94ero.com/videos/662195
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /videos/662195 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Oct 2022 21:36:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 25 Oct 2022 22:36:19 GMT
Location: https://94ero.com/videos/662195
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3QS3qCWzKv3CwGKYjnNU%2B30l2bkafJLGwWi%2Fn72od2auJgc6LqhMPRE8uNxB7XWhQibIySTEuViLQ3X%2FD9djDVrSqgLLtYvm1LMSAMZA%2FohusKV6X9hMhai%2F7o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75fe16495aadb50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10339
Expires: Wed, 26 Oct 2022 00:28:38 GMT
Date: Tue, 25 Oct 2022 21:36:19 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6049
Cache-Control: max-age=135341
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:19 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 11:12:00 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11497
Expires: Wed, 26 Oct 2022 00:47:56 GMT
Date: Tue, 25 Oct 2022 21:36:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: U0YEIfl82l61LAqkZKohiXrSTjOqg4KtsxIEYfT3bjzzUN3PyPgnewVRS/cN60jYZEuZ7+7TCQA=
x-amz-request-id: MVMQK4MAZ0YWHCHC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 21:09:05 GMT
age: 1634
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 1cb47570468b45f09d305117a7bedcf4
4c1fef2f4703a6377e4da68ee831aab8ed005e8a
97ce2b6a103de7b958aefeb7cc053e9c815712d3d7c95b3c41fb1519f57ad2ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146567
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:19 GMT
Etag: "6357f05a-116"
Expires: Thu, 27 Oct 2022 14:19:06 GMT
Last-Modified: Tue, 25 Oct 2022 14:19:06 GMT
Server: nginx
Content-Length: 278
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:36:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 1cb47570468b45f09d305117a7bedcf4
4c1fef2f4703a6377e4da68ee831aab8ed005e8a
97ce2b6a103de7b958aefeb7cc053e9c815712d3d7c95b3c41fb1519f57ad2ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=146567
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "6357f05a-116"
Expires: Thu, 27 Oct 2022 14:19:07 GMT
Last-Modified: Tue, 25 Oct 2022 14:19:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 2.1 kB IP
Hash 01cc04baad88671dc00ae32117277c92
752da824ff3f0a61b35e45e57cebd1dfac9142a5
c6197d06b4bdcf770e8df688db4e3038e186bf13f6747624f1d744a2ae1815a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6455
Cache-Control: max-age=130683
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:54:23 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6b183dc2bd0829ce80eb64a0a28d91e7
432f422b2723fdba3f195d9d28ab75492ad497d2
cae00bc5a9c3b9e166805e53c4175d96a0b739817d883f477102e1501a49ac57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 20:03:21 GMT
expires: Sun, 22 Oct 2023 20:03:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 264779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-53263334-5
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-53263334-5
IP
File type ASCII text, with very long lines (1588)
Hash 3118ec983e970b6894bc4fc74dcc9fc6
09fbdecf643ea9ee4d769388a80702a9e7a9e610
b52e395be979d16d35c71bff60cc4a3b3709d8d8d98213fe126270520ea70673
GET /gtag/js?id=UA-53263334-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Oct 2022 21:36:20 GMT
expires: Tue, 25 Oct 2022 21:36:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash e97ac326fe7d86d6443c29db10dd14e7
6001bc7cf0bc44bb9fb4b3cb5e99928d988e5221
ceb685ffc1ceb8e12d13345098796805f46a8f97fb744a00739f57c8961a59b6
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 25 Oct 2022 21:36:20 GMT
date: Tue, 25 Oct 2022 21:36:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
94ero.com/videos/662195
200 OK 83 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338)
Hash d1369ee7c9c8c37ec0f3b9aa3a2549cd
b1ef5239a3ec2cb112a33494eb0ba3bc58a21c03
5b7294ff0e3edc9d95dd0a01896a67531caa2596cf8a9c2c0627344da22990d0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /videos/662195 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6g2Sh%2FxSb%2BaaJV5x9cgLaEsPHfeJa39vxaUWEFpNzcCIrKI9vGtRL66Hiv4j7hMsHdm7GIatCvKbt61hYzralKABMZINg%2FuGsbK1eEArDp7nAiFQmqdtX3UkCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75fe164b3cfb0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat
200 OK 972 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP
Hash 51caaa1ce4b347fc5337589af6876446
c62be3ca720f3b5ead4c3c33b96b4269ef551ea2
6160f9b43ed3a781d855657a817072b58aafb4e6f2ce05175557b52449ce32b8
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 21:36:20 GMT
date: Tue, 25 Oct 2022 21:36:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4cb78912c53580064fb893b526787078
9133524621940b0fb175706b7135a3864435574b
b60056b3694f082302da725899fead1521c06c447457503d87d4fdf1e8a41548
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:36:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 08:27:03 GMT
Expires: Tue, 01 Nov 2022 08:27:02 GMT
Etag: "9133524621940b0fb175706b7135a3864435574b"
Cache-Control: max-age=556841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75fe164ed8b9b4f7-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 130509513bc271340f20f1c556b2592a
6fd8b0623344d4c06ecf4e0708eb51a37d79ed9d
6a69bfbb5b21f5cfae366b21ab59426e78d51467926430c7bbf44d7f8ac704de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 25 Oct 2022 21:36:20 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
200 OK 1.6 kB URL HTTP/2 d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP
File type ASCII text, with very long lines (4730), with no line terminators
Hash 6ca5861dd247b41429ca943bbe2abc4c
17dfbc93696d0d6e1417e9574598deb8b58c62ac
59b9c01979c2f8e64c01f95534f59759e5df6b0d943bd7d1172c1e943b19ec40
GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:56 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000043f87610-006266f963-f4bef5d-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=185519
expires: Fri, 28 Oct 2022 01:08:19 GMT
date: Tue, 25 Oct 2022 21:36:20 GMT
content-length: 1558
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e4eae4bba66e20f135a3668fa90d6919
fedf7b00977d56ddb4c2fbbbb0aadb8cea2a4aef
cdf29f70194def7b2e1bd26ecac83a00d392de55e19a747e804cd0043dafeb5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89306
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "635710ae-117"
Expires: Wed, 26 Oct 2022 22:24:46 GMT
Last-Modified: Mon, 24 Oct 2022 22:24:46 GMT
Server: nginx
Content-Length: 279
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94ero.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:20 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ycOTpjr6y4qUy0+AcP9uAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XiiEJMUUghGfZNWBBvaWn8//GUU=
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
Hash f6184f5127f46806c076652bf06532ba
be9a1f5dc8cf44d624037f15bae55898bdd619b9
851b83ffc2ce37d28ffc53a3546c6e030ae6de9afeab1cc9a0ce8f9bc3846561
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 17:10:21 GMT
expires: Wed, 25 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 15959
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP
Hash c823d60b39a903bb98779db49df06cc1
37a4f9a8e007f40265b3763e2a0f887badd936dc
14a21741d57ab74dd170852cd5fca6b12ccbd3200578857907bd574269289b9d
