94ero.com/videos/700792
172.67.213.170301 Moved Permanently 0 B IP 172.67.213.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /videos/700792 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 19:38:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 20:38:50 GMT
Location: https://94ero.com/videos/700792
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FrYJ4IBWrtePuGzu8k0ujo4QYMXBA0miGNWa72ZNcX4dEYzsYM8%2BWEtvOhg2sQcsmxb3WVpfoE8rR5TpiXWPw9HoFUCdzD4gUKz%2FsF7v6EFqpWj8w%2B5kv7U7OQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd0610df6db4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Tue, 20 Sep 2022 20:41:17 GMT
Date: Tue, 20 Sep 2022 19:38:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:03:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2UOwAPNcBldX7wh-foGUejXGxn2mApla_-pogtWz4fuGkkbFiXA8lQ==
Age: 2143
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eE7TFmPYrz3LCM-qSHf5e-tO15tSHdfoH3LfC85evK3f2MzSTf3SuA==
age: 54217
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c813d70414016b04df0e6a4939ec9217
da1105e913574b438c3bb0255406966358d32657
364605aaa48ac6925ae5faed69ea73d49afc6842b6f474f96a1b2d2c42b34748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:50 GMT
Last-Modified: Tue, 20 Sep 2022 18:25:41 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c813d70414016b04df0e6a4939ec9217
da1105e913574b438c3bb0255406966358d32657
364605aaa48ac6925ae5faed69ea73d49afc6842b6f474f96a1b2d2c42b34748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Last-Modified: Tue, 20 Sep 2022 18:25:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.1 kB IP 142.250.74.3:0
Hash b28702373a2d506b9fdce675c0c9333e
7bef40fe8428e0ab68de708877a1034354a4cf3e
a6d2fd732f2b229f366129d9dccb553fb1d241cba9fed5a20a8e0e35ea7a0db1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.1 kB IP 142.250.74.3:0
Hash aef3393672b5f1ffa4e86ac77399dcbf
5f20305892e7dcca7855ba53d058dfee13e5135c
31af9a97f33f258ebff7c3f9348e53b40f38a8634f7a0e2f73e7de58f62bd9e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 22:01:23 GMT
expires: Mon, 18 Sep 2023 22:01:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 164248
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
23.38.201.100200 OK 1.6 kB URL HTTP/2 d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (4730), with no line terminators
Hash 6ca5861dd247b41429ca943bbe2abc4c
17dfbc93696d0d6e1417e9574598deb8b58c62ac
59b9c01979c2f8e64c01f95534f59759e5df6b0d943bd7d1172c1e943b19ec40
GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:56 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000043f87610-006266f963-f4bef5d-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=494721
expires: Mon, 26 Sep 2022 13:04:12 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
content-length: 1558
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-53263334-5
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-53263334-5
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash ffc9060aa7c0691c6b3850c8621eb71d
6e03d7717e6d2485b2e92257263267f72abc1013
c72013599b983b0f5bd3a9fa38b96db5c59692b97f6203d74b3e8d78e7734628
GET /gtag/js?id=UA-53263334-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 19:38:51 GMT
expires: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash b279efdd339beb68e2b0ee43ad96f956
bffe417e4a0411893f886e8e7a20685af6802fe3
6389c25acd5429cd0cc5c8a3c0b5d10193da9892ff15351a71ef06b7e5a157f0
GET /gtag/js?id=G-ZLN9EGDKDC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 19:38:51 GMT
expires: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 27b68162c75bebb4dacf518c46e974d5
99abc7e3e02891bec5de3dda3cb18a6f865f82bc
93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 28eb8ec3223628bb9ca925634f78f7b4
b44f79aa73ded91d9373ef6a751fd08f23e43e6a
3c443a8e740ca690049988dc76516cf62815b746655ae344d26e6b31a04b812d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 08:27:05 GMT
Expires: Tue, 27 Sep 2022 08:27:04 GMT
Etag: "b44f79aa73ded91d9373ef6a751fd08f23e43e6a"
Cache-Control: max-age=563892,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06169bd1b4ff-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a103478642d8967648f98988c7e6419
b39283cc8c8cd4f335f94e15f03ede72698f75de
348b99176d4f4d9f324ce464cf051eac70f03bb6219e54c0b6fbf35efa356443
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 19:03:22 GMT
Expires: Tue, 20 Sep 2022 19:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c5ekv2Z_Hij7NZL8xpLH9KscDcONoPWKGQFplRKzpLnQf6QUOnTn6g==
Age: 2129
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
poweredby.jads.co/js/jads.js
185.94.237.102301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 19:38:51 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Last-Modified: Tue, 20 Sep 2022 18:14:30 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 8910
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
142.250.74.10200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP 142.250.74.10:0
Hash c823d60b39a903bb98779db49df06cc1
37a4f9a8e007f40265b3763e2a0f887badd936dc
14a21741d57ab74dd170852cd5fca6b12ccbd3200578857907bd574269289b9d
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.237.102200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.237.102:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94ero.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js
104.17.24.14200 OK 44 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (31992)
Hash b70521cd3823a72b55763e7e2c4ef079
c1d770e0362719ffd4868dc00f3b79541682ca5d
1624978bcfedc8e577a69444d7ac683254ce520750cad223f639950c83d47ff3
GET /ajax/libs/video.js/5.20.3/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 44324
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-3d5fb"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6044963
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoSrvJWDzg2DdZ2dDtgpplkIH0SMslh6Q0KxsySBqWo1j9VZDmrKGP4QEyiFSA%2B0NIvrXLAGyqjzxNY1tYGDAG5oAqo8oMETtDxez8lNKeNBd1a0lxUtOq7bvtIsHbQWX9A5Q3ig"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bb1b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (8830)
