exe.io/LolJ7
172.67.71.40301 Moved Permanently 0 B IP 172.67.71.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /LolJ7 HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 19:59:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 20:59:35 GMT
Location: https://exe.io/LolJ7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90IgLjBUslFw1BOA6%2BUqoAA8cqZ1pOjEHzRY3sc0TWltX6owKhTds5A2OH20EzaQrKdhgPFkVXlUnvaGFj5RrqJQknnRq25npK333lSKHPwOPgETadMmdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7448d3b9685cb50f-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 19:13:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vFOYmOLk5OGPHAFI67Zte1_OaarqrPPrXfVFHj2h-Q2l0RcQ7rDxPg==
Age: 2745
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19868
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 19:59:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FXnkFAhL9ayZKvWyG00qmkOvxl0WftykVvXC8aM_MGwksoODT1Dpyw==
age: 67459
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d192r5l88wrng7.cloudfront.net/?rwlrd=822524
54.230.245.4200 OK 116 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=822524
IP 54.230.245.4:0
File type ASCII text, with very long lines (589)
Size 116 kB (116092 bytes)
Hash f0998d506608f6f4819f0f44c3d6f8a0
da394a136e4fd645bdeca420eb3204a7d01f7fc3
6cee98f5f17e12c0e4071d722dda08daf6314db7ae8fbe5ca08701b3779ae65d
GET /?rwlrd=822524 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116092
date: Fri, 02 Sep 2022 19:36:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hgBKgaKwPCDvXFs6NfYmN_uYHYexcqCZsrO_AtN5sIyv3RnxgadczQ==
age: 1357
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c1de631ae126bf42bce4c439330e4e4
a3190cf23e75146682d01866149b863c27898a71
2117c223d0dbf6e321a4ed124ed30e57c8b7a756b68b291fccac3fb6e1c2cc33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2117C223D0DBF6E321A4ED124ED30E57C8B7A756B68B291FCCAC3FB6E1C2CC33"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2764
Expires: Fri, 02 Sep 2022 20:45:40 GMT
Date: Fri, 02 Sep 2022 19:59:36 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-135952122-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash d1d0b07abe5bc5aa43e91628b079a11b
fb14b27721b877b94d61e681149a449c330d51ce
fcb456c19d2f185ffa3bf483f5c006d469963801a30e3bd1ad57ff2a26f67cef
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 19:59:36 GMT
expires: Fri, 02 Sep 2022 19:59:36 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 18:47:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nh.eugeniecor.com/1clkn/29529
172.255.6.124200 OK 26 B URL HTTP/1.1 nh.eugeniecor.com/1clkn/29529
IP 172.255.6.124:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/29529 HTTP/1.1
Host: nh.eugeniecor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 19:59:36 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 03-Sep-2022 19:59:36 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 03-Sep-2022 19:59:36 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eio.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 349576
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eio.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 19:07:15 GMT
expires: Tue, 29 Aug 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 348741
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 19:38:16 GMT