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 21:36:20 GMT
date: Tue, 25 Oct 2022 21:36:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash e4eae4bba66e20f135a3668fa90d6919
fedf7b00977d56ddb4c2fbbbb0aadb8cea2a4aef
cdf29f70194def7b2e1bd26ecac83a00d392de55e19a747e804cd0043dafeb5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=89306
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "635710ae-117"
Expires: Wed, 26 Oct 2022 22:24:46 GMT
Last-Modified: Mon, 24 Oct 2022 22:24:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 436 B IP
Hash e89b85914815d49e412c999991fb92c4
04bc60b5d328334142d79bf30f3b4e76e83abb0e
0c45c83ef0dacc2c347e7b59e224ff79754bfec82f5c5dda5e78dbe9186136d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4069
Cache-Control: max-age=168989
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:32:49 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 65510aedd1a67f63a74f0de49818efd4
565e20c6757bfedfb32091dad5842a26e1de3d71
db85f5a4a38880cf98a0bdae8b7ed47840716a63a2e10397191a10463b6d93be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4069
Cache-Control: max-age=168989
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:32:49 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 65510aedd1a67f63a74f0de49818efd4
565e20c6757bfedfb32091dad5842a26e1de3d71
db85f5a4a38880cf98a0bdae8b7ed47840716a63a2e10397191a10463b6d93be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4069
Cache-Control: max-age=168989
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:32:49 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video-js.min.css
IP
File type ASCII text, with very long lines (39368), with no line terminators
Hash a3d749fa144167d371d6441e2890a1ba
bcb060070f22fea928113286a340fc11cb58790e
e6f570094305dabd55355842c61dd6b851bda2b3c2cf785253a9d7355b4bff25
GET /ajax/libs/video.js/5.20.3/video-js.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: text/css; charset=utf-8
content-length: 12020
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-99c8"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12019621
expires: Sun, 15 Oct 2023 21:36:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75fe16523af7b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
IP
File type ASCII text, with very long lines (8830)
Hash 1cf760c79216e6b8559aea791ab5cb8d
62d310bfcfec341609491e28bfebd30e4e0e8d76
15c7460f2f89d5d98674339159442044b921d40ec62e5315d9945cd29edad1ca
GET /ajax/libs/js-sha256/0.9.0/sha256.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 2977
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-2339"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4076600
expires: Sun, 15 Oct 2023 21:36:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75fe16523af9b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js
200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js
IP
File type ASCII text, with very long lines (32125)
Hash ac90cd1b5f01c2fab6e9f2189849b421
a35dde5d5695655fe7ccddf969b5535faeb4fd0c
7ae8e1712478be9918709714a29496d8fc83fbe742e000a38b6379647220ba5d
GET /ajax/libs/peerjs/0.3.14/peer.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 10459
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f88-a497"
last-modified: Mon, 04 May 2020 16:15:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17469362
expires: Sun, 15 Oct 2023 21:36:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75fe16523b06b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
IP
File type ASCII text, with very long lines (3730)
Hash 05661a68288a93edb3a6009260995872
bdfd274ad45670c0f7e162d33f521576dc3b71f4
611c3d43cc5a80a7e4831274225cf0b97d28edf26e4c1e4d7a1adfc06929c0f4
GET /ajax/libs/blueimp-md5/2.10.0/js/md5.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8b-eb6"
last-modified: Mon, 04 May 2020 16:06:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9777260
expires: Sun, 15 Oct 2023 21:36:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75fe16524b10b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
200 OK 1.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
IP
File type ASCII text, with very long lines (1022), with no line terminators
Hash 536ed11d898033e7f29ee30fb5b5cb9d
d6ce44c8d72a31fd636d4ee802859f68c10969ab
38787f4c22e4771eb0cec5f8abfe8727f59341da02f6fa94d974004ccd566714
GET /ajax/libs/json2/20160511/json2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1235
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec8-c63"
last-modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2845993
expires: Sun, 15 Oct 2023 21:36:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75fe16527b3ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
avgle.com/embed/16b334b0ec92f0d1cda3
200 OK 37 kB URL HTTP/2 avgle.com/embed/16b334b0ec92f0d1cda3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4381), with CRLF, LF line terminators
Hash e5f112cf661d45a9142bcb8483205dc1
31a7800460a77d773477e73d8b4d76b8df93ad5b
eef9437cdf1773fb2ae65aa6ffa13b8a4093817eb926e005fcd8a7630d97c937
GET /embed/16b334b0ec92f0d1cda3 HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
set-cookie: AVS=59ef0a7559772afa138ace42252571b8; path=/
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cache-control: public, s-maxage=1800
servedby: n2
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BbDSWwhlgKguSbAn%2FoWNhEtl%2BvFZXRZGfv0cXimo3oJcDZlNec9PT0ik%2FoyTVBG9MAUH7CgR9aya9ww4ZmGmJJBVTJY8ePX%2BcvRZdvoRK2x9s%2BX0OkhyVgewXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe16507d070b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 3.3 kB IP
Hash 17fe3b1b7dbcaac15c7ac73fb0729ce3
85ffc4dc2ee71bb34dca0fd8480311f75f81ed93
eac0b11604bcfaa0ac247c1916f98713dc87cb79ce3cdad288c69c51b2ed2684
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4069
Cache-Control: max-age=168989
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:20 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:32:49 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e4353a7d64702a2b4f6ff692e3c0d47
a757ab255f8b5a46aff97f69323500101498ede2
6c95532d9f0c2db90ec814d72dc41664f18f906c07bd0bea3afb7db47616fb15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C95532D9F0C2DB90EC814D72DC41664F18F906C07BD0BEA3AFB7DB47616FB15"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7289
Expires: Tue, 25 Oct 2022 23:37:49 GMT
Date: Tue, 25 Oct 2022 21:36:20 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avgle.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 489209
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb20/662195/default.jpg
200 OK 20 kB URL HTTP/2 static-clst.avgle.com/videos/tmb20/662195/default.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 11b6021653758500d71af3a4e986acca
8771d62ac1fa7aac2c17fb7722b68781a17b101c
4f4c1a8a27dcca08ea522fe737c6bcea145bffaa90e8b16efe2cd6f468f900af
GET /videos/tmb20/662195/default.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:20 GMT
content-type: image/jpeg
content-length: 20149
server: nginx/1.16.1
x-object-meta-mtime: 1653281283.740552977
last-modified: Mon, 23 May 2022 04:48:08 GMT
etag: 11b6021653758500d71af3a4e986acca
x-timestamp: 1653281287.57658
x-trans-id: txe73f8f77666f4e36a5f83-0062ceeb96
x-openstack-request-id: txe73f8f77666f4e36a5f83-0062ceeb96