Hash 1cf760c79216e6b8559aea791ab5cb8d
62d310bfcfec341609491e28bfebd30e4e0e8d76
15c7460f2f89d5d98674339159442044b921d40ec62e5315d9945cd29edad1ca
GET /ajax/libs/js-sha256/0.9.0/sha256.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 2977
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-2339"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1045551
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mGMXPxiadQHWt9mv75tdC8TfO6h5b1uwLWP92yo7uSHWDXfY8%2F1cZBXyDAYeH2flpzcsPb2vXYFfcRz%2B%2FWNt8h2qrGhTd%2BKCl2v0crwr7CedDn7Bb2dUR9Vgn5YVUID0jqDtm9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bb6b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
104.17.24.14200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (39368), with no line terminators
Hash a3d749fa144167d371d6441e2890a1ba
bcb060070f22fea928113286a340fc11cb58790e
e6f570094305dabd55355842c61dd6b851bda2b3c2cf785253a9d7355b4bff25
GET /ajax/libs/video.js/5.20.3/video-js.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/css; charset=utf-8
content-length: 12020
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-99c8"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8988572
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B36h8RsXjksayP1CCrEjs4IHRxCO5sqvUOlCP2GnrC4uPcXfDtvWl7549Yu5vs%2FAYBWnvTgUsF5IBLLmGuQV9ghGOfk59E5nbOZZ3RZjrg75XsE5r1zJ8E%2FFd%2B96YL1nP%2Flo7sq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bafb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
104.17.24.14200 OK 1.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (3133)
Hash e97f465dd6f6747af6f7a54a0a6484cd
760d09ec643c3a05f825a7dd3256954df2adf112
e48b1c68cfc013bdc7e11c3a8951554e880c3b1f5cd99e1a9c993d1cbc6a9985
GET /ajax/libs/json2/20160511/json2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1235
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec8-c63"
last-modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1567016
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGdtkYCcfhg7BrN6TUY6tA4Bd5%2BIkqQ79SlMSPT8G4lXXp%2F8Edr5z99%2FX3C7bWz%2FgxSuiflQymrmfcp53Eroz7gsqwnNC96HMbYwFFJ2Sb9j3sk1Z9Fuxzuz6Bjswb%2B1UcFDi41F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bb4b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js
104.17.24.14200 OK 2.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (542)
Hash ec5adb5acdffd5db6b4e5978a2042874
c5eab3c8eb6a2a214e599d06d3295ddca37dd34c
0308db7a602a1a9819ac538afb08e0c57bea89c1a052521b2055ad385693353b
GET /ajax/libs/jStorage/0.4.12/jstorage.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 2503
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ebe-1e97"
last-modified: Mon, 04 May 2020 16:11:42 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8283391
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJISwzYb5CeOS%2B9RDSLOVwJBr5a2KRWZcIaXMnLuLlkD4Uhe%2FNu3qLylil5bd5lFyxZWyLKd%2FY6lokPIBBm5Lp3IGZbMkJOcUpnUwQIUQRqQWXKVFrrid0o0GXWq9UlGsiwHAZ%2FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bb3b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32125)
Hash ac90cd1b5f01c2fab6e9f2189849b421
a35dde5d5695655fe7ccddf969b5535faeb4fd0c
7ae8e1712478be9918709714a29496d8fc83fbe742e000a38b6379647220ba5d
GET /ajax/libs/peerjs/0.3.14/peer.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 10459
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f88-a497"
last-modified: Mon, 04 May 2020 16:15:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14438313
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsEZraW8NGUOD5VvOCMi6T%2FZFdyrjsyEDDbtK7mX9kR7pJwEEVaXAgLDHVfmf92dRZPE2TDhBdP%2Bh13Ypblk%2Be1opxpUih%2BCMhi0Xl5CnB6h54Gm7w2N7almTo3iqFZ8dbpS2hqq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061a5bb9b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
104.17.24.14200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (3730)
Hash 05661a68288a93edb3a6009260995872
bdfd274ad45670c0f7e162d33f521576dc3b71f4
611c3d43cc5a80a7e4831274225cf0b97d28edf26e4c1e4d7a1adfc06929c0f4
GET /ajax/libs/blueimp-md5/2.10.0/js/md5.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8b-eb6"
last-modified: Mon, 04 May 2020 16:06:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6746211
expires: Sun, 10 Sep 2023 19:38:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4o7zkq6MfV0YFTqslw0fhPo6eCRG8kOR15fFmKctO0moI8HJlVkFmdOKmgU53SrNzrrUWO%2F5z4KQKpu3QsbuCtCurkXJoQMVyEUe93u417DRv%2BWcMLu%2BGiAXci%2BIHJMUeONtyy5P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd061afc7eb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4cc81fcf0ec8873ae4e138021b4ab1e
fc34f3f602cb239e12d5c0ffa1d0f0f5e5ca4504
7f43a2b6d9f8995ba34670d7503b1d106917602c0657f9b50252cf0c4fc4832f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F43A2B6D9F8995BA34670D7503B1D106917602C0657F9B50252CF0C4FC4832F"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6485
Expires: Tue, 20 Sep 2022 21:26:57 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 797f8e0dfd59bcbe0d019dac2f3f9d93
b720b8257d471ff85fccb68f43412166f0ea4bb5
ee069cc1d0b41a955ecfb14ee78d17d71f5cc34a7070d77cc383d67d71e7d5ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EE069CC1D0B41A955ECFB14EE78D17D71F5CC34A7070D77CC383D67D71E7D5AD"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 20 Sep 2022 20:42:08 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
Hash f7005a597e2e2adb44c7a7365ffe6e70
69e18f47e93e8300bd0cbc15e2322a2fd41f27fe
8304269a3d48049db674273a5b79fc605d8d0b53a0e4c933c1161f56e9ab1a31
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avgle.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 40071
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb21/700792/default.jpg
45.133.44.10200 OK 14 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/700792/default.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash b8e80684a656620b6c1857d306d76d2c
0fbce68812268dbb3810dc1906404679e60ebb41
4afde578c650d2bb5c0c96ba06a53e9f585b65ad8319715e56783801ab72f8b1