Expires: Fri, 02 Sep 2022 20:15:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sYAqOKpkZs3bCW7kfXpDIC7s9vaXykiJ6QgvTqYAw1ICnXIaWxtxRg==
Age: 1280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ofghaidarium.xyz/OTcxQTEWCFIyDGMGfxNUV3ViG1xrfmMXa1BuZHBybHB/MWUJfhc1WF0KCXkIDQ4FZ0FQUwxwF0pDUDVESgoAZ1hXUV58F08KAG8CDRkDeR8JEUR8AB9DQSBWBAYXMUVNWwxwBw8FAHUJDgAEcwQJ
104.21.34.91204 No Content 0 B URL HTTP/2 ofghaidarium.xyz/OTcxQTEWCFIyDGMGfxNUV3ViG1xrfmMXa1BuZHBybHB/MWUJfhc1WF0KCXkIDQ4FZ0FQUwxwF0pDUDVESgoAZ1hXUV58F08KAG8CDRkDeR8JEUR8AB9DQSBWBAYXMUVNWwxwBw8FAHUJDgAEcwQJ
IP 104.21.34.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OTcxQTEWCFIyDGMGfxNUV3ViG1xrfmMXa1BuZHBybHB/MWUJfhc1WF0KCXkIDQ4FZ0FQUwxwF0pDUDVESgoAZ1hXUV58F08KAG8CDRkDeR8JEUR8AB9DQSBWBAYXMUVNWwxwBw8FAHUJDgAEcwQJ HTTP/1.1
Host: ofghaidarium.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 19:59:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKqwSdyuTR4JL9HDwBjRWMSq%2Fu3REK9iHtFucBXoUNDNvMeE5udEm3dQJrKOym6TBCxwFaqvrCcym5U453Iu9WP9DGRyM%2FJ2xQg%2Be075Ig4jezIX7u9TtfBwNpHmgisvbh9E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3bf48740b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ofghaidarium.xyz/aDVCQzNHCiEwDjpyNjNmWk07G18QUhotSwlgFRVWC2MMJmo+BWQ3WgwIenEBXQd2ZUMBUX9yFRtBIzdGGwhzZVoGUy1+FR4Ic20AXBtwex1YEzd+Ak5BMiJUVQRkM0ccWX9yBV4Hc3cLXwJ3cQFQ
104.21.34.91204 No Content 0 B URL HTTP/2 ofghaidarium.xyz/aDVCQzNHCiEwDjpyNjNmWk07G18QUhotSwlgFRVWC2MMJmo+BWQ3WgwIenEBXQd2ZUMBUX9yFRtBIzdGGwhzZVoGUy1+FR4Ic20AXBtwex1YEzd+Ak5BMiJUVQRkM0ccWX9yBV4Hc3cLXwJ3cQFQ
IP 104.21.34.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aDVCQzNHCiEwDjpyNjNmWk07G18QUhotSwlgFRVWC2MMJmo+BWQ3WgwIenEBXQd2ZUMBUX9yFRtBIzdGGwhzZVoGUy1+FR4Ic20AXBtwex1YEzd+Ak5BMiJUVQRkM0ccWX9yBV4Hc3cLXwJ3cQFQ HTTP/1.1
Host: ofghaidarium.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 19:59:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxX%2FtPd7AQxR5kGX7Pbd7YknC%2BC3tW9OpjDI2xUBP1gKVJQnQXnY%2BZgc3qHiPfxBp%2F28RKse3145LbpxMkfYfibkyvzWKlYBs6%2FW90su14BZ7cctO45lLXeRQzzkxyFsOcXE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3bf48720b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ofghaidarium.xyz/eVVtY1JWag4Qbys+HQ4GS2waBhQzZjUNa08AJRcLGg0dNTQ/DEsXOx1oVVdhS2NcRSIQMVBSal8mGQImDCZQUnQQOwsMb18jUFJ8SXtcTWBfIFBSdA0lDARvSHMdFyYVaFxVZEtkWVtlTmBfVWE
104.21.34.91204 No Content 0 B URL HTTP/2 ofghaidarium.xyz/eVVtY1JWag4Qbys+HQ4GS2waBhQzZjUNa08AJRcLGg0dNTQ/DEsXOx1oVVdhS2NcRSIQMVBSal8mGQImDCZQUnQQOwsMb18jUFJ8SXtcTWBfIFBSdA0lDARvSHMdFyYVaFxVZEtkWVtlTmBfVWE
IP 104.21.34.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eVVtY1JWag4Qbys+HQ4GS2waBhQzZjUNa08AJRcLGg0dNTQ/DEsXOx1oVVdhS2NcRSIQMVBSal8mGQImDCZQUnQQOwsMb18jUFJ8SXtcTWBfIFBSdA0lDARvSHMdFyYVaFxVZEtkWVtlTmBfVWE HTTP/1.1
Host: ofghaidarium.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 19:59:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ufl6IHNA4q0%2F46Kaa5Otb%2Bb51bgAYr7rr1fGywhobT6QCZaKLyqWdDCUO6GWl6EHkvLrJ%2BsfRaY24xm1ZYljiHI3wSn0jLz%2Fs9uBM3eLHHfur9ddnxHYxsgitqgUvZ1vSq%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3bf78aa0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yresumeform.autos/Y1JvYWECMAwMXgJvDUcUET5SRFMld10nBVJrXRNUD2pXFhMNNVhPAg89GgUHET0BFU8NNxtEUyU9OAosVgdfBlQvFAxQBRpmHjk2ViUOKSQuCzcZWSgHAFkrCiJKUyMGKD4lIARnOjgyFCMrCVkNHwVURFEQLDk0CB0WUAQBP1tEUyUeOREUBgoYCDk3FF4DDDUcJhgCGzQELAgvOFdXNAohBS8bKjQlCA0NHgM4ESoGNhc2KwhZKSk6CjZTUAwxFyQTBgUbDCILFBsAKS0EIAg4FR0XGQkGESVWJRQqSlMjAT82KiQ0YwACURA+DTYKIBMoNwwCPwACODs1VisNTj1bK1JaKglTJ1czXCwrOjwHEzsEJgUtCy4qNyU0DRsCOC0lCikSAzI+XjE2BytJCxIMPB9cIwQZNywMUTYfLA