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:20 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b3937a08c83905429812a5900de78149
665dc909a5c4d8591489b066fc93fa5fce30fa6f
835724f14ad89837f25233df0a87a01a06e7877825581cc8840f362dbe7c1b8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "835724F14AD89837F25233DF0A87A01A06E7877825581CC8840F362DBE7C1B8B"
Last-Modified: Mon, 24 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16882
Expires: Wed, 26 Oct 2022 02:17:43 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oeaj0&_p=1913292933&cid=739640863.1666733778&ul=en-us&sr=1280x1024&_s=1&sid=1666733778&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 19 kB URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oeaj0&_p=1913292933&cid=739640863.1666733778&ul=en-us&sr=1280x1024&_s=1&sid=1666733778&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash 3bd56c4917f7d150f49ff0fe480f4918
00a35781e5ce7c1e34ce238bcbeec2b3682044cf
bc31726aad7ea8d9594504b169269f573cfd7819b1205518bf860805af956b9b
POST /g/collect?v=2&tid=G-ZLN9EGDKDC>m=2oeaj0&_p=1913292933&cid=739640863.1666733778&ul=en-us&sr=1280x1024&_s=1&sid=1666733778&sct=1&seg=0&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://94ero.com
date: Tue, 25 Oct 2022 21:36:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb9/301521/1.jpg
200 OK 75 kB URL HTTP/2 static-clst.avgle.com/videos/tmb9/301521/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 1f13aa9f4753a690ac7388ac0919e93f
fc5ef15e7cb49d5dc5635eda496e22758d894b05
20b7a8b80397851b98122a246d3d2c830946c9f9641338885be28fe10cb6188a
GET /videos/tmb9/301521/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 75406
server: nginx/1.16.1
last-modified: Thu, 01 Aug 2019 18:51:16 GMT
etag: 1f13aa9f4753a690ac7388ac0919e93f
x-timestamp: 1564685475.99032
x-object-meta-mtime: 1564685481.459752708
x-trans-id: tx230a9552e39d4f8a80423-0062a9157b
x-openstack-request-id: tx230a9552e39d4f8a80423-0062a9157b
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=853015
200 OK 1.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=853015
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 0c4620964fa1b8cbea08bbcc7bb95121
45580c28ee47becc30948769407222700953e6be
b3d61822b7629cf0394c41ff5ba1da075f21495e1f9023ae15946f174641d79a
GET /adshow.php?adzone=853015 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f2e7f463caa7bed08a8a4637d67a740e; expires=Wed, 25-Oct-2023 21:36:20 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps61=1; expires=Wed, 26-Oct-2022 21:36:20 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY5NjU7aToxNjY2OTkyOTgwO30%3D; expires=Fri, 28-Oct-2022 21:36:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
static-clst.avgle.com/videos/tmb12/412088/1.jpg
200 OK 102 kB URL HTTP/2 static-clst.avgle.com/videos/tmb12/412088/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Size 102 kB (101910 bytes)
Hash da324e8718c1dfa58c6a21200b91ec72
0923521e81731efea21e53b46d8e1a6744698011
0942815e028e3e4ec0cfa045153e93e81fa5a68bcee11411c4f85a99f17e4f76
GET /videos/tmb12/412088/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 27742
server: nginx/1.16.1
last-modified: Sat, 27 Jun 2020 18:56:23 GMT
etag: dc269e08ffa5738af13daeb34c8e9d35
x-timestamp: 1593284182.51305
x-object-meta-mtime: 1593284188.046757049
x-trans-id: tx4541d7f76ed34490af2da-0062a9176f
x-openstack-request-id: tx4541d7f76ed34490af2da-0062a9176f
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb22/708681/1.jpg
200 OK 17 kB URL HTTP/2 static-clst.avgle.com/videos/tmb22/708681/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash 3fb81913690608743ed58ee02685db33
22f664620cadadc14582f7d61daf62a34efda988
50472ab5d6008cf1cacafacfec87012cb1802f765b678dbaf8bb5d4c2befa71e
GET /videos/tmb22/708681/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 16754
server: nginx/1.22.0
x-object-meta-mtime: 1665447384.8311602
etag: 0d6f07de15dc156ff357b2d0905bd856
last-modified: Tue, 11 Oct 2022 00:16:30 GMT
x-timestamp: 1665447389.87163
x-trans-id: txf29afad825854f0291ab1-006344c551
x-openstack-request-id: txf29afad825854f0291ab1-006344c551
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
200 OK 160 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP
File type ASCII text, with very long lines (608)
Size 160 kB (159789 bytes)
Hash 1230a090d5cedcb9e764406ab9497c1b
3d175bcf4ad9957c3e32611713c01347299b173e
585cafe3d6a3b932804aaa5aeb19a650688a2c15767f513d0d60c1941475c428
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:08:18 GMT
expires: Tue, 24 Oct 2023 21:08:18 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 88083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 25 Oct 2022 20:41:09 GMT
expires: Tue, 25 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3312
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb22/708799/10.jpg
200 OK 16 kB URL HTTP/2 static-clst.avgle.com/videos/tmb22/708799/10.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash b17b9edfec2859758600d469a962ac96
c772792149b6662f373c9f4a916947a26db88319
1e268590bf5903692624d67b57ae44ee2a334db226eff2ff759e1a789b79bf09
GET /videos/tmb22/708799/10.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 15853
server: nginx/1.22.0
x-object-meta-mtime: 1665487475.060167247
etag: b17b9edfec2859758600d469a962ac96
last-modified: Tue, 11 Oct 2022 11:24:45 GMT
x-timestamp: 1665487484.44196
x-trans-id: tx0836769faf4441c98cd41-0063458621
x-openstack-request-id: tx0836769faf4441c98cd41-0063458621
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=663702
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=663702
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (420), with CRLF, LF line terminators
Hash d42c43f2a4638ff9c1594af06852869a
ecfa76770893981120198f0109c357198caa2958
15bffb13d019084076ecc1695b02a98b830a5ab91190253a67b11d8de3af4acb
GET /adshow.php?adzone=663702 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f2e7f463caa7bed08a8a4637d67a740e; expires=Wed, 25-Oct-2023 21:36:20 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps12957=1; expires=Wed, 26-Oct-2022 21:36:20 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc5NTQ2MDtpOjE2NjY5OTI5ODA7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:20 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
static-clst.avgle.com/videos/tmb18/596603/1.jpg
200 OK 19 kB URL HTTP/2 static-clst.avgle.com/videos/tmb18/596603/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash 4adc91701a84b94a50ecc346fec6308f
268a1ab13eb05b1eba6c0d3b689ab4ab1bc2a6a9
e53d5097fb8c6830436e5b635a549f9511afcba8ecd09e041c43b097a25c12de
GET /videos/tmb18/596603/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 18451
server: nginx/1.16.1
last-modified: Wed, 03 Nov 2021 14:00:27 GMT
etag: 1d99b9b0bc47189d6baabfc588598902
x-timestamp: 1635948026.92406
x-object-meta-mtime: 1635948022.954274076
x-trans-id: txe1771206bb464cc9b54f4-0062a9588f
x-openstack-request-id: txe1771206bb464cc9b54f4-0062a9588f
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb21/680255/1.jpg
200 OK 16 kB URL HTTP/2 static-clst.avgle.com/videos/tmb21/680255/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash 17514dfe39503860d1e7a10414c03781
56703aaa18d5eb23f89f551964a47ad81ac64ddb