GET /videos/tmb21/700792/default.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 14024
server: nginx/1.22.0
x-object-meta-mtime: 1663011235.176448371
etag: b8e80684a656620b6c1857d306d76d2c
last-modified: Mon, 12 Sep 2022 19:34:01 GMT
x-timestamp: 1663011240.19139
x-trans-id: txe788f6fcf3354bc394c89-0063208bde
x-openstack-request-id: txe788f6fcf3354bc394c89-0063208bde
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f5da03397ce8c044bdf64ca507ff5abc
937a2f88fdc756b9fff5582f9a4475b6423d5a57
04e1b854d6cf5388c283643b66361efbaf6006794ef5f9cadb89c2bd0e70b147
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:28:32 GMT
ETag: "937a2f88fdc756b9fff5582f9a4475b6423d5a57"
Last-Modified: Tue, 20 Sep 2022 16:28:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd061cad09b4f9-OSL
e1.o.lencr.org/
23.36.76.226200 OK 1.7 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef5aacd0abcbadcd4ede76102d86b0b2
59d7c0301fdbb0f2b5c04f6d35f9f1efc6b95a4d
9c0402f311c021b3b4b3195a926f039af2640c2bec416e86c982bfd467fc0f39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EE069CC1D0B41A955ECFB14EE78D17D71F5CC34A7070D77CC383D67D71E7D5AD"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 20 Sep 2022 20:42:08 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce332a3bea531185b6b88149a480eace
eb690436b37e89a467bf02b598671009ac861d5c
ed26df92844e59e1d16717260a880fb35aa24a0103088810c9a69d819d7b85db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED26DF92844E59E1D16717260A880FB35AA24A0103088810C9A69D819D7B85DB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4930
Expires: Tue, 20 Sep 2022 21:01:02 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=258700137&cid=762646358.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702731&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700792&dt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=258700137&cid=762646358.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702731&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700792&dt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oe9j0&_p=258700137&cid=762646358.1663702732&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702731&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F700792&dt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://94ero.com
date: Tue, 20 Sep 2022 19:38:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb16/528581/5.jpg
45.133.44.10200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb16/528581/5.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 56cd104a0aba17b31b8fb117f65351e3
ad74ed6a53ff1b889edd19506dcef7fde62d2af7
0007485ac0391fcec10214c1bc287793472511efb043105183cc38bac524a3ca
GET /videos/tmb16/528581/5.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 17676
server: nginx/1.16.1
last-modified: Thu, 03 Jun 2021 13:13:13 GMT
etag: 56cd104a0aba17b31b8fb117f65351e3
x-timestamp: 1622725992.18213
x-object-meta-mtime: 1622725992.169223964
x-trans-id: txc6c3143f7558471681599-0062a87c25
x-openstack-request-id: txc6c3143f7558471681599-0062a87c25
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb20/645411/1.jpg
45.133.44.10200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb20/645411/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 0b4cd9b9f7a0d0e578b9453ac4007576
55802d66e7398dc0a5f208cd9791b3a01c3550b1
b3430376b80b86a74727c651bab549573b2025d3edeabdd1642156d925f9c9fc
GET /videos/tmb20/645411/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 18528
server: nginx/1.16.1
last-modified: Sun, 03 Apr 2022 15:12:18 GMT
etag: 0b4cd9b9f7a0d0e578b9453ac4007576
x-timestamp: 1648998737.06981
x-object-meta-mtime: 1648998730.412904501
x-trans-id: tx64ca84278d3b46a3a1c57-0062a93ce8
x-openstack-request-id: tx64ca84278d3b46a3a1c57-0062a93ce8
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb16/521247/1.jpg
45.133.44.10200 OK 17 kB URL HTTP/2 static-clst.avgle.com/videos/tmb16/521247/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
Hash 412201c3310cec37ae540f226a1395ba
e9dd63c3db01786c4eb22cbede416f605e2fbb61
a112040627f1ed294e5c3515c034ed17dc123cca6717615df013d06a7cbf9215
GET /videos/tmb16/521247/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 14625
server: nginx/1.16.1
last-modified: Tue, 18 May 2021 04:31:46 GMT
etag: ebc81f75e33e8bfb1d348b2cb0909c2e
x-timestamp: 1621312305.86499
x-object-meta-mtime: 1621312305.849973527
x-trans-id: txd5692fc7254b4d7f86547-0062a89995
x-openstack-request-id: txd5692fc7254b4d7f86547-0062a89995
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb20/662386/1.jpg
45.133.44.10200 OK 17 kB URL HTTP/2 static-clst.avgle.com/videos/tmb20/662386/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 67dcba944ac1d1dd30155385547a49ca
4d7de6d0ec2df883d33a7a6ef19c595bc5f6a7d5
c8340838352f52d1cbd49c28ecfea7f4166fab9b39558988da8ea204d83c613c
GET /videos/tmb20/662386/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 16553
server: nginx/1.16.1
last-modified: Mon, 23 May 2022 10:23:58 GMT
etag: 67dcba944ac1d1dd30155385547a49ca
x-timestamp: 1653301437.88653
x-object-meta-mtime: 1653301427.559399369
x-trans-id: tx076dc3807276428a842df-0062a8bace
x-openstack-request-id: tx076dc3807276428a842df-0062a8bace
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb20/667875/1.jpg
45.133.44.10200 OK 12 kB URL HTTP/2 static-clst.avgle.com/videos/tmb20/667875/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
Hash a5effc0ce2b8599c904201a00d7fd605
f677c04a3e52845a76e2d53c2af88a9ef38a44ba
66a5f061cf1df0eda212ffb068e0e488fcb5a498c5e8f65ef3a839c92dc08110
GET /videos/tmb20/667875/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 12196
server: nginx/1.16.1
last-modified: Thu, 09 Jun 2022 09:37:57 GMT
etag: 1a522880a0ded26bece853782ce240c9
x-timestamp: 1654767476.56785
x-object-meta-mtime: 1654767472.349032245
x-trans-id: txe99528b5432c42c1a6e3d-0062a88738
x-openstack-request-id: txe99528b5432c42c1a6e3d-0062a88738
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb21/681880/1.jpg
