 B IP 95.217.109.66:0
ASN #24940 Hetzner Online GmbH
GET /pwk/mc.php HTTP/1.1
Host: cdn.retget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4gdatacu.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 09 Sep 2022 19:49:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: hjelwf=0db4268063ca4ba98102c55cb6571ca6; expires=Fri, 09-Sep-2022 20:49:51 GMT; Max-Age=3600; path=/; SameSite=None; Secure; domain=cdn.retget.ru
content-encoding: gzip
mode: no-cors
access-control-allow-origin: *
cache-control: no-cache
X-Firefox-Spdy: h2
4gdatacu.xyz/?code=MzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo=
188.114.96.1200 OK 0 B URL HTTP/2 4gdatacu.xyz/?code=MzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo=
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /?code=MzEwODUwODc1ODkyNzIzNHx8ZnJlZWRhdGFjeC54eXo= HTTP/1.1
Host: 4gdatacu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freedatacx.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 19:49:47 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=fc2d5bngmredi6ep1js0pgjjhi; path=/
pid=3108508758927234; expires=Mon, 12-Sep-2022 19:49:47 GMT; Max-Age=259200; path=/
dldomain=freedatacx.xyz; expires=Mon, 12-Sep-2022 19:49:47 GMT; Max-Age=259200; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liT3JywkfxoOTTf0AdbNv%2B2hd1nuS77oJuFrXbMVuLEyVNcV1HUtFR2IyCaJCBhjSO3MRLXoHEgobHh5j1tvG9mFeKHkFh9oVU%2B7AAL2QrNytuxWJVwcLGP%2FgAJy07Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748272f98cb9b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2