a19e930832e55873694f7f7102b893cd0edb3e0eae3266b3d1fb3f2d0f3727f8
GET /videos/tmb21/680255/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 15700
server: nginx/1.16.1
last-modified: Wed, 13 Jul 2022 11:02:19 GMT
etag: c0c933cb186638e44d3140273a594055
x-timestamp: 1657710138.88874
x-object-meta-mtime: 1657710133.829443822
x-trans-id: tx69fcc3d7156e4d18846e1-0062ceaafe
x-openstack-request-id: tx69fcc3d7156e4d18846e1-0062ceaafe
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static-clst.avgle.com/videos/tmb4/152464/1.jpg
200 OK 72 kB URL HTTP/2 static-clst.avgle.com/videos/tmb4/152464/1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 0e3147c5953014df688f2ac72f369709
b93bd49e61e86e0ee548139ead48f0c28de7d691
a7b05910f0a426864e4f66925492b2dcbb96735b98b9b8496c7cb4ec0983e299
GET /videos/tmb4/152464/1.jpg HTTP/1.1
Host: static-clst.avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: image/jpeg
content-length: 72408
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 11:27:48 GMT
etag: 0e3147c5953014df688f2ac72f369709
x-timestamp: 1526556467.48829
x-object-meta-mtime: 1522312095.070852727
x-trans-id: tx5d60232f1b75407d8f394-0062aa21be
x-openstack-request-id: tx5d60232f1b75407d8f394-0062aa21be
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 06 Dec 2022 12:36:21 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e51b6855c0480724d286847fa91528fe
ee6a114e7bc79b1aa1f07b31cb90674c2ba77bbc
174e93f5d04840d025c9807d0c752ad4b96a4350ab968025b0856c5e59599d47
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6336
Cache-Control: max-age=165826
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:21 GMT
Etag: "635822d7-1d7"
Expires: Thu, 27 Oct 2022 19:40:07 GMT
Last-Modified: Tue, 25 Oct 2022 17:54:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/j/collect?v=1&_v=j98&a=1913292933&t=pageview&_s=1&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&ul=en-us&de=UTF-8&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2003259547&gjid=1069147682&cid=739640863.1666733778&tid=UA-53263334-5&_gid=363886121.1666733779&_r=1>m=2ouaj0&z=336891373
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1913292933&t=pageview&_s=1&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&ul=en-us&de=UTF-8&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2003259547&gjid=1069147682&cid=739640863.1666733778&tid=UA-53263334-5&_gid=363886121.1666733779&_r=1>m=2ouaj0&z=336891373
IP
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1913292933&t=pageview&_s=1&dl=https%3A%2F%2F94ero.com%2Fvideos%2F662195&ul=en-us&de=UTF-8&dt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2003259547&gjid=1069147682&cid=739640863.1666733778&tid=UA-53263334-5&_gid=363886121.1666733779&_r=1>m=2ouaj0&z=336891373 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://94ero.com
date: Tue, 25 Oct 2022 21:36:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash 8b90e0b99e2cb125b5820c7ff68e71c3
b83084d07a08699060cc9e93a15ec330905d732f
c452e4718187baf9e5ef8cf601d679ae30a8e4980ed9793a0525ba86fc5dc452
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 77da257fc6f7c1c760b122d40fda86bc
etag: "5a0f91a7194680de3f821c4333a7dc0c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 25 Oct 2022 21:37:20 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: i5DguZ4ssSW1ggx/9o5xww==
x-fb-debug: BG2tPetXLGlb91yMOvg8kJnJrnhZny1SbbS3zVu6+z1RKiYoq90kUFIPwmjeP4smCFDj4/dwdtDDUvxINw4ibw==
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.jads.co/network/user1037/131-1573234880-0690480001573234880.jpg
200 OK 116 kB URL HTTP/2 i.jads.co/network/user1037/131-1573234880-0690480001573234880.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 160x600, components 3\012- data
Size 116 kB (115807 bytes)
Hash 9899075f7c10fd117c736fb6704236f6
9bb92845011f7a27c3f7d4448dce45bfa2a640f8
ef25c9e7b512870abd2df002956131169309e2b5664901592750fb18591bd705
GET /network/user1037/131-1573234880-0690480001573234880.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f2e7f463caa7bed08a8a4637d67a740e; imps61=1; juicy_data_1=YToxOntpOjExOTY5NjU7aToxNjY2OTkyOTgwO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
etag: "1573234880"
cache-control: max-age=15341279
content-length: 115807
content-type: image/jpeg
last-modified: Fri, 08 Nov 2019 17:41:20 GMT
accept-ranges: bytes
x-hw: 1666733781.dop014.sk1.t,1666733781.cds239.sk1.hn,1666733781.cds219.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user47819/12957-1568843906-0467906001568843906.jpg
200 OK 97 kB URL HTTP/2 i.jads.co/network/user47819/12957-1568843906-0467906001568843906.jpg
IP
Hash 6b481b4b0598d9188a883a301afbb432
52076ba70d18743886a90aeca0e9aabcbe717eac
822a4a78d0daec094c0dedd57a89410d68db0be671ea944dbd4244b0c9fae5d3
GET /network/user47819/12957-1568843906-0467906001568843906.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f2e7f463caa7bed08a8a4637d67a740e; imps61=1; juicy_data_1=YToxOntpOjc5NTQ2MDtpOjE2NjY5OTI5ODA7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps12957=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
etag: "1568843906"
cache-control: max-age=26714666
content-length: 96226
content-type: image/jpeg
last-modified: Wed, 18 Sep 2019 21:58:26 GMT
accept-ranges: bytes
x-hw: 1666733781.dop014.sk1.t,1666733781.cds239.sk1.hn,1666733781.cds202.sk1.c
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f2e7f463caa7bed08a8a4637d67a740e; imps61=1; juicy_data_1=YToxOntpOjExOTY5NjU7aToxNjY2OTkyOTgwO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
etag: "1457030838"
cache-control: max-age=20491485
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1666733781.dop014.sk1.t,1666733781.cds239.sk1.hn,1666733781.cds217.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e51b6855c0480724d286847fa91528fe
ee6a114e7bc79b1aa1f07b31cb90674c2ba77bbc
174e93f5d04840d025c9807d0c752ad4b96a4350ab968025b0856c5e59599d47
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6336
Cache-Control: max-age=165826
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:21 GMT
Etag: "635822d7-1d7"
Expires: Thu, 27 Oct 2022 19:40:07 GMT
Last-Modified: Tue, 25 Oct 2022 17:54:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash b1cc632b0f816956e60a9deb6f2ea4c8
4758dc19aa6efaf083018229268c8c9fe9b54a2b
bca717080baa5d2bbcd798bb2d0d6a76a036065ea0621491735a5d2967af2604
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:36:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 29 Oct 2022 19:55:08 GMT
ETag: "4758dc19aa6efaf083018229268c8c9fe9b54a2b"
Last-Modified: Tue, 25 Oct 2022 19:55:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2786
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75fe1656de8d0b39-OSL
daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
200 OK 24 kB URL HTTP/1.1 daisycontroversy.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f4b395788f2a4adaf9e80e7e59cc8fd4
448f6bfd964a1126225576f1ce8b95b7a23f15a6
807d7815c25a1c26124380eac2321dadfeda4b253c711bf149fd0323f007eb9f
GET /67/1d/ba/671dbadbf37814e321f252eac8aa2500.js HTTP/1.1
Host: daisycontroversy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 25 Oct 2022 21:36:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0031e100b39ed6ade944faf27b11953b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 022ed0fc09a910c353853e48fcceb302