45.133.44.10200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/681880/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 409e3654b299da245db7c20c39812c74
eaa26507081e5b98e9e91a39b76fce1f3a7c036f
83919e07d7d0f4e184c103f0f06b851a52d30c2384ff0e164baff4519d74e6d0
GET /videos/tmb21/681880/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 18346
server: nginx/1.16.1
x-object-meta-mtime: 1658263778.175478432
last-modified: Tue, 19 Jul 2022 20:49:46 GMT
etag: 409e3654b299da245db7c20c39812c74
x-timestamp: 1658263785.53029
x-trans-id: tx4163dfb103924120af067-0062d7b197
x-openstack-request-id: tx4163dfb103924120af067-0062d7b197
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb16/517479/1.jpg
45.133.44.10200 OK 22 kB URL HTTP/2 static-clst.avgle.com/videos/tmb16/517479/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
Hash ea47decd4e6c76ee39f03a24eef94bc3
9a301c16834f9af5abb08107897bdeab2444ba73
c024203f4ed4e1a7c3c65e553498b6b53030418300c417476fd3d6214398cff6
GET /videos/tmb16/517479/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 14834
server: nginx/1.16.1
last-modified: Sat, 08 May 2021 21:45:44 GMT
etag: a0c00dfde54509150ebea06d2338cb80
x-timestamp: 1620510343.12324
x-object-meta-mtime: 1620510343.102530249
x-trans-id: txa502446ea55c4df18c89d-0062a8bd0a
x-openstack-request-id: txa502446ea55c4df18c89d-0062a8bd0a
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb19/620333/1.jpg
45.133.44.10200 OK 18 kB URL HTTP/2 static-clst.avgle.com/videos/tmb19/620333/1.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
Hash fc485b9dc4d91eced0cddf157e1b925a
53950618d09393906c104c0dcdfbb2a25641b36b
62715e7ec9cc87eff362779d99b73e9c2575ca4a7ed3c39805e630e99a026204
GET /videos/tmb19/620333/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: image/jpeg
content-length: 16918
server: nginx/1.16.1
x-object-meta-mtime: 1642675951.424181148
last-modified: Thu, 20 Jan 2022 10:52:37 GMT
etag: ccfdf3c8cb3e3f1335f4de6c01969206
x-timestamp: 1642675956.10307
x-trans-id: tx041d3ea07a80451bb1339-0062a8be3b
x-openstack-request-id: tx041d3ea07a80451bb1339-0062a8be3b
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 01 Nov 2022 10:38:52 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
192.243.61.225200 OK 24 kB URL HTTP/1.1 daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f4b395788f2a4adaf9e80e7e59cc8fd4
448f6bfd964a1126225576f1ce8b95b7a23f15a6
807d7815c25a1c26124380eac2321dadfeda4b253c711bf149fd0323f007eb9f
GET /67/1d/ba/671dbadbf37814e321f252eac8aa2500.js HTTP/1.1
Host: daisycontroversy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 19:38:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16fd27aa689b157fa25274a658e4d938
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 3be40f820dac3fb3b1f86e5107ebd018
41a771393ca947ea40ddea3b66b87b137085583f
7ae47f78815ab6e75d8406507b746480893015a46b4fb670f0f1e7ca7b829597
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 85c505e2787109e82db551b6f6f9d71b
etag: "de0fab03c0a08d81a264506602eaf015"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Sep 2022 19:53:23 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: O+QPgg2sP7Ox+G5RB+vQGA==
x-fb-debug: cuIA2LcbILYfmmzQE4e3oAtdOJgNhgimDRhcnTAXH7+21VONf6r7wjySWgSGbeC51S/viZzum7bN06HGe32cUw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700792&title=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-
172.64.173.19200 OK 1.1 kB URL HTTP/2 a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700792&title=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-
IP 172.64.173.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aa16adf039c9b5c8c4d0dcc16ea910df
5ece7b3e9e75d926365dd66f4667546905cacf5c
fe4c3850a56a3d07313ab45eb527895409e5a51fdb4d8e483652d7c19e2f7336
GET /loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F700792&title=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87- HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKHXxMa%2B2o5W2kDEPCxLtDgYIcVfnIgJQK%2F9cJUtGJFaxE6faPqn6HmuYsEOk%2B43BnHR%2FViFOLjvvt1jF5jNVMdUOXnX9v2rqsEicOPmGj063Ga11kpUoBh4LVfMQEkA71czK3ti"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd061bdfe771cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 782 B IP 93.184.220.29:0
Hash 80db62b3ad1b7fa85a6d9f2daff856e1
7bbae88a33f916be44d72875108f3d0554b8b8ec
7fffa08bbfb7c15cb8125a234d03a4bff28f71f4389bde41831b19987f9068bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6376
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 17:52:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.line-website.com/social-plugins/img/common/line_icon_v3.png
23.38.201.100200 OK 20 kB URL HTTP/2 www.line-website.com/social-plugins/img/common/line_icon_v3.png
IP 23.38.201.100:0
Hash 4f16f59f73b15d3835e027bacad30055
6dc4b144fe3ebf38ed7ab00838c486d580e83ca5
05bf1cdf051ed8ea1c5ad92ea8856ba0d67283f42ec72404be1b40cf2514da8a
GET /social-plugins/img/common/line_icon_v3.png HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: image/png
content-length: 906
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:08:00 GMT
x-rgw-object-type: Normal
etag: "5b5dbfdf26951c09f907b46805f10b5a"
x-amz-meta-s3cmd-attrs: md5:5b5dbfdf26951c09f907b46805f10b5a
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000066ed51ed-0062a8958d-f4bef5d-jp2
strict-transport-security: max-age=15768000
cache-control: public, max-age=11327843
date: Tue, 20 Sep 2022 19:38:52 GMT
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/css/widget.1.17.0.0.css
23.38.201.100200 OK 2.2 kB URL HTTP/2 www.line-website.com/social-plugins/css/widget.1.17.0.0.css
IP 23.38.201.100:0
File type Unicode text, UTF-8 text, with very long lines (8338), with no line terminators
Hash 5244ad6ebba20429622947ed6f87cc09
8f9de79bcf2045f053c8f686f5ad31e699e59519
081085d173cc7dff128909b2f6c806ad84982da56309edb77c35485eaa2ce17e
GET /social-plugins/css/widget.1.17.0.0.css HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: text/css
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:58 GMT
x-rgw-object-type: Normal
etag: "0bf065d0cd685dac6d59c469a52b9720"
x-amz-meta-s3cmd-attrs: md5:0bf065d0cd685dac6d59c469a52b9720
