firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 09:14:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IBkV2-uPic0QrLUo6HmefoOLu5kGbI7pZsDm6XFJ8dOXj78eAq4vKg==
Age: 681
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7834
Expires: Tue, 13 Sep 2022 11:36:04 GMT
Date: Tue, 13 Sep 2022 09:25:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uUiDuotMqJzLuUjRcxe8LIqF9YZAXDcCRe9LUXsEo-EZpuEjqN1QnA==
age: 17416
X-Firefox-Spdy: h2
allfree4gvv.xyz/6130579738351653
172.67.158.135200 OK 2.3 kB URL HTTP/1.1 allfree4gvv.xyz/6130579738351653
IP 172.67.158.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 6be58c3a1d7284fe3869938de0892193
bef416939a91624c5bbd6e094f832337c481dab9
ba880f9b4b7c342962bccd169f04f1397456fa503301e942b87cf2a7858c95ea
Analyzer Verdict Alert fortinet Phishing
GET /6130579738351653 HTTP/1.1
Host: allfree4gvv.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: pid=6130579738351653; expires=Fri, 16-Sep-2022 09:25:30 GMT; Max-Age=259200; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff3q%2FX8R7qtYLpRf%2Fr73HBeqrkRonvwmN%2FWB2tt%2BTsof4j%2BDqpqxX2ho92f%2ByL%2FhGHtbrDTcc2iZm7vHN3XBJPKO6CNT5snJ8wQxWghyEfEhHpSCMc2uGRGDri5gxTVB0qQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd601a9bdb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:25:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33434
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Sep 2022 06:07:09 GMT
Expires: Wed, 13 Sep 2023 06:07:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 11901
mydatash.xyz/js/bootstrap.min.js?1663061130&_=1663061118227
172.67.143.130200 OK 18 kB URL HTTP/1.1 mydatash.xyz/js/bootstrap.min.js?1663061130&_=1663061118227
IP 172.67.143.130:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118227 HTTP/1.1
Host: mydatash.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK7kzCSzloTxAVUEUleG75KRJqsUfiX4%2BmaL8iFx%2Fag1POepUEUOhfhRII%2BCbFZ0%2BYH6CRUEMGI4kXsMh6QVATSCBggGEGfuxO9oE1mnLPfV8xJYWxDbt%2FK82IkKr6A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6059f4fb524-OSL
alt-svc: h2=":443"; ma=60
your4gsm.xyz/js/bootstrap.min.js?1663061130&_=1663061118229
188.114.96.1200 OK 18 kB URL HTTP/1.1 your4gsm.xyz/js/bootstrap.min.js?1663061130&_=1663061118229
IP 188.114.96.1:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118229 HTTP/1.1
Host: your4gsm.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BDzkOrRAhGjHY3tD%2BkjSc%2FrlbiB4QBSvYgQ9MUkH%2FK1rT9HSzCAtkefMJgvFVti0OP%2FqyVclYG0JDUARWJMxjCMdQHFltowc%2B266w4DqL5Gm7Q0XF81L1rZQi24Qbo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605b9c70b31-OSL
alt-svc: h2=":443"; ma=60
freemo4gur.xyz/js/bootstrap.min.js?1663061130&_=1663061118230
104.21.63.125200 OK 18 kB URL HTTP/1.1 freemo4gur.xyz/js/bootstrap.min.js?1663061130&_=1663061118230
IP 104.21.63.125:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118230 HTTP/1.1
Host: freemo4gur.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FaD2mM8aLesj0Zd%2BZQLn%2F%2B4iVti8%2FvwsPfOA7ueWijA2yFP9uKm4zM1rv43oPk2w%2Fe5Nd9v4qteeMvrncSNDU3GTKKBSs7DxrqQ8Dh3PWSEz7tFbo7eHehcj1k122H09g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605be5ab4fd-OSL
alt-svc: h2=":443"; ma=60
myfreeqs.xyz/js/bootstrap.min.js?1663061130&_=1663061118226
172.67.170.134200 OK 18 kB URL HTTP/1.1 myfreeqs.xyz/js/bootstrap.min.js?1663061130&_=1663061118226
IP 172.67.170.134:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118226 HTTP/1.1
Host: myfreeqs.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxxZqphMjYUhgYtUb2NaPh7fAugoSgEu6lItNAu7NHwKsiDOnBBqu60SntfPbTu4roZFg7hVQ96vSc5mAF0l5y0J54TMe7nFyKf9mcFCwbnZEVOz5%2FGY%2FQVULGgUW%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6059880b515-OSL
alt-svc: h2=":443"; ma=60
mdatagu.xyz/js/bootstrap.min.js?1663061130&_=1663061118231
104.21.27.56200 OK 18 kB URL HTTP/1.1 mdatagu.xyz/js/bootstrap.min.js?1663061130&_=1663061118231
IP 104.21.27.56:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118231 HTTP/1.1
Host: mdatagu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJyTCEghoI1VWq7vgPOslxfybuFno7j9c%2FO6X6SaXkvHwMwK%2Bl1IpHF9nAl8SVoQfNWs%2FyALeMYVtq6I8W%2FuU40a4e%2By16KLcTSuebJ8ZGe2HubdOrrYf9lvrBMrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605bcf0b52d-OSL
alt-svc: h2=":443"; ma=60