db9f4b8092c800497e142751ecc537c50285421a
f8b39bf071b5b5f51a0df8c3f227466496557c96647a3b5dcda402a99ee8dfb6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8B39BF071B5B5F51A0DF8C3F227466496557C96647A3B5DCDA402A99EE8DFB6"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Tue, 25 Oct 2022 22:49:27 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53263334-5&cid=739640863.1666733778&jid=2003259547&gjid=1069147682&_gid=363886121.1666733779&_u=YADAAUAAAAAAACAAI~&z=2026594291
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53263334-5&cid=739640863.1666733778&jid=2003259547&gjid=1069147682&_gid=363886121.1666733779&_u=YADAAUAAAAAAACAAI~&z=2026594291
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53263334-5&cid=739640863.1666733778&jid=2003259547&gjid=1069147682&_gid=363886121.1666733779&_u=YADAAUAAAAAAACAAI~&z=2026594291 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://94ero.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 21:36:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:36:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=d27c9f80696a21710b9d90948f84db4e
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d27c9f80696a21710b9d90948f84db4e
IP
File type ASCII text, with very long lines (18530)
Hash e95f1b414a700a6c540f9119e16ce9d2
4e6007b6e2ddc3e0f465555254bce7712e09aa9a
0de754cc2662f56ecb3017d49546cf9e13f319163c711fc8a2392d35ae8e3014
GET /en_US/sdk.js?hash=d27c9f80696a21710b9d90948f84db4e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9791797fae6e2045ba10ef0463643738
etag: "23fcf6322fd7519ab6afa432b498bfec"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 25 Oct 2023 20:51:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 6V8bQUpwCmxUD5EZ4Wzp0g==
x-fb-debug: 5KTZf3J8bktZcFmJt72AVL3NeqAo5xg5N8VAyjYxiAxjBHisTqCYchU61UEb5/trnZwdttPy0kh6316gI8v/8w==
priority: u=3,i
content-length: 88395
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9680
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9680
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9680
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cf322f19151bcfa374c2e32b9ac986f
e8e69ac951def18bc1e03ecd4fe8a21d3b825b27
54ddfd1876f65e264b9b3209a0e805a3796013b4aacc8e9fd20b49754b4917a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4206
x-amzn-requestid: 6b02f96a-ea03-4eff-acde-c73925260102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3E3GPQoAMFpIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570552-77cf762d0e54f1f60efe52c3;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:18 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jiu-Z6DMgXxXdZ5BDwjNoq5Y15kBgM894k4EY2qSRZKdvk0bfkn89A==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:16 GMT
age: 85565
etag: "e8e69ac951def18bc1e03ecd4fe8a21d3b825b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89448f1a52030b28e9ecfcdc190787d4
5080ba75c230fd2b303f29a9b64868c6e8771df8
10a736997d441e274a54e9689c349d407087fef7aa7c0f4d0a7a603e446fdabd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: 94dad7b4-9c12-4bda-9202-3b7427185182
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiElGzEIAMFnOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e9-3c79cd392d5bc4312a730cda;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c5_B2RXKJx7FHrQvHdCG50zcDFWUqaaZu0GYuCxEI8fpK019dSlD3Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 13:16:32 GMT
age: 29989
etag: "5080ba75c230fd2b303f29a9b64868c6e8771df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:10:29 GMT
age: 84352
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:43:49 GMT
age: 49952
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KfIXjRxRZXL0gD2Etdn5kfEjPkqA-faF2KHqrWikR0etkh6oGU4ifw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:09 GMT
age: 85572
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:51:44 GMT
age: 49477
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb3990d18e1828c534d2a7d109c37c89
e7cf6ecb5c19de14a795b65dba8fa8f3b1d631f7
45e8b2574c8f69c52d24435bd89c0570bb7f29052671cdf5ac2aa70125a7cfcd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45E8B2574C8F69C52D24435BD89C0570BB7F29052671CDF5AC2AA70125A7CFCD"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11542
Expires: Wed, 26 Oct 2022 00:48:43 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 220ba1a6079130ac094ec6f0cd74148e
781b2560c81b98082b8cde9a43c84d353010ff92
2f578688ce5f446c84e71988b8fea857cfe501fd819abda72c59ad6dc2b05088
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F578688CE5F446C84E71988B8FEA857CFE501FD819ABDA72C59AD6DC2B05088"
Last-Modified: Tue, 25 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11337
Expires: Wed, 26 Oct 2022 00:45:19 GMT
Date: Tue, 25 Oct 2022 21:36:22 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 022ed0fc09a910c353853e48fcceb302
db9f4b8092c800497e142751ecc537c50285421a
f8b39bf071b5b5f51a0df8c3f227466496557c96647a3b5dcda402a99ee8dfb6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8B39BF071B5B5F51A0DF8C3F227466496557C96647A3B5DCDA402A99EE8DFB6"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4385
Expires: Tue, 25 Oct 2022 22:49:27 GMT
Date: Tue, 25 Oct 2022 21:36:22 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:30:06 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 343249787
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=675182
200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=675182
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (399), with CRLF, LF line terminators
Hash ea411c2a183a32fc2711e473b433fa68
1a15520fdc02d809f80d6c00ab3d024b7a088ab8
889c2e13980d66db822a36859598c62f865738067175cee2fa4c4f8553820bfd
GET /adshow.php?adzone=675182 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=18eb156406793e2d24e76c97a19c8e74; expires=Wed, 25-Oct-2023 21:36:21 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Wed, 26-Oct-2022 21:36:21 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY2OTkyOTgxO30%3D; expires=Fri, 28-Oct-2022 21:36:21 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:21 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif
200 OK 92 kB URL HTTP/2 i.jads.co/network/user81419/47386-1642692260-0719830001642692260.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Hash efce1909a426b6848e64f728ff234d1f
44b701160776dd5d73fdc33abdb725e567806c48
443431deee747fc76f1cde9f5d23eba8f9284dbbd6aae342f7367386bd606da8
GET /network/user81419/47386-1642692260-0719830001642692260.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=18eb156406793e2d24e76c97a19c8e74; imps61=1; juicy_data_1=YToxOntpOjEzMTk2Nzg7aToxNjY2OTkyOTgxO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps12957=1; imps47386=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:22 GMT
etag: "1642692260"
cache-control: max-age=10028111
content-length: 91468
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:24:20 GMT
accept-ranges: bytes
x-hw: 1666733782.dop014.sk1.t,1666733782.cds239.sk1.hn,1666733782.cds228.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=731571
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=731571
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1332), with CRLF, LF line terminators
Hash 2dee4998e7fe99035b4637c26642dae2
bbe731637713fea50e44269986a285e166632777