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004395aeec-0062661229-f4bc22f-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=10195506
date: Tue, 20 Sep 2022 19:38:52 GMT
content-length: 2245
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
23.38.201.100200 OK 20 kB URL HTTP/2 www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
IP 23.38.201.100:0
Hash 7cadab4cdb914c970c7c4baf12ef7f53
aae1d9f25cc3fa629236cbfd3993e77062867a2d
8445d077a23976258a806514fe67548c4341da63dd21fad94096d8a10d1f48e8
GET /social-plugins/js/widget/button.1.17.0.0.js HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:57 GMT
x-rgw-object-type: Normal
etag: "ddbc80bdec4dfa544bda15e3f65c4630"
x-amz-meta-s3cmd-attrs: md5:ddbc80bdec4dfa544bda15e3f65c4630
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004398d491-0062661229-f4bc21a-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=182422
date: Tue, 20 Sep 2022 19:38:52 GMT
content-length: 9315
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5114
Expires: Tue, 20 Sep 2022 21:04:06 GMT
Date: Tue, 20 Sep 2022 19:38:52 GMT
Connection: keep-alive
d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
23.38.201.100200 OK 8.7 kB URL HTTP/2 d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (32963), with no line terminators
Hash 926a122b2f2a293991fe1571de214d8c
c7e0a134f2f04237c10d857937c987fb091cbe57
ec6b37e265ba072b9d9bc1688ab36d0087f06fbc57b0da01117aa5641a01424e
GET /n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Nov 2020 03:02:38 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2131
expires: Tue, 20 Sep 2022 20:14:23 GMT
date: Tue, 20 Sep 2022 19:38:52 GMT
content-length: 8672
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=675182
185.94.237.102200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=675182
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (410), with CRLF, LF line terminators
Hash 92f7a750c0c8623696bb635ccd14984a
aab126837e8660f800f219d8642440790695e127
3ef3de2e640478bccdb0fcd9062505be654489c3e723b8dcbc97ab4e654669b6
GET /adshow.php?adzone=675182 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps31629=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1MDExNztpOjE2NjM5NjE5MzI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bda3785284005ac7bc717616a5fc822a
19e6478fdfa5f8c34f3c384768cc3485a3c7859b
3dae78f80932a1b97217313fd3c97e709502c0f4323e0126e3dda7776e4aed62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DAE78F80932A1B97217313FD3C97E709502C0F4323E0126E3DDA7776E4AED62"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Tue, 20 Sep 2022 21:43:42 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4fba52f3a5369325ec24f39df01270f8
7941e039a4ac59069e23cfbdc7b03bf1a40f54de
cb623455572dc60364cc94638c7479a8357dcdbf0e3cfc7b801c1a681f40e1ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB623455572DC60364CC94638C7479A8357DCDBF0E3CFC7B801C1A681F40E1EE"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9025
Expires: Tue, 20 Sep 2022 22:09:18 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:32:57 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 63766823
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
i.jads.co/network/user22416/31627-1553293849-0677253001553293849.gif
69.16.175.10200 OK 290 kB URL HTTP/2 i.jads.co/network/user22416/31627-1553293849-0677253001553293849.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 290 kB (290519 bytes)
Hash 77e1cb2ce6818bdaa9759c075301e0df
cba61ddb2d42b3562500898dde33d74522ada7b6
cc1d7a712f3337500c536a752d19bb7995609c4bd84831117d85a01fbf94cecc
GET /network/user22416/31627-1553293849-0677253001553293849.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjc1MDExNztpOjE2NjM5NjE5MzI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
etag: "1553293849"
cache-control: max-age=21884138
content-length: 290519
content-type: image/gif
last-modified: Fri, 22 Mar 2019 22:30:49 GMT
accept-ranges: bytes
x-hw: 1663702733.dop017.sk1.t,1663702733.cds252.sk1.hn,1663702733.cds232.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7052
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
a.bestcontentfood.top/warp/4788326?r=5903
172.64.105.34200 OK 13 kB URL HTTP/2 a.bestcontentfood.top/warp/4788326?r=5903
IP 172.64.105.34:0
File type ASCII text, with very long lines (32033)
Hash f5d31c19a2ef3d0fc3375f6321c2acac
c5b0363890e553a1c473fca897517752ac4020ca
e480c1fcf86ca9d995bf284c3c3c6155b08f3d664614bba613cdc30a46c16600
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788326?r=5903 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgWSKjpPaX2NFzwN45V0xMnC68I5W8XIPr47t6WSrhKWneh1p3wkgUdxG6tJx19t4TJGdSX%2FLv%2FriSQzD7%2FOU5%2BU%2BUujr6LcpoFj%2BX5YdEK2iqTw1v2GsoYf9HSJkFpfr0JQASMnZnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd0619b87d75de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=08ab8150c1f854fc525d38a92db8ca9d
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=08ab8150c1f854fc525d38a92db8ca9d
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash b0b3d0b248caa8e5e12829ac2b40156a
5bc458141776940161bc844bf8b0ad28331cc96d
66ab964e41d6938694337bae0788cb25978abc6dbcef58137140c832fb8ba979
GET /en_US/sdk.js?hash=08ab8150c1f854fc525d38a92db8ca9d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b001a9b780709920db26f90f400fe87d
etag: "42b822131a88c832999588769437d5c8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Sep 2023 19:10:59 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: sLPQskjKqOXhKCmsK0AVag==
x-fb-debug: hTY+d3fb1h6lnoco8WtzJa0+2/Nhf3h1i4DHz+gK+hxCBB4BmD2LkrwIs+rS/S27gdZfWoamodWK3EU6WD/Gmw==
content-length: 88799
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:53 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 76523
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
Hash 104ec07538a5c46726eba4b6c3d4426d
475434be9268c5fe14d09c5155f0ba0628c46acd
97f488210428b9f23677a32a3ed041d2300c76076cbc951533c3afdf92f54fd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 77508