soclaieka.xyz/js/bootstrap.min.js?1663061130&_=1663061118232
104.21.34.218200 OK 18 kB URL HTTP/1.1 soclaieka.xyz/js/bootstrap.min.js?1663061130&_=1663061118232
IP 104.21.34.218:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118232 HTTP/1.1
Host: soclaieka.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rXmBYApEh5RYuT7327XY3w3cvMtxuGEDqytI%2Fbsfd1lo59tnHkzkpaB%2BvFUYoDRlU5HttMzV9Vf%2FzWsz4YoA0dzuJ%2ByIO2hEtE6lkqZJrWY1qzvDcHTU6jjQeZyhG3E"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605b92d1bfa-OSL
alt-svc: h2=":443"; ma=60
your4gvf.xyz/js/bootstrap.min.js?1663061130&_=1663061118233
104.21.53.60200 OK 18 kB URL HTTP/1.1 your4gvf.xyz/js/bootstrap.min.js?1663061130&_=1663061118233
IP 104.21.53.60:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
GET /js/bootstrap.min.js?1663061130&_=1663061118233 HTTP/1.1
Host: your4gvf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO1KxIwjPdqROWHhIQL%2BKgQ%2BlyNmN4bBrtlNgzANZ%2B%2F3UigRsfSmw1krQyXhA0M0N1PF8h4kgJPGnVQuTlzXvswP85NDqk3jFlgagHWfN7%2F1usRgKWan02C4FtLNaNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605bb6bb509-OSL
alt-svc: h2=":443"; ma=60
youtuber.run/js/bootstrap.min.js?1663061130&_=1663061118228
172.67.201.93200 OK 18 kB URL HTTP/1.1 youtuber.run/js/bootstrap.min.js?1663061130&_=1663061118228
IP 172.67.201.93:0
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/bootstrap.min.js?1663061130&_=1663061118228 HTTP/1.1
Host: youtuber.run
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHdYHwMciIyRo5E5gb2RZxJArd9ExyfA7PocRrnvuJvQd3AU%2Fcb68vLk8HIMoHxo7k1Hg%2FdX1Hy5O2rzeFrzZZbJU8t4%2B2HMFiOMZ1VdN03W%2FR1q6bE45bRnVrVFGw4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd605cd86b4f9-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 09:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WKiX_588gMug2TLrtlQpta33P5g-hUU1UNIulfYKrjlhm9ysVlJTyQ==
Age: 1329
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1126
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:32 GMT
Last-Modified: Tue, 13 Sep 2022 09:06:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
allfree4gcl.xyz/js/bootstrap.min.js?1663061130&_=1663061118258
104.21.22.28200 OK 48 kB URL HTTP/1.1 allfree4gcl.xyz/js/bootstrap.min.js?1663061130&_=1663061118258
IP 104.21.22.28:0
Hash 4ccc069c9b8995dffb6490183b851ae4
dc6816c5ed9a8992a36ffc91446b45ee7afbbc39
eefb083587b5216b5c848eb6df86ecddfdd485452e61c5a7eb73e5bc4e3ced65
GET /js/bootstrap.min.js?1663061130&_=1663061118258 HTTP/1.1
Host: allfree4gcl.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLJ2oFm7CiWpfPkOv4JfjFjbVARpqkJ5uOh4i6GdIvODULcTAS8V4sO%2Fcgn4XlNroC0V3MU9kgkvHQDVE4pK%2F9lYwcEZoNIWef9sM1frDwGbZpoz4n4n18mGyp7s1e3eZ4k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6068a73b50f-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bc61e1d5292ba27bb66da1f0a8d32496
918b5448bba6f6e2541e014d48ba9c3fe5f3db06
cfb29973089da1310059ca77d3952e05d3bfa191aaa33f8e5ec1da0f6bac16a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFB29973089DA1310059CA77D3952E05D3BFA191AAA33F8E5EC1DA0F6BAC16A2"
Last-Modified: Sun, 11 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10836
Expires: Tue, 13 Sep 2022 12:26:08 GMT
Date: Tue, 13 Sep 2022 09:25:32 GMT
Connection: keep-alive
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0w3SZDBOGYluuGFHYsJpcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MZrZodYN6w4rze7FDSFhatZnjxw=
ulogin.ru/js/ulogin.js
95.163.118.168200 OK 19 kB IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (580)
Hash 6a074d53d3b64e162d7ec81e02741063
f02f901d60a11ee233efbe84c632fa96fedb9b7c
418375562bf96c82ec41d7f3f3af6f8930e66f9748a65146cd1d68781225e612
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:25:34 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 10 Aug 2021 18:41:38 GMT
Set-Cookie: ulogin_token=uea36d6f680d438a7221dd3b325495eb9; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Fri, 16 Sep 2022 09:25:34 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
ulogin.ru/stats.html?r=65098&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1205&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=65098&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1205&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=65098&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1205&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:25:35 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/stats.html?r=99045&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1206&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=99045&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1206&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=99045&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1206&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:25:35 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
95.163.118.168200 OK 7.0 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (19804)
Hash 489ab3ceae080380a204ec274fb6debc
4759776b7953b70ecb269125ad0d945a7836b884
4840a22f680156aa6f5d95be69dcb71962c27747b6dfae8f7946f90d6387932f
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=65098&type=panel&xdm_e=https%3A%2F%2Fmydatash.xyz&xdm_c=default1205&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:25:35 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Fri, 16 Sep 2022 09:25:35 GMT
Cache-Control: max-age=259200, public
all4ghd.xyz/js/bootstrap.min.js?1663061130&_=1663061118254
172.67.165.224200 OK 18 kB URL HTTP/1.1 all4ghd.xyz/js/bootstrap.min.js?1663061130&_=1663061118254
IP 172.67.165.224:0
Hash f34f1facc021cdead0956137be595385
4e4f6f825bbd9d5118a9d91a3d744044746cdc9d
4dfe1a21402d046e343ed80a658f400f6017423e0835f2f9435184c8aae1f0c8
GET /js/bootstrap.min.js?1663061130&_=1663061118254 HTTP/1.1
Host: all4ghd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvHx%2FHzRcMVX3xXZOXsa3LlWqPIMemgmHGzY8jS%2FaC3tlldDOyFXQz4bbxup%2FxsWIDvykfLnWWxKwkKKw8X3x57eV1oAs2CSfacxYc4Wcur%2FsR5pS8pKmkKP15A5aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6067f910af6-OSL
alt-svc: h2=":443"; ma=60
img.youtube.com/vi/B43AHlEJhBs/hqdefault.jpg
216.58.211.14200 OK 23 kB URL HTTP/2 img.youtube.com/vi/B43AHlEJhBs/hqdefault.jpg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 91ac1a2ef4dd22f84d886ee9e378e851
fa455785ad602746f8b9c15b1328f71a38f085f8
7c35d03b60803e15580a5643fb89ca922ef3061aa0c91bbd5cf8a2c21d50c83f
GET /vi/B43AHlEJhBs/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23158
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1627824686"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/OaJPwh5eoDw/hqdefault.jpg
216.58.211.14200 OK 38 kB URL HTTP/2 img.youtube.com/vi/OaJPwh5eoDw/hqdefault.jpg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8884c2a438b5d969fbe4e069c861a9cd
f836fbf3ceb1ac831832d5bbae0965ca9aa937fc
9c6661133c54dd40ee6077ab85cccf36ca7d39660f57b12fd2714d257dcdde64
GET /vi/OaJPwh5eoDw/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 37772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1629368785"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/DqGbUIfFWVg/hqdefault.jpg
216.58.211.14200 OK 65 kB URL HTTP/2 img.youtube.com/vi/DqGbUIfFWVg/hqdefault.jpg
IP 216.58.211.14:0
Hash 30f26457ba3a216151f5838138404269
f324aa6e8277cf736ab15e2ad084a7381e710ef0
d300833ca8e6e2e451cc4083db92bba3d05442721fc4486823f49f205558841c
GET /vi/DqGbUIfFWVg/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 37356
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1612007128"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.58.211.14200 OK 32 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.211.14:0
Hash bd2ff6399f703b6e6aa748a5e1792388
d8390906384780e99a096f90e4e28ae37b55ccca
7be92ca71c26a27a2117d71355d41232418ba72359bcac3aa9a2b1a77a536e5c
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 08:29:41 GMT
expires: Tue, 13 Sep 2022 10:29:41 GMT
cache-control: public, max-age=7200
age: 3352
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 3.5 kB IP 142.250.74.3:0
Hash 1071f42019d18ec502ec08d0e05601bb
b3176e5a39a2f72f2f67d58de8d707b92e62ce91
38a1bc0556d5309a6ee3ec2299ede94d57f06fdce4b56ca32f5935f836ac40f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 974 B IP 142.250.74.3:0
Hash 3c626a38096efa8300e9fc0f458fcdc4
8c5267d3c7b43a2684df1a967e08b83723e50014
64d732c30fd342b225bbe89bed27133c75d06d2429b2dad306b7b2855273565a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/mBx-YN1yw_A/hqdefault.jpg
216.58.211.14200 OK 29 kB URL HTTP/2 img.youtube.com/vi/mBx-YN1yw_A/hqdefault.jpg
IP 216.58.211.14:0
Hash 62a4cfe6e15e755d7b33513222b6bca4
041bff0a86865d695b73a93f6cfb65ec9c2a3870
1acc0e3ad4d30270ec38790b89a591dc7dd1244ab391fbc95b8f0abb6eb3030e
GET /vi/mBx-YN1yw_A/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 28737
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1516555722"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/S4Bu3qQvYwA/hqdefault.jpg
216.58.211.14200 OK 35 kB URL HTTP/2 img.youtube.com/vi/S4Bu3qQvYwA/hqdefault.jpg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8e93884f88d4f9956c271acf3ca0bfe7
a94a9e730056e554ecddee3bb5213c2b09c10300
7856ad583a021a013929ccba0aaf2c14ed8cb34f599752f0195713beed0bf437
GET /vi/S4Bu3qQvYwA/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35277
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1630033589"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6082
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:25:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 985 B IP 142.250.74.3:0
Hash 183e96337c59dcecc43db93a8f771c8e
19787376b7b9fdff285c3544bb3b9e4f823ac279
91a77427f0f28083168446b2b8be7010f0eadcbf1ebf977bc80505d3fee2a543
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/Fvs3dNeD1_Y/hqdefault.jpg
216.58.211.14200 OK 45 kB URL HTTP/2 img.youtube.com/vi/Fvs3dNeD1_Y/hqdefault.jpg
IP 216.58.211.14:0
Hash 5f641209aba71246e9f1c1eb2d954ccf
8b272d6155f6ff79c88bd114b9c3efd4059162f1
12dd605dfb718a622787a58fef31b45d12c1d7beb37fe7cb745c0792fc67fde4
GET /vi/Fvs3dNeD1_Y/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 42360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1629837502"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b9c6d44f93a72d6c03ebcfadda1a48a
f6100190de6244ae74b6c1250b997749a381ed89
4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 8335006d-add1-4ab7-9930-e2304a6d1de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQn93FGxIAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ced25-067cb6e120bd359b719bb421;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 20:01:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1L31YAxvPdmy1k0o-p11NcSM6ujk8NNaii936rsRrI9XoAxYF7CjIg==
via: 1.1 04e6cfc6f03b8f5e6f5459aacc86b372.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:11 GMT
age: 41242
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.youtube.com/vi/eRPGLi91ong/hqdefault.jpg
216.58.211.14200 OK 28 kB URL HTTP/2 img.youtube.com/vi/eRPGLi91ong/hqdefault.jpg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 53ce20e91f54524cc77e3f26d22e794e
a5a2de7dc6c17c3d7cce53a4c139054c836093f9
ba04d44365403515dc898b38b7c21436a42eb3bad2b72c7cfb4fa01ccb36ea67
GET /vi/eRPGLi91ong/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 28127
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:25:33 GMT
expires: Tue, 13 Sep 2022 11:25:33 GMT
cache-control: public, max-age=7200
etag: "1628396802"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/d0wV9EC3t14/hqdefault.jpg
216.58.211.14200 OK 43 kB URL HTTP/2 img.youtube.com/vi/d0wV9EC3t14/hqdefault.jpg
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 4612615743339281a36e66dbb69d5b4d
c1a054319320c3b178766482e8e0b749b5de5e33
427cb3c215f9c325f20ce3e384e668d94ec00e49591ff83a9f61a1c67863dbc7
GET /vi/d0wV9EC3t14/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 42645
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 09:07:07 GMT
expires: Tue, 13 Sep 2022 11:07:07 GMT
cache-control: public, max-age=7200
age: 1106
etag: "1566378308"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
Hash 8932299a9c4c25cfdd53fecd8aa6bc99
b216c2d611fb71a2ee6afcf518521245aaff9e11
7d0cdf425e2b146be345cdb77972f003fc4ff2b96bd02bee2d15fe7f2100640a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 41026
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6082
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:25:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 167378beef2e1b0dafefbdc6210752c2
afbdff67a5647b04de65499da7d2d00cc21eb808
1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Last-Modified: Tue, 13 Sep 2022 07:39:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
counter.yadro.ru/hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D99045%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1206%26xdm_p%3D1;0.8746385374441833
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D99045%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1206%26xdm_p%3D1;0.8746385374441833
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D99045%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1206%26xdm_p%3D1;0.8746385374441833 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 13 Sep 2022 09:25:33 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Sun, 12 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D65098%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1205%26xdm_p%3D1;0.29520344598297166
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D65098%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1205%26xdm_p%3D1;0.29520344598297166
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//mydatash.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D65098%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fmydatash.xyz%26xdm_c%3Ddefault1205%26xdm_p%3D1;0.29520344598297166 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 13 Sep 2022 09:25:33 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Sun, 12 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
IP 34.120.237.76:0
Hash 820633ab4783983b102e2a9c8cdf114a
f67e75951b6846de7f32ba47f7a55c0fbf8d4290
aa03b92989950cbe9685ab028ef47ca08ec118299e4534e93b8933418c8f8356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d1f9060c-585c-4ac8-bc60-2b3a2c80ee65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXb4DGKToAMFfog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa699-3522d608453b1c6374e4a94e;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eDXYc4gzXC8xdyNrP9rMoFU-Kewj4MfKQk0UUJitnTZnutZFtekXaA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:11 GMT
age: 42202
etag: "5955dc0e311eca9988970d55d222bb77a7552fec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15c4bbfd3d31955ae2beb1e47f1fda18
9e08828ce3d8d3170875c017ce70230fb60be657
c7cedd44499cf59595fd01e8ddd3bce3e93a86daeec18a7a0868c445f9ac5d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4810
x-amzn-requestid: 9fd1552d-1306-4164-a187-e8dee3cb7a27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqjEBdoAMFY8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-6c15aad5779bf7d625b2ffd7;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2vrSdQU9eQx35iv0ENwLlT1MX6G4zcnZTkPwy_ysh4VkJorpLjfH6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 41026
etag: "9e08828ce3d8d3170875c017ce70230fb60be657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6082
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:25:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 42195
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 33 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
Hash 7d322a107855136fc1cfbc9500adabe4
64d0acb71d50c79b2a19cf1dca29931129b37335
15c7e1ff6208415391680cc896cfeb11f3d10d180c2769c0224f8310aabf1846
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydatash.xyz
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 81c92c681c2b35c067a0d68a11da2a40
etag: "ed25c3576d796658ecb2047a1cc8eac7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 13 Sep 2022 09:43:42 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: xAq9qRr0ZiZvt9o8mbxQKQ==
x-fb-debug: MGMZzYFYmUHaIG8jXnj6JHyTob+n9YtThZxPvqPfBnZuAeC5177Lsse4bHuSFRrmxxGz58qs3PWx0ZJueGMqKA==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 09:25:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1ea02b5080929d3d963d0f986ebcb823
961d5ac34f083b04f4ec54b57b4e007e07f4b242
1163142e18f6290475a6fb3f40e56484f473ff522fdf59db2c991742fa4dade7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 17 Sep 2022 06:37:47 GMT
ETag: "961d5ac34f083b04f4ec54b57b4e007e07f4b242"
Last-Modified: Tue, 13 Sep 2022 06:37:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1347
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749fd6140fc1b517-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 36814
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 7bdae3c9f972b6a46b343bfcba478b77
fb2fb25ce8df61c78e9d3a028479d445f771bf42
0b2fc7ef7a337cacbb125b888dace1218a9474a4eb004a085ab48b90b3e04aca
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:33 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 17 Sep 2022 06:39:37 GMT
ETag: "fb2fb25ce8df61c78e9d3a028479d445f771bf42"
Last-Modified: Tue, 13 Sep 2022 06:39:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749fd614086f1c06-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 167378beef2e1b0dafefbdc6210752c2
afbdff67a5647b04de65499da7d2d00cc21eb808
1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:25:33 GMT
Last-Modified: Tue, 13 Sep 2022 07:39:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=cca5895cdac159ab6f9e33009469e4ff
157.240.200.14200 OK 86 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=cca5895cdac159ab6f9e33009469e4ff
IP 157.240.200.14:0
File type ASCII text, with very long lines (13122)
Hash 69b42f328e01e5f6b62d614d53f594db
22221bb103dd46956d58dec911f25913fe8e1474
f8fd59f00acaee22fe68ec23befa4e85f5c7412bdd1195ac5aea04788d6e77fc
GET /en_US/sdk.js?hash=cca5895cdac159ab6f9e33009469e4ff HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydatash.xyz
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4c922da384be584945365e2fa20a8823
etag: "35ac7a03be16646927547a0523f01154"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Sep 2023 08:33:26 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: abQvMo4B5fa2LWFNU/WU2w==
x-fb-debug: I0tBah7uFkQBOsxLjAsfdIN3KJg+Jxaqv+ceiv9kaJtHVrdH7DDVdAL05iD7WNrY++eXmMN/Pp7aMG9v81qaNA==
content-length: 86518
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 09:25:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 1d55754e516a64479901a61dc8a0d136
7c47529b53f613bb2ffac7a32530e8fd594c194b
b4e7cd831347d3faeebe62c6e8595fc01804895f0bb5e30a5ceae7b400318649
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57251
date: Tue, 13 Sep 2022 09:25:33 GMT
access-control-allow-origin: *
etag: "631f3e5d-dfa3"
expires: Tue, 13 Sep 2022 10:25:33 GMT
last-modified: Mon, 12 Sep 2022 17:12:45 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 13 Sep 2022 09:25:33 GMT
access-control-allow-origin: *
etag: "631f3e5d-2b"
expires: Tue, 13 Sep 2022 10:25:33 GMT
accept-ranges: bytes
last-modified: Mon, 12 Sep 2022 17:12:45 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash f2735fa23ddedd0eaed6e4b5a70ee2c8
03ac06a090ebf9eb17960459ac32295d0f4c4500
7f85f47cb03815a4b5a4fb9093e0a968f48f5a1cad31dbd638e0fbace2958957
GET /watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydatash.xyz
Referer: https://mydatash.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Tue, 13 Sep 2022 09:25:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://mydatash.xyz
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 09:25:34 GMT
last-modified: Tue, 13-Sep-2022 09:25:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (631)
Hash 78b147afd742d6b3f36be4cbf6e92866
2d1c26a3d92f09f8c58b9d6fb67201bf004a9db8
49e8f93d23714b3cf9d48c53b87ddccfa8793641c9bba0ab3916ffb9e92bf573
GET /hm.js?ca39fa08836e125f6ea13e25b34bd166 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11344
Content-Type: application/javascript
Date: Tue, 13 Sep 2022 09:25:33 GMT
Etag: f2f3afc6b3fca101d41256da71c22bea
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0EBDDDE33FB62A1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1545103228&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Fallfree4gvv.xyz%2F&v=1.2.97&lv=1&sn=44962&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&tt=Paid%20video%20viewing
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1545103228&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Fallfree4gvv.xyz%2F&v=1.2.97&lv=1&sn=44962&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&tt=Paid%20video%20viewing
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1545103228&si=ca39fa08836e125f6ea13e25b34bd166&su=http%3A%2F%2Fallfree4gvv.xyz%2F&v=1.2.97&lv=1&sn=44962&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&tt=Paid%20video%20viewing HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:25:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DEBB2DADF54E48D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
freemo4gix.xyz/js/bootstrap.min.js?1663061130&_=1663061118261
172.67.163.51200 OK 0 B URL HTTP/1.1 freemo4gix.xyz/js/bootstrap.min.js?1663061130&_=1663061118261
IP 172.67.163.51:0
GET /js/bootstrap.min.js?1663061130&_=1663061118261 HTTP/1.1
Host: freemo4gix.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id%2Bq6DAwn38ZmXHoB88AzeWrQN6GmJbOUSg0aScbA0WaVfih0epY36kOj7aD9Q4O5H4qR9cBkLR9IjmiZml8Wc24WCEx65mpzQmwTnIyRxmxjf9io%2B6dZ0N59PHZtOZdoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd606bd3f0b02-OSL
alt-svc: h2=":443"; ma=60
allfree4gde.xyz/js/bootstrap.min.js?1663061130&_=1663061118265
104.21.30.231200 OK 0 B URL HTTP/1.1 allfree4gde.xyz/js/bootstrap.min.js?1663061130&_=1663061118265
IP 104.21.30.231:0
GET /js/bootstrap.min.js?1663061130&_=1663061118265 HTTP/1.1
Host: allfree4gde.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FQSiOG%2B150Jh%2BsT%2FnopjZfroDbWusvIIhbUA1dWjZlN%2FcfaiDP0G19QjXgtsTOTja7P9ooZkKxPNdksOtjIMbhtaee95wYdRvBNZfq1%2BWDGFq5JssBeuVApzL8guEwTAio%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd606b9920b49-OSL
alt-svc: h2=":443"; ma=60
free4gdatahd.xyz/js/bootstrap.min.js?1663061130&_=1663061118263
172.67.154.126200 OK 0 B URL HTTP/1.1 free4gdatahd.xyz/js/bootstrap.min.js?1663061130&_=1663061118263
IP 172.67.154.126:0
GET /js/bootstrap.min.js?1663061130&_=1663061118263 HTTP/1.1
Host: free4gdatahd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eiSWhkkuRlAwIGxxaPsyAsrtMOxIUbSqwN6MZeBse6A6NQsqDlJwWBDA27pFZfII8L9tXksuCk4PtX4zjgmFAr%2BIBzVKRaM5Z%2BB43YzgzR1n%2B%2Few8P7WFh7Kcbh7R4d5nVJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd606bef1b4f9-OSL
alt-svc: h2=":443"; ma=60
my4gxj.xyz/js/bootstrap.min.js?1663061130&_=1663061118256
172.67.212.17200 OK 0 B URL HTTP/1.1 my4gxj.xyz/js/bootstrap.min.js?1663061130&_=1663061118256
IP 172.67.212.17:0
GET /js/bootstrap.min.js?1663061130&_=1663061118256 HTTP/1.1
Host: my4gxj.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BLiQXXYK%2FwBkRECaf3czMip4GEe%2BlrAhkwwGh3F1W0zzrqzcD3%2B1FFMrCIaNfAC%2FCnVOd8SoP9M%2F6uMFgQSnI%2FubDBwI8bGAzzHJ3MrRQLXiolvES%2ByCikAQF9i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6067b731c02-OSL
alt-svc: h2=":443"; ma=60
mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/82412725?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mydatash.xyz
Connection: keep-alive
Referer: https://mydatash.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fmydatash.xyz%2F%3Fcode%3DNjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6%231663061120265&page-ref=http%3A%2F%2Fallfree4gvv.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A734019346810%3Ahid%3A370005957%3Az%3A0%3Ai%3A20220913092520%3Aet%3A1663061121%3Ac%3A1%3Arn%3A609023761%3Arqn%3A1%3Au%3A1663061121821905166%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663061118855%3Aco%3A0%3Ads%3A2%2C22%2C350%2C1%2C1%2C0%2C%2C863%2C9%2C%2C%2C%2C1300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663061121%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 13 Sep 2022 09:25:33 GMT
access-control-allow-origin: https://mydatash.xyz
set-cookie: yandexuid=8959953911663061133; Expires=Wed, 13-Sep-2023 09:25:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8959953911663061133; Expires=Wed, 13-Sep-2023 09:25:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2051968851663061133; Path=/; SameSite=None; Secure
i=vvmVHKL4mkQawrN+1cubQkeWBeks9Yq/GxMBjQ+Gu1OtgSLeFtg04hg/jVoDWW/bNiSbhldGIkhG79ZEflNIrOt0kkw=; Expires=Fri, 10-Sep-2032 09:25:32 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694597133.yrts.1663061133#1694597133.yrtsi.1663061133; Expires=Wed, 13-Sep-2023 09:25:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 09:25:33 GMT
last-modified: Tue, 13-Sep-2022 09:25:33 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
allfree4gju.xyz/js/bootstrap.min.js?1663061130&_=1663061118244
104.21.95.60200 OK 0 B URL HTTP/1.1 allfree4gju.xyz/js/bootstrap.min.js?1663061130&_=1663061118244
IP 104.21.95.60:0
GET /js/bootstrap.min.js?1663061130&_=1663061118244 HTTP/1.1
Host: allfree4gju.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ge1USJLT%2FAOf9ymDaVjraPEhZwPonEKifaH6TFnUH8mLDM4s%2Bo61%2BkDv0vNCweevzEtigmkE3u%2Be%2BBnqgGkZQC4y%2FUETxYIG5fDfVAjiiJd9z2NYctnvmbcuXKKib4kJoxA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6063983fab4-OSL
alt-svc: h2=":443"; ma=60
mdataqx.xyz/js/bootstrap.min.js?1663061130&_=1663061118247
172.67.168.54200 OK 0 B URL HTTP/1.1 mdataqx.xyz/js/bootstrap.min.js?1663061130&_=1663061118247
IP 172.67.168.54:0