e7c72b9557e6e6b5ef6c287494cdbe795a454bfa7a799ba56855c69659952e21
GET /adshow.php?adzone=731571 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=18eb156406793e2d24e76c97a19c8e74; expires=Wed, 25-Oct-2023 21:36:21 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps271=1; expires=Wed, 26-Oct-2022 21:36:21 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc5NjY1NTtpOjE2NjY5OTI5ODE7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:21 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 28-Oct-2022 21:36:21 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user4057a/271-1569119962-0251339001569119962.jpg
200 OK 77 kB URL HTTP/2 i.jads.co/network/user4057a/271-1569119962-0251339001569119962.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash c6613f13308a33c91e69bd829fd8be4a
4dda361ea6f492d28b2792d29be32c7cbfcd285a
ea557560372270786c5dad4a77543ca0055963e448c1dad6496f4f3fb7c3b2f6
GET /network/user4057a/271-1569119962-0251339001569119962.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=18eb156406793e2d24e76c97a19c8e74; imps61=1; juicy_data_1=YToxOntpOjc5NjY1NTtpOjE2NjY5OTI5ODE7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps12957=1; imps47386=1; imps271=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:22 GMT
etag: "1569119962"
cache-control: max-age=5597089
content-length: 77023
content-type: image/jpeg
last-modified: Sun, 22 Sep 2019 02:39:22 GMT
accept-ranges: bytes
x-hw: 1666733782.dop014.sk1.t,1666733782.cds239.sk1.hn,1666733782.cds026.sk1.c
X-Firefox-Spdy: h2
s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-18450454&@b3:1666733779&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F16b334b0ec92f0d1cda3&@w
200 OK 124 B URL HTTP/1.1 s4.histats.com/stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-18450454&@b3:1666733779&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F16b334b0ec92f0d1cda3&@w
IP
File type ASCII text, with no line terminators
Hash 4da137a0c5f4c0f2af17e2cce8386151
f3ee991b38c295e348131afcbe5d42e042e1ad8f
07a0da68fe394857d1043bf695617df4f4898d0025781338ba0f50fb480203bb
GET /stats/3858761.php?3858761&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97&@n0&@ohttps%3A%2F%2F94ero.com%2F&@q0&@r0&@s1032&@ten-US&@u1280&@b1:-18450454&@b3:1666733779&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favgle.com%2Fembed%2F16b334b0ec92f0d1cda3&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:36:22 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 124
Connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a0dca3e13e8a602098610a89905341e
f01df792539c57b09963715d2859728c82486e07
607e8a5010b4b51959d3a0bf8d851efea841a4d61b9252a812fa18508330d4f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "607E8A5010B4B51959D3A0BF8D851EFEA841A4D61B9252A812FA18508330D4F9"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16627
Expires: Wed, 26 Oct 2022 02:13:29 GMT
Date: Tue, 25 Oct 2022 21:36:22 GMT
Connection: keep-alive
s10.histats.com/counters/cc_1032.js
200 OK 5.6 kB URL HTTP/2 s10.histats.com/counters/cc_1032.js
IP
File type HTML document, ASCII text, with very long lines (15441), with no line terminators
Hash 0ec7f2a21cef271e478d52652b3ce8f0
7644885c01d5197c2d8b26cfcdcbeb6d60b3f792
ce0aaf0880f892c04c6e8070b036cbf3822255136e47052eca1f9b712d56e84b
GET /counters/cc_1032.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:34:18 GMT
etag: "-33105628"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 1024983789
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5573
X-Firefox-Spdy: h2
d24ak3f2b.top/advertisers.js
200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 25 Oct 2022 21:36:22 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 787b1fc5d5f4cff91f5aee14f0cc2abf
a27036e3eeb9e273c9d9b5175237ff400b341c92
02cf018bf2716a3128a827ea3cc1daca23e98e0469c0dd24807e140af1a8f7b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143031
Date: Tue, 25 Oct 2022 21:36:22 GMT
Etag: "6357d705-1d7"
Expires: Thu, 27 Oct 2022 13:20:13 GMT
Last-Modified: Tue, 25 Oct 2022 12:31:01 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FiFm9pLiqBTzBAL0mA7GE9pUJG9LL0HfiDxATWYagJLULOKP-fdCgw==
Age: 2952
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 4af4c1ebcc380562f46ffd1ff9f621f8
ed693b96cfc8f5786beeedb08f43e0987c8d0461
95589d9f9c8825a539228360f3f84106e1c184ae833b8095032f0fe12f41fb95
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avgle.com
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://avgle.com
access-control-allow-credentials: true
set-cookie: uid_id2=ffc92181-ee4b-47f4-a3f2-0b27846f5ac4:2:1; expires=Fri, 22 Oct 2032 21:36:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e810e7f85127761c3b5d14c6b42b9ce4
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 735173d7710e93fb01a417fe0d004827
4c4e7ddaf6547c943fa56930805f44bf93df5ccf
b8f54de043c5353508b6af2fe34a5cda75efc8081dd1311c90c36dd4966ae830
GET /hm.js?e810e7f85127761c3b5d14c6b42b9ce4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Tue, 25 Oct 2022 21:36:22 GMT
Etag: 3a57df321eff1bf9f8154d827b6fa526
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BCF3885720A5667B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 25b81533916effb6270d0ce3c8633dba
2cb1b18d9fea15854d8cf6d017fe28e79c7bc443
45d68bb4a6304ca626b1e1826bdd47ee5b387374ddb7daaf00ea2089ba01bf98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D68BB4A6304CA626B1E1826BDD47EE5B387374DDB7DAAF00EA2089BA01BF98"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2978
Expires: Tue, 25 Oct 2022 22:26:01 GMT
Date: Tue, 25 Oct 2022 21:36:23 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=ffc92181-ee4b-47f4-a3f2-0b27846f5ac4&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=ffc92181-ee4b-47f4-a3f2-0b27846f5ac4&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ffc92181-ee4b-47f4-a3f2-0b27846f5ac4&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=671dbadbf37814e321f252eac8aa2500&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 25 Oct 2022 21:36:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e71378e9b28d5fee095fb90abb46ab5
Strict-Transport-Security: max-age=0; includeSubdomains
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1612556416&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=47661&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F662195&tt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1612556416&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=47661&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F662195&tt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1612556416&si=e810e7f85127761c3b5d14c6b42b9ce4&v=1.2.97&lv=1&sn=47661&r=0&ww=1280&ct=!!&u=https%3A%2F%2F94ero.com%2Fvideos%2F662195&tt=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97- HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Oct 2022 21:36:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6D4205690752ECAB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/662195
200 OK 0 B URL HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/662195
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://94ero.com/videos/662195 HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 25 Oct 2022 21:36:24 GMT
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/G0_hn0husBz.css?_nc_x=Ij3Wp8lg5Kz