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5113
Expires: Tue, 20 Sep 2022 21:04:06 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
104.21.235.2200 OK 34 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash a2f67a8d7f1ded30b197e277a31a6cc8
ec98cff7af06ef40efaf6450cd1394a8032fa90f
4e5fb46b23aa6616566c29d052865c9754109f8f576aa6f00975ed40cc2d82a3
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2294c1939935468c0204df7b84e390ba
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 19:38:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtEfWocTJsqQ0KT7YolXFgOxmuPeQBWANJFIEjW14N8HrvW6qQxax08jOtTujaO8DrcOqU9og6E6CejkTneI8u3MbxH0dKOJl2zuEhJ4iXxVXEZKgo0UGlpNdZBAGqUy0R1DMnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06210c5e7750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 78529
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 77757
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=762646358.1663702732&jid=1036333393&gjid=238221674&_gid=1919604676.1663702733&_u=YADAAUAAAAAAAC~&z=1789328361
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=762646358.1663702732&jid=1036333393&gjid=238221674&_gid=1919604676.1663702733&_u=YADAAUAAAAAAAC~&z=1789328361
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53263334-5&cid=762646358.1663702732&jid=1036333393&gjid=238221674&_gid=1919604676.1663702733&_u=YADAAUAAAAAAAC~&z=1789328361 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://94ero.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 19:38:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash c2d3cc79af9c0b977dae4f220db1e28e
2250898e967f1c2e3a5fe994202ec93fc81a0651
c0c0585211c45efa1995b70ac8998c2fc5e963500c2cf970e75bacbfb6391da4
GET /hm.js?e810e7f85127761c3b5d14c6b42b9ce4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Tue, 20 Sep 2022 19:38:52 GMT
Etag: ff7e21ecc349b89119a1994f87fee9b9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ECCB6934723F230D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 93e73313482e478ab565123e7330abe4
1dc60ec81e36915856f273c8d032517c75ec38aa
9364402f23c31e0208863be4e9cfcca07aabfe6326488afc19dca2b8cd4ef29a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 18:07:23 GMT
ETag: "1dc60ec81e36915856f273c8d032517c75ec38aa"
Last-Modified: Tue, 20 Sep 2022 18:07:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 707
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd06250a56b4f9-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 146504d466bc4c5781b27f2c5c79b0a4
5410812e80a0070a985c7d9241e5ad0cb5960f08
706ace14216019bc336fdd22e68abef2c28b10c68f2b6f766bdff5be7d6df5a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "706ACE14216019BC336FDD22E68ABEF2C28B10C68F2B6F766BDFF5BE7D6DF5A7"
Last-Modified: Mon, 19 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4440
Expires: Tue, 20 Sep 2022 20:52:53 GMT
Date: Tue, 20 Sep 2022 19:38:53 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=731571
185.94.237.102200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=731571
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (395), with CRLF, LF line terminators
Hash 899e2752f0a76339001b0c1ca7ae423b
7d568026338ce0e27fe2cf0b18891f363164e121
41f8e738b56e24242321b0f71f169aaac89f08efdec2dfd90c323e93f428f24e
GET /adshow.php?adzone=731571 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps9183=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjI5MDIzMztpOjE2NjM5NjE5MzI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user22416/300x250-1392051358.jpg
69.16.175.10200 OK 30 kB URL HTTP/2 i.jads.co/network/user22416/300x250-1392051358.jpg
IP 69.16.175.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash 1c1fbc8e6d4eef72451f4dd0ba063100
b7100d92e3dd6b9aee8700913bb1c5dd91f5bbf0
65dfd5345e9e11d6825f552319a0c5711f90712e2addab7f6b0cf919dda47ccc
GET /network/user22416/300x250-1392051358.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjI5MDIzMztpOjE2NjM5NjE5MzI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:53 GMT
etag: "1456947710"
cache-control: max-age=20670279
content-length: 29810
content-type: image/jpeg
last-modified: Wed, 02 Mar 2016 19:41:50 GMT
accept-ranges: bytes
x-hw: 1663702733.dop017.sk1.t,1663702733.cds252.sk1.hn,1663702733.cds068.sk1.c
X-Firefox-Spdy: h2
s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-83736679&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Fe07b173def017d32f1b0&@w
158.69.248.123200 OK 123 B URL HTTP/1.1 s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-83736679&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Fe07b173def017d32f1b0&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash 797dbfff1e74acf17c8a9fc2b710a6ad
df1f294a131b5320057a8e3ccaeedcc5e98c4439
d9cb476ef5bb1ff195f0216489b043eb4b12cc087c7cc35145ed75a5dcef98a9
GET /stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-83736679&@b3:1663702733&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2Fe07b173def017d32f1b0&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 123
Connection: close
d24ak3f2b.top/advertisers.js
142.0.204.220200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
s10.histats.com/counters/cc_1032.js
46.105.201.240200 OK 5.6 kB URL HTTP/2 s10.histats.com/counters/cc_1032.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (15441), with no line terminators
Hash 0ec7f2a21cef271e478d52652b3ce8f0
7644885c01d5197c2d8b26cfcdcbeb6d60b3f792
ce0aaf0880f892c04c6e8070b036cbf3822255136e47052eca1f9b712d56e84b
GET /counters/cc_1032.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:33:25 GMT
etag: "-33105628"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 1004569802
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5573
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=853015
185.94.237.102200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=853015
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (412), with CRLF, LF line terminators
Hash ed4c85220be4f5d1905c860849cab1b3
4865802c4c954bd6d6169a4861316d66f207a42f
76a7ff05d07751e48f40b643910562e85e7ea484d266727d135ac4c050258e01