GET /js/bootstrap.min.js?1663061130&_=1663061118247 HTTP/1.1
Host: mdataqx.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGRS%2B1ALOchW4HS4wmn%2BpSY5xnGzkWG7idDLNQn%2B%2FOVA61QvcrDFARfBkBU8l3on4WmPPTlKrINqn1aZvG5Tm57JopswBp4OxgYpt3%2BQ18H4gqhxU1JYVl1wlBvvwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6063b00b4f7-OSL
alt-svc: h2=":443"; ma=60
allfree4gyk.xyz/js/bootstrap.min.js?1663061130&_=1663061118241
104.21.37.154200 OK 0 B URL HTTP/1.1 allfree4gyk.xyz/js/bootstrap.min.js?1663061130&_=1663061118241
IP 104.21.37.154:0
GET /js/bootstrap.min.js?1663061130&_=1663061118241 HTTP/1.1
Host: allfree4gyk.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc0GsCsOaHDq1ADAJt7dNFB9TYJwC5TpetHeQd%2FxbqY%2F3XAdMOLPu4%2BEESaP1CeS0j%2FI6AY6XQh%2Bv%2B7%2Bk8dDEfVZVqTXaQsbJsRHSfKHI034HoBkNKoJ0P54I55baNU7%2BVo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6060b84fac8-OSL
alt-svc: h2=":443"; ma=60
newdatalz.xyz/js/bootstrap.min.js?1663061130&_=1663061118236
104.21.76.228200 OK 0 B URL HTTP/1.1 newdatalz.xyz/js/bootstrap.min.js?1663061130&_=1663061118236
IP 104.21.76.228:0
GET /js/bootstrap.min.js?1663061130&_=1663061118236 HTTP/1.1
Host: newdatalz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBM%2F5jL2%2Bw%2BWU%2B6nYbNAP3Dpj%2BTVqLmo8pRQNLa5uC1BgnPhOxvE0tN8DkuWUdJuJOtAFGaG4%2FaNJWvUkPdZ3exLsap5yrJexnsHbO2OlqLHfoyi8yQVgqr4FCc62New"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd606098f1c0e-OSL
alt-svc: h2=":443"; ma=60
allfree4gsm.xyz/js/bootstrap.min.js?1663061130&_=1663061118242
172.67.205.36200 OK 0 B URL HTTP/1.1 allfree4gsm.xyz/js/bootstrap.min.js?1663061130&_=1663061118242
IP 172.67.205.36:0
GET /js/bootstrap.min.js?1663061130&_=1663061118242 HTTP/1.1
Host: allfree4gsm.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oIj9NvjUn6EFMs%2FgkFR%2Bxo0JGd1GtGFcBWyJm3%2BXxfT9XKu1fuA%2FMn38D7Uqit3eTbXhX5CnRl9Lcdhm6HRbD6EG0p3qf28Bdz%2BuQkVt%2FSRZhhkItN51mUWd4CxDjbh5j8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd606191e1bfe-OSL
alt-svc: h2=":443"; ma=60
freedatabg.xyz/js/bootstrap.min.js?1663061130&_=1663061118246
172.67.213.1200 OK 0 B URL HTTP/1.1 freedatabg.xyz/js/bootstrap.min.js?1663061130&_=1663061118246
IP 172.67.213.1:0
GET /js/bootstrap.min.js?1663061130&_=1663061118246 HTTP/1.1
Host: freedatabg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FrNtY9JVOHzmqUnhvU9M053l2eZNcGhXVohIwx5Eb%2F5FiQW83tPrtluhmi6z781fXR2O%2Bw7Kf3AZVB3xBqvUAKjsTDXaNXAya5wSlu2EjIei3gwmqpC1P17Zqj%2B88QOkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd60638d90b65-OSL
alt-svc: h2=":443"; ma=60
mydatash.xyz/?code=NjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6
172.67.143.130200 OK 0 B URL HTTP/2 mydatash.xyz/?code=NjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6
IP 172.67.143.130:0
Analyzer Verdict Alert fortinet Phishing
GET /?code=NjEzMDU3OTczODM1MTY1M3x8YWxsZnJlZTRndnYueHl6 HTTP/1.1
Host: mydatash.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:25:32 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=sbfl86gvsfmc9k76s3kqc2fkrr; path=/
pid=6130579738351653; expires=Fri, 16-Sep-2022 09:25:32 GMT; Max-Age=259200; path=/
dldomain=allfree4gvv.xyz; expires=Fri, 16-Sep-2022 09:25:32 GMT; Max-Age=259200; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Bq8iWNjr27289Te%2Fo7jCOO18DHe39hQgHnIRrsIKco6ZwOziQLlrxY4%2BtMgs7If1F3E6w87Il0ZLqSFR39oqPGW4sx%2FDpFARreh2Obe%2BPvWvfsNNbQhWkM%2F4nDoXaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fd60969fe0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
allfree4gcd.xyz/js/bootstrap.min.js?1663061130&_=1663061118249
104.21.20.228200 OK 0 B URL HTTP/1.1 allfree4gcd.xyz/js/bootstrap.min.js?1663061130&_=1663061118249
IP 104.21.20.228:0
GET /js/bootstrap.min.js?1663061130&_=1663061118249 HTTP/1.1
Host: allfree4gcd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allfree4gvv.xyz/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
Vary: Accept-Encoding
ETag: W/"62ae7992-ea69"
Expires: Tue, 13 Sep 2022 21:25:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9uS2cG1e%2Fu3o3eoI2HPpYjxySCFRa%2BuxIFQrMSYO7smpCG9auSVfbT1xr0GiW79fvZcOvEBagaschedP1vHMPYRBr8SJBAGXheysD2vHoPBBbNRc6%2FovWpcQoM%2Bei3TTCg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749fd6063b3a1c02-OSL
alt-svc: h2=":443"; ma=60