200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/G0_hn0husBz.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4093)
Hash 3f69079cb3c327ed35f48fd35649960f
0f94f8ffd7b6b49dce9412a2e7e7fc063cbc11ab
c8dc253c3743ca4e0f0f93e76aaddeb7a95c0160d03e3b4926a690faa03ddbeb
GET /rsrc.php/v3/yZ/l/0,cross/G0_hn0husBz.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 25 Oct 2023 14:46:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: P2kHnLPDJ+019I/TVkmWDw==
x-fb-debug: rA0Czispg/roGQ1x8PcNhtRBJ6j9AZtwklEQbAlHmVYX78ceNgMqrKT6EDTj7K8hno8p0mX8JHSdFtxOpO3WWg==
content-length: 5030
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 12 Oct 2023 22:50:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: 6TBMwai3S1JoI37VvgOAe6fwl2WksmrTDvx8J/n3OhkvDiVij59aJ8oY54m6GqU5fY4j1fmOvkR6QRm7kt8TuQ==
content-length: 827
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ym/r/97L-vgmdSLT.js?_nc_x=Ij3Wp8lg5Kz
200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ym/r/97L-vgmdSLT.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (18610)
Hash c16cda25092df33af56d81d1b46dac18
fcc38a4a76d6690e17e99928eff206759669b7a3
df2a95aaa04f582ec896f57507134d732ae4613b59cdd0e95712cc52d76d0fd3
GET /rsrc.php/v3/ym/r/97L-vgmdSLT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 24 Oct 2023 23:19:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wWzaJQkt8zr1bYHRtG2sGA==
x-fb-debug: 19DjwnDXvEUsXjdUr6pxV6nh7GoHEJmW3OcP966ELQoGciQA/SXZjaop6BfFq6MoY8ynkAj4B+iTfxha5OA/jg==
priority: u=2
content-length: 91048
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yU/r/M2ZZRWt52Bh.js?_nc_x=Ij3Wp8lg5Kz
200 OK 1.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yU/r/M2ZZRWt52Bh.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (1984)
Hash 3f15e3fee02aa14347ad9bf02e8cd464
1741957d327c3e2c86e4b886c82641f7cb908cb7
d8be446f2cb48275228734236e9b8d0442d14fb10878b56f31f476c6bfb89aaa
GET /rsrc.php/v3/yU/r/M2ZZRWt52Bh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 20 Oct 2023 14:36:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PxXj/uAqoUNHrZvwLozUZA==
x-fb-debug: VE2M8amA12qaYb6G9MucSxq6S+DafF9K1aJK4mi0N6DV77hH3CCN272QCFSYoh5262abLND+u5itIBLtWGLI2w==
priority: u=3,i
content-length: 1780
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (5542)
Hash ff2d2eee60e0c67cd2f5a88064e1739b
7f358686932b0d389e033443b60ffefa22115e2e
adfde198ab91ca51a572f6c857570fb93f33f7ae665d5b2dc45d041ccbdec431
GET /rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 25 Oct 2023 17:03:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /y0u7mDgxnzS9aiAZOFzmw==
x-fb-debug: vxQhQ6B3T5MrgRKxjYWu09rFvsVQrjHB6l38WLKYLo79FW2NOpbE3EIInoIMhLqHfQnIeEKawhBvlkeqiIyE1w==
content-length: 12270
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yj/r/5I68SGTEBGz.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yj/r/5I68SGTEBGz.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (8260)
Hash 423680c027a5a6cbfb893e2bbbe5fb30
d0ec94ab46f900be668765770ae683b1d490ecf6
08db3ae44ff2ed1801c8f61b8ef60cf7e713788d3cdc7b93f1dd15849c2e5c98
GET /rsrc.php/v3/yj/r/5I68SGTEBGz.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 12 Oct 2023 20:11:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QjaAwCelpsv7iT4ru+X7MA==
x-fb-debug: emNmOH/inhw8wUPkGUVLvYM28hso+z5owrNUalWbAwCQaQdwESGPP5pvYsBMRexQgTN1v+k5RvV3GAck6wzdmw==
priority: u=3,i
content-length: 16192
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 13 Oct 2023 17:16:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: 6hk8axzsTHHD/aXWJn8iNzJxANRmcVGYhmhIK4e/3cEmt6ftsrhKTL1McpR38inER4tM1qWkRGAy9XsVGb1LAA==
content-length: 23273
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 21:36:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F662195&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F662195&title=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&env=REAL
200 OK 801 B URL HTTP/1.1 social-plugins.line.me/widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F662195&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F662195&title=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&env=REAL
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 77161a2c0af12df194c72ee696d0e85d
db8717979bdbf341d0119d3eb7658e4ecafc697e
799450eff202e414c3a5ccb6e45fdd2225a18ac5c5287cecca45952c31976736
GET /widget/share?url=https%3A%2F%2F94ero.com%2Fline%2F662195&buttonType=share-e&lang=zh_Hant&type=share&id=0&origin=https%3A%2F%2F94ero.com%2Fvideos%2F662195&title=94ERO%20%E6%84%9B%E6%83%B3%E3%81%AE%E3%81%84%E3%81%84%E5%B7%A8%E4%B9%B3%E7%BE%8E%E5%A5%B3%E3%81%AB%E4%B8%AD%E5%87%BA%E3%81%97-&env=REAL HTTP/1.1
Host: social-plugins.line.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 25 Oct 2022 21:36:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Oct 2022 21:36:25 GMT
Content-Length: 801
Connection: keep-alive
Vary: Accept-Encoding
www.line-website.com/social-plugins/css/widget.1.17.0.0.css
200 OK 2.2 kB URL HTTP/2 www.line-website.com/social-plugins/css/widget.1.17.0.0.css
IP
File type Unicode text, UTF-8 text, with very long lines (8338), with no line terminators
Hash 5244ad6ebba20429622947ed6f87cc09
8f9de79bcf2045f053c8f686f5ad31e699e59519
081085d173cc7dff128909b2f6c806ad84982da56309edb77c35485eaa2ce17e
GET /social-plugins/css/widget.1.17.0.0.css HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: text/css
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:58 GMT
x-rgw-object-type: Normal
etag: "0bf065d0cd685dac6d59c469a52b9720"
x-amz-meta-s3cmd-attrs: md5:0bf065d0cd685dac6d59c469a52b9720
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004395aeec-0062661229-f4bc22f-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=7164453
date: Tue, 25 Oct 2022 21:36:25 GMT
content-length: 2245
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/img/common/line_icon_v3.png
200 OK 906 B URL HTTP/2 www.line-website.com/social-plugins/img/common/line_icon_v3.png
IP
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced\012- data
Hash 5b5dbfdf26951c09f907b46805f10b5a
fe16f44110501e5d82aeb2b91ba9c6760108f271
6ba9ecf0a6e418c4c8772d4d2bc546945e156e7d333112410b88bdc04b947423
GET /social-plugins/img/common/line_icon_v3.png HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: image/png
content-length: 906
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:08:00 GMT
x-rgw-object-type: Normal
etag: "5b5dbfdf26951c09f907b46805f10b5a"
x-amz-meta-s3cmd-attrs: md5:5b5dbfdf26951c09f907b46805f10b5a
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000066ed51ed-0062a8958d-f4bef5d-jp2
strict-transport-security: max-age=15768000
cache-control: public, max-age=8296790
date: Tue, 25 Oct 2022 21:36:25 GMT
X-Firefox-Spdy: h2
www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
200 OK 9.3 kB URL HTTP/2 www.line-website.com/social-plugins/js/widget/button.1.17.0.0.js
IP
File type Unicode text, UTF-8 text, with very long lines (31934)
Hash 1aa2fab97e3e6f41d6d58ef636bfa099
0cfcbb77989bc2bf5cf8926764ebc041980fb9a6
42d02ca6a30ea5dab01d024764f14f88461d25ce59b88d3e613f194e27897735
GET /social-plugins/js/widget/button.1.17.0.0.js HTTP/1.1
Host: www.line-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Mon, 25 Apr 2022 03:07:57 GMT
x-rgw-object-type: Normal
etag: "ddbc80bdec4dfa544bda15e3f65c4630"