GET /adshow.php?adzone=853015 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=978fbc6641fd50e00f154331415fc929; expires=Wed, 20-Sep-2023 19:38:52 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps9996=1; expires=Wed, 21-Sep-2022 19:38:52 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjk3MTQ5MTtpOjE2NjM5NjE5MzI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 23-Sep-2022 19:38:52 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user4341/10405-1589809951-0931846001589809951.gif
69.16.175.10200 OK 1.4 MB URL HTTP/2 i.jads.co/network/user4341/10405-1589809951-0931846001589809951.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 1.4 MB (1404818 bytes)
Hash dbac8b8aa28dc38f9d34b07a2325698a
7aa68168b45242afe4695770b469f254892f2bbb
b1fea761b3fc1f113cc06fc3c9cc0fe0aaa688112fa9f5504962185b7b1b504e
GET /network/user4341/10405-1589809951-0931846001589809951.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=978fbc6641fd50e00f154331415fc929; imps31629=1; juicy_data_1=YToxOntpOjk3MTQ5MTtpOjE2NjM5NjE5MzI7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1; imps9996=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
etag: "1589809952"
cache-control: max-age=6728041
content-length: 1404818
content-type: image/gif
last-modified: Mon, 18 May 2020 13:52:32 GMT
accept-ranges: bytes
x-hw: 1663702734.dop017.sk1.t,1663702734.cds252.sk1.hn,1663702734.cds001.sk1.c
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1167433129&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700792&tt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1167433129&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700792&tt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87-
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1167433129&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=31224&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F700792&tt=94ERO%20%E9%B8%A1%E5%B7%B4%E5%A4%A7%E8%8D%89%E9%80%BC%E7%8C%9B%E7%8E%A9%E7%9A%84%E7%8B%A0%EF%BC%8C%E5%90%84%E7%A7%8D%E8%B9%82%E8%BA%8F%E4%BA%BA%E5%A6%BB%E5%B0%91%E5%A6%87- HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Sep 2022 19:38:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A19F11A09CD6B572; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
torimochi.line-apps.com/1/req?cid=77aa3788e726a97b&threshold=55&eventType=pageview×tamp=1663702733048&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788e726a97b&userAttr0=0&sessionId=77aa378877bd9637&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733047&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788e726a97b%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
147.92.191.144200 OK 43 B URL HTTP/1.1 torimochi.line-apps.com/1/req?cid=77aa3788e726a97b&threshold=55&eventType=pageview×tamp=1663702733048&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788e726a97b&userAttr0=0&sessionId=77aa378877bd9637&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733047&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788e726a97b%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
IP 147.92.191.144:0
ASN #38631 LINE Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /1/req?cid=77aa3788e726a97b&threshold=55&eventType=pageview×tamp=1663702733048&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=77aa3788e726a97b&userAttr0=0&sessionId=77aa378877bd9637&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F700792%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F700792%26title%3D94ERO%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E8%258D%2589%25E9%2580%25BC%25E7%258C%259B%25E7%258E%25A9%25E7%259A%2584%25E7%258B%25A0%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E8%25B9%2582%25E8%25BA%258F%25E4%25BA%25BA%25E5%25A6%25BB%25E5%25B0%2591%25E5%25A6%2587-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1663702733047&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2277aa3788e726a97b%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D HTTP/1.1
Host: torimochi.line-apps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 19:38:53 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f4c9b7ff62fa66a4f516525d8c8ca467
6c113f795d7ca72bacf3c1712d0d6dd2ad86c274
300442f861166c3ba6bdc82beaea50023343d05c1ba38f90450107870e63511b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 19:38:54 GMT
Last-Modified: Tue, 20 Sep 2022 17:50:30 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mNTibIhEvHkssIQl9DQBvXKCV_R_qDzEK8My8Xk4UBIV4RYfKaWWHQ==
Age: 6505
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash d8c8160bb2577aae11f8cd50693e630c
d8579591115a8e7da0840edda7d1355712582b25
d39e00f2cdd3e9602462e1706c452c8e0ee87ac5ed6dfcf03666b265c37c6eb0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avgle.com
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://avgle.com
access-control-allow-credentials: true
set-cookie: uid_id2=cbcc3db3-d91a-4cff-af2c-dc0e1f14466d:3:1; expires=Fri, 17 Sep 2032 19:38:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/700792
183.232.231.173200 OK 0 B URL HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/700792
IP 183.232.231.173:0
ASN #56040 China Mobile communications corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/700792 HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 20 Sep 2022 19:38:54 GMT
www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29dbc56dd08328%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff1880a3300f46e2%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
157.240.200.35200 OK 19 kB URL HTTP/2 www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29dbc56dd08328%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff1880a3300f46e2%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19530)
Hash ca62075fc91b7767f414c4686ad998d7
92c18790146d99063922a3e2f42d454a6dc277a3
e1d965d0e2ec13548db2b62fec75fcfcb5d14508629b396d9a881a47a69aa2a2
GET /v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29dbc56dd08328%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff1880a3300f46e2%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0I9L2kJ3xkLO3oesqPlqPGXkVmN+ifIlGLF/mdaOLvxgjVF3dlas4gZFS8rza6LKwiRY9h0ObPTAaElBmRPiaA==
date: Tue, 20 Sep 2022 19:38:55 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 06:48:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: BWoKeSty6egwJE1HqSdlEHxWsT8EIfiJaW04/EzvcfYdU5s/Q9jvLxzG++a+AE3+hdDZup53g3KTnC0sS9hV6w==
content-length: 827
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2052)
Hash 883efc20b86990fd486fab545ffc08f4
da322dda14a98744e03655dcf0da9482b4b1e1d0
e207751970ef4bf6e0a64da5e9480ab3b1ee86408a7904796e2f6e225f8ee612
GET /rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 23:21:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iD78ILhpkP1Ib6tUX/wI9A==
x-fb-debug: fhsLl0YjqSJqoV13JDQuIhdo/OX0Rs1cu8RUFdHOyPNKeiRXL+6eELxvTCu8eNpLboXkpb1VNLUfW2D1iOJqLg==
priority: u=3,i
content-length: 1689
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yt/r/hQtj4cQXPvs.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/r/hQtj4cQXPvs.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18569)
Hash 72e05604c9773e8d679d991026726627
d1e21567b2d2435a2e1ac4f75250a31d15825429
077b2277a66d78fcc4ca13e17c012224392bc40fff30038d8e8048fab43dcfb9
GET /rsrc.php/v3/yt/r/hQtj4cQXPvs.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 00:38:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cuBWBMl3Po1nnZkQJnJmJw==
x-fb-debug: loaaMn7We6pSDKJaqkL2d8n9BiLJJsyFVsEA4YQhOvq24TanN/2dT8MSerFUrS0Qyjvm8gaoFH+EeQFYnHefdA==
priority: u=2
content-length: 91353
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yz/r/wavH3H9TmBI.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yz/r/wavH3H9TmBI.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5329)
Hash 67d21d828888c77a31e418663f8bc39f
b1d0dd8b7fa1f39231355f7188fb4b99b252f2a8
f849169a1bcb7f6798354c9d15a801f91618f392ab8fbd9819248bd55cba2a08
GET /rsrc.php/v3/yz/r/wavH3H9TmBI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 23:21:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Z9IdgoiIx3ox5BhmP4vDnw==
x-fb-debug: Pz/TMHdS8OMC3o+xqWKKSN4V1mavMuSGoEpILzdSxp1aKZ6FYZSRyco2anJ71acQWZewgYQBRYrxUOXmq4OKWA==
priority: u=3,i
content-length: 12250
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a0093dbac56b7a27ab47c1139f554d3
95e5b1eac324639a3d095ac86eb2382e8e2975bb
d6042aa3d1bb277bfd37caf6ea4dd9e068135550839fd1890727ab0d5e7ae8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6042AA3D1BB277BFD37CAF6EA4DD9E068135550839FD1890727AB0D5E7AE8A8"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8334
Expires: Tue, 20 Sep 2022 21:57:49 GMT
Date: Tue, 20 Sep 2022 19:38:55 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=cbcc3db3-d91a-4cff-af2c-dc0e1f14466d&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=cbcc3db3-d91a-4cff-af2c-dc0e1f14466d&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=cbcc3db3-d91a-4cff-af2c-dc0e1f14466d&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 19:38:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1d9f312ce9edfb5f16bea6c0bb1420b
Strict-Transport-Security: max-age=0; includeSubdomains
94ero.com/videos/700792
104.21.16.154200 OK 0 B IP 104.21.16.154:0
Analyzer Verdict Alert quad9 Sinkholed
GET /videos/700792 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhyyUhknD93%2BD%2FzOLjcmWzsfHrxsRKK22%2FjFV89c10h%2B%2BP4kxINlwmL0Mw0c6Gk82AKXOttBzbZIYcW2npWNq1aYS8Nbsp1wkDPrsYf2ke6JGY86Lsf2KyGMerc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd06134aedb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.10:0
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 19:38:51 GMT
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.57200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.57:0
GET /jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 20 Sep 2022 19:38:41 GMT
expires: Tue, 20 Sep 2022 19:53:41 GMT
pragma: cache
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aCsRts2XXLGEyhxTpr74WU0AjCZ_KK8idvX9YVhYuhKw_W9rrsyvGw==
age: 10
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 0 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/x-javascript
last-modified: Sat, 28 May 2022 21:42:55 GMT
etag: "6292975f-134"
cache-control: max-age=86400
content-encoding: br
age: 52628
accept-ranges: bytes
tracecode: 01047070930406165002091913
ohc-cache-hit: gz3un57 [2], zhuzuncache65 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
js.juicyads.com/jam_min.js
143.204.55.57200 OK 0 B URL HTTP/2 js.juicyads.com/jam_min.js
IP 143.204.55.57:0
GET /jam_min.js HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 05:44:45 GMT
etag: W/"5e01075c-5394"
last-modified: Mon, 23 Dec 2019 18:28:44 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aOdhwnKELPzGxJjWC42tQq-ZkHY0-u2o0uDIXTW8pjByVxAGpomLAQ==
age: 50046
X-Firefox-Spdy: h2
avgle.com/embed/e07b173def017d32f1b0
172.67.219.47200 OK 0 B URL HTTP/2 avgle.com/embed/e07b173def017d32f1b0
IP 172.67.219.47:0
GET /embed/e07b173def017d32f1b0 HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
set-cookie: AVS=cdfa91a5c5c057ddddf4a9f4dea03a9c; path=/
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cache-control: public, s-maxage=1800
servedby: n2
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaoXUDc3jS%2F9ly%2B%2FoX1JCrtQ%2FXec9XnaGp3rOj3fdXpes6SmiD2spi8X%2BBI8MPo93kejYGo%2F7Fy1rRIbWo1d%2FrXK4T1Iz1Ba8X6vXyjbPX8f7Pd8WA8A2%2BXbF7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd0618cefc1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y2/r/biRmUqws8PI.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y2/r/biRmUqws8PI.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
GET /rsrc.php/v3/y2/r/biRmUqws8PI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 03:44:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: T6YXdCK8E8mhdwtnCeI47w==
x-fb-debug: nJKmadNlFqIIhNjQfUSDL9Fp5ChKdpkpJ+UvtGBC/tJxBwJ2yJu4KSfzcItCMAWn2jKGdP5PvuLq1NGvZbIrog==
content-length: 15967
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 19:38:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2