65.9.44.68200 OK 1.2 kB URL HTTP/2 yresumeform.autos/Y1JvYWECMAwMXgJvDUcUET5SRFMld10nBVJrXRNUD2pXFhMNNVhPAg89GgUHET0BFU8NNxtEUyU9OAosVgdfBlQvFAxQBRpmHjk2ViUOKSQuCzcZWSgHAFkrCiJKUyMGKD4lIARnOjgyFCMrCVkNHwVURFEQLDk0CB0WUAQBP1tEUyUeOREUBgoYCDk3FF4DDDUcJhgCGzQELAgvOFdXNAohBS8bKjQlCA0NHgM4ESoGNhc2KwhZKSk6CjZTUAwxFyQTBgUbDCILFBsAKS0EIAg4FR0XGQkGESVWJRQqSlMjAT82KiQ0YwACURA+DTYKIBMoNwwCPwACODs1VisNTj1bK1JaKglTJ1czXCwrOjwHEzsEJgUtCy4qNyU0DRsCOC0lCikSAzI+XjE2BytJCxIMPB9cIwQZNywMUTYfLA
IP 65.9.44.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash a94092d772c3d7bf7cb7abdc4c07d077
d3a90d2f3f308a22db83d2bf1f309c0a58be7a8d
95a8636d0cee5fc34336ab8c8fed43a9d2f436acca35487c4708b0057bcdac41
GET /Y1JvYWECMAwMXgJvDUcUET5SRFMld10nBVJrXRNUD2pXFhMNNVhPAg89GgUHET0BFU8NNxtEUyU9OAosVgdfBlQvFAxQBRpmHjk2ViUOKSQuCzcZWSgHAFkrCiJKUyMGKD4lIARnOjgyFCMrCVkNHwVURFEQLDk0CB0WUAQBP1tEUyUeOREUBgoYCDk3FF4DDDUcJhgCGzQELAgvOFdXNAohBS8bKjQlCA0NHgM4ESoGNhc2KwhZKSk6CjZTUAwxFyQTBgUbDCILFBsAKS0EIAg4FR0XGQkGESVWJRQqSlMjAT82KiQ0YwACURA+DTYKIBMoNwwCPwACODs1VisNTj1bK1JaKglTJ1czXCwrOjwHEzsEJgUtCy4qNyU0DRsCOC0lCikSAzI+XjE2BytJCxIMPB9cIwQZNywMUTYfLA HTTP/1.1
Host: yresumeform.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1170
date: Fri, 02 Sep 2022 19:59:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a30105057fbcc8761b99df13f333a9ea.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: LzMgLmdgcnQ3zJmtKO9ZuBX-eWhJwxVfnqSY5Os9O6-jhSH7bpPLBA==
X-Firefox-Spdy: h2
yresumeform.autos/ZFV1dXIFNxYYTQVoF1MHFjlIUEAicEczFlVsRwdHCG1NAgAKMkJbEQg6ABEUFjobAVwKMAFQQCI2Fxg0MTQgODwgPxolFCY6PDg0NmIiGTgJDUY/OycsFjI+NmAWOwghITsPGTIWHBZCIDwvJTwcBDMUJAg5NBIzUhEbQDsmERo+FAhsPTsjVD0gRCQdHTY/JiARBiE5Axw7OyccLT4zIFICIi8RMQ0CJxEIbDAvCxA4LTM3UBQ2RRAjDTMXERwPLywYPmQiHiAKHkcvETEGLBMoCGUSFyRdIS0eGhwCRjg4JhEWNj4hISEwHhAvLUQ0DwI9OxQ2ElgvKC4EFiE/NW0GMxk2ODlGAj0BRyciKjk7JFQOJhobAlk2LRsrPBQWESgLJw
65.9.44.68200 OK 1.2 kB URL HTTP/2 yresumeform.autos/ZFV1dXIFNxYYTQVoF1MHFjlIUEAicEczFlVsRwdHCG1NAgAKMkJbEQg6ABEUFjobAVwKMAFQQCI2Fxg0MTQgODwgPxolFCY6PDg0NmIiGTgJDUY/OycsFjI+NmAWOwghITsPGTIWHBZCIDwvJTwcBDMUJAg5NBIzUhEbQDsmERo+FAhsPTsjVD0gRCQdHTY/JiARBiE5Axw7OyccLT4zIFICIi8RMQ0CJxEIbDAvCxA4LTM3UBQ2RRAjDTMXERwPLywYPmQiHiAKHkcvETEGLBMoCGUSFyRdIS0eGhwCRjg4JhEWNj4hISEwHhAvLUQ0DwI9OxQ2ElgvKC4EFiE/NW0GMxk2ODlGAj0BRyciKjk7JFQOJhobAlk2LRsrPBQWESgLJw
IP 65.9.44.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2994), with no line terminators
Hash 16bb94d8aeeca2167b755ec21e35b650
91d19460d7e4a4a317dc0c980caefe63738225a9
b52bda68fbd1aa781facb6d5c28a8dc8254d3e5ef80dcef60d78348345bcf980
GET /ZFV1dXIFNxYYTQVoF1MHFjlIUEAicEczFlVsRwdHCG1NAgAKMkJbEQg6ABEUFjobAVwKMAFQQCI2Fxg0MTQgODwgPxolFCY6PDg0NmIiGTgJDUY/OycsFjI+NmAWOwghITsPGTIWHBZCIDwvJTwcBDMUJAg5NBIzUhEbQDsmERo+FAhsPTsjVD0gRCQdHTY/JiARBiE5Axw7OyccLT4zIFICIi8RMQ0CJxEIbDAvCxA4LTM3UBQ2RRAjDTMXERwPLywYPmQiHiAKHkcvETEGLBMoCGUSFyRdIS0eGhwCRjg4JhEWNj4hISEwHhAvLUQ0DwI9OxQ2ElgvKC4EFiE/NW0GMxk2ODlGAj0BRyciKjk7JFQOJhobAlk2LRsrPBQWESgLJw HTTP/1.1
Host: yresumeform.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1156
date: Fri, 02 Sep 2022 19:59:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a30105057fbcc8761b99df13f333a9ea.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: gAqJi59xmZL0gaOZ2HC4-z9DKLWO8noGNXkyFGRj0_5w0SAMsanLcA==
X-Firefox-Spdy: h2
eio.io/LolJ7
172.67.222.198200 OK 51 kB IP 172.67.222.198:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62930)
Hash e4c5b0f4c42d0d67bd0606c269811aab
58e5b546b77455ddb59d6cf24492f21ffe560c75
0a778555d1aea1d37c6881abb3679e87995c6ac6d13d26c652ac695c1e18030d
GET /LolJ7 HTTP/1.1
Host: eio.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:36 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=d177ff7b14154cd481043150fd32952f; path=/; HttpOnly
csrfToken=71970adf403b5521361999c16b3e4337e18c0edb447ea8fcc7b8a59b24a5325a29ee0632ac12c3e863e7ee114df54f09ef5d44ee3619a1486c480e33d19291da; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao%2BPAY%2FVE47jBw4dthWxSJhuMPJJ35QDkWPvN0B%2B56PNB7EYnX%2B5iAJcyDmP%2Btsc5VvDKTKuypC5UFmCOwjjmCBAvVy%2BbbiSkDaZxuZ5TDl0byAClUJjExw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3bcdf19b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
104.17.25.14200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (4741), with no line terminators
Hash 66105838a23d33ffeaff1b46e91493da
5ca20cb4e7995221de8b651b358ec60d0a657adb
06cf1ec54b9a6bf5bddc7baba5a4ed8d2306f40872681a0234b57526eab1643f
GET /ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eio.io
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1309
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-1285"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2593213
expires: Wed, 23 Aug 2023 19:59:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lezmL4gZLtcwtEUsXDO%2FXXDgvxEkMDPg7pWfej6USbOfQgejcTEYcon2b0El2dPqCss2xgDjZxGEdCwarXZFP5JsSUaFgpAICVRMKkRFDyUmteQ3FnmlK8PuHyJ%2FLLHnmOI0ltqf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7448d3c09b8b0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98ca8e3a617a05953c4251a2a21627f0
3272928648b60d4f1848de31c25501b2a9fd0dbe
e6cf23ea291185fb1b2109fe2ee4dc4e2b6879be2e223a201719ad1a6281dc28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6CF23EA291185FB1B2109FE2EE4DC4E2B6879BE2E223A201719AD1A6281DC28"
Last-Modified: Fri, 02 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17806
Expires: Sat, 03 Sep 2022 00:56:23 GMT
Date: Fri, 02 Sep 2022 19:59:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Last-Modified: Fri, 02 Sep 2022 18:31:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
d192r5l88wrng7.cloudfront.net/?rwlrd=822524
54.230.245.4200 OK 116 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=822524
IP 54.230.245.4:0
File type ASCII text, with very long lines (589)
Size 116 kB (116091 bytes)
Hash 511ddd878c99327255fc04af6f97259a
578a0fec607e099f6685cb51f94109967537e8b2
2d802b44a80ba5c46b1148f75c3c3ac4588e382ee0a3208846c89c0dec418574
GET /?rwlrd=822524 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Origin: https://eio.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 116091
date: Fri, 02 Sep 2022 19:37:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://eio.io
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rw4_5dUVGBAKVXBCnaPtsL-oyWWWU4aNbK52IC731Mne-LuTF937tw==
age: 1357
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/oWkM5U0g5LFc1dy4qXW5waHEMYXx8KUo8Jip+ezQDAg5UYSwqDh8nMj5+CXUkOy1ebm4/LVpueXwiXTF