x-amz-meta-s3cmd-attrs: md5:ddbc80bdec4dfa544bda15e3f65c4630
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000000000004398d491-0062661229-f4bc21a-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=417425
date: Tue, 25 Oct 2022 21:36:25 GMT
content-length: 9315
X-Firefox-Spdy: h2
d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
200 OK 8.7 kB URL HTTP/2 d.line-scdn.net/n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js
IP
File type ASCII text, with very long lines (32963), with no line terminators
Hash 926a122b2f2a293991fe1571de214d8c
c7e0a134f2f04237c10d857937c987fb091cbe57
ec6b37e265ba072b9d9bc1688ab36d0087f06fbc57b0da01117aa5641a01424e
GET /n/_4/torimochi.js/public/v1/release/stable/min/torimochi.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Thu, 29 Sep 2022 07:17:49 GMT
x-amz-version-id: xZvWu8JArbCMKZ8OOfkTun.IgGFFqNt
x-rgw-object-type: Normal
etag: "4a90c1ebfc279548fbca6059d1090c4a"
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000063ab8416-006335471f-feea537-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=29238127
expires: Fri, 29 Sep 2023 07:18:32 GMT
date: Tue, 25 Oct 2022 21:36:25 GMT
content-length: 8672
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 9facd38015a9098ab71c8116131958cd
fba3f55e425c5e33b27479ff0151cfbdc0238901
2f46268d496aee45c5387e1d59e22a6ede1f2e7d421dec8c4382bf605a0ed39f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:36:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 29 Oct 2022 20:08:36 GMT
ETag: "fba3f55e425c5e33b27479ff0151cfbdc0238901"
Last-Modified: Tue, 25 Oct 2022 20:08:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1364
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75fe16741ef70b39-OSL
torimochi.line-apps.com/1/req?cid=56a1687e13071a42&threshold=74&eventType=pageview×tamp=1666733782873&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=56a1687e13071a42&userAttr0=0&sessionId=56a1687ebd0bd993&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1666733782872&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2256a1687e13071a42%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
200 OK 43 B URL HTTP/1.1 torimochi.line-apps.com/1/req?cid=56a1687e13071a42&threshold=74&eventType=pageview×tamp=1666733782873&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=56a1687e13071a42&userAttr0=0&sessionId=56a1687ebd0bd993&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1666733782872&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2256a1687e13071a42%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D
IP
ASN #38631 LINE Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /1/req?cid=56a1687e13071a42&threshold=74&eventType=pageview×tamp=1666733782873&logVersion=1.11.1&productKey=line-social-plugin-real&productVersion=latest&url=https%3A%2F%2Fsocial-plugins.line.me%2Fwidget%2Fshare%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&host=social-plugins.line.me&path=ver1-share-e&query=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&hash=&referrer=https%3A%2F%2F94ero.com%2F&userId=56a1687e13071a42&userAttr0=0&sessionId=56a1687ebd0bd993&sessionPath=%2Fwidget%2Fshare&sessionQuery=%3Furl%3Dhttps%253A%252F%252F94ero.com%252Fline%252F662195%26buttonType%3Dshare-e%26lang%3Dzh_Hant%26type%3Dshare%26id%3D0%26origin%3Dhttps%253A%252F%252F94ero.com%252Fvideos%252F662195%26title%3D94ERO%2520%25E6%2584%259B%25E6%2583%25B3%25E3%2581%25AE%25E3%2581%2584%25E3%2581%2584%25E5%25B7%25A8%25E4%25B9%25B3%25E7%25BE%258E%25E5%25A5%25B3%25E3%2581%25AB%25E4%25B8%25AD%25E5%2587%25BA%25E3%2581%2597-%26env%3DREAL&sessionParams=%7B%7D&sessionTime=1666733782872&sessionDuration=0&touchX=0&touchY=0&scrollX=0&scrollY=0&windowX=0&windowY=0&targets=%5B%5D&content=%7B%22pageview%22%3A%7B%22title%22%3A%22%22%2C%22from%22%3A%22%22%2C%22to%22%3A%22ver1-share-e%22%7D%2C%22extend%22%3A%7B%7D%2C%22aside%22%3A%7B%22dnt%22%3A%22unspecified%22%2C%22safemode%22%3Afalse%2C%22exceptionCount%22%3A0%2C%22cachedId%22%3A%2256a1687e13071a42%22%2C%22isLiffClient%22%3Afalse%2C%22liffId%22%3Anull%2C%22waitFor%22%3Anull%7D%2C%22libra%22%3A%7B%7D%2C%22tid%22%3Anull%7D HTTP/1.1
Host: torimochi.line-apps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://social-plugins.line.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 21:36:26 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 0 B IP
ASN #20940 Akamai International B.V.
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9680
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:36:21 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5aedbee36e14236099d0cc1f86bd4632
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 25 Oct 2022 21:36:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofoCOPD3v3jJFjOl9UjVvHiPjqokKagEav4JY4H1cjZ2uz6oKUzp8Z0YOdhUPD79FrjwnKnxnEjjwd501uAAeGE5w%2FM1wp0Zj%2Fq1XDPuvU2t3PuKKBvaOHLBNwriX%2BGFRHQG8zQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe16584b05887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
200 OK 0 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP
ASN #136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 25 Oct 2022 21:36:21 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Sep 2022 12:09:45 GMT
etag: "6332e809-134"
cache-control: max-age=86400
content-encoding: br
age: 46084
accept-ranges: bytes
tracecode: 16621595500366317578102511
ohc-cache-hit: gz3un53 [2], zhuzuncache64 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f711520b34fda%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff2148365d26503a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
200 OK 0 B URL HTTP/2 www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f711520b34fda%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff2148365d26503a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true
IP
GET /v2.11/plugins/page.php?adapt_container_width=true&app_id=223861634430782&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f711520b34fda%26domain%3D94ero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F94ero.com%252Ff2148365d26503a%26relation%3Dparent.parent&container_width=855&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fav.jgirl%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 2OQU/axWOGrNelqPD6j4MN+zZYvmcDzB2kERMd7WiNXUOcQw/GQbQziKa8DJIykeD/1I9NLMZYs28Ciy7g1r7Q==
date: Tue, 25 Oct 2022 21:36:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks
IP
GET /jp.php?c=3464y223u254u4q2o2e4536424&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 25 Oct 2022 21:27:14 GMT
expires: Tue, 25 Oct 2022 21:42:14 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: by0nGfQciaYCZ93gzqX1HD0l7UW1XyU5FY04g-1omWouftuJ8sbtzw==
age: 546
X-Firefox-Spdy: h2
js.juicyads.com/jam_min.js
200 OK 0 B URL HTTP/2 js.juicyads.com/jam_min.js
IP
GET /jam_min.js HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 23 Dec 2019 18:28:44 GMT
server: nginx
content-encoding: gzip
date: Tue, 25 Oct 2022 05:38:17 GMT
etag: W/"5e01075c-5394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TMMhetBhzl81uoSC6Stq2XXDSxxpFb2ufb7M7Nr3YtDhAAjCZA2Qzw==
age: 57483
X-Firefox-Spdy: h2
104.21.16.154
34.117.237.239
104.17.24.14
157.240.221.16
23.38.201.100
103.235.46.40
18.193.142.27
147.92.191.144
185.94.236.247
58.254.150.48
192.99.8.34
46.105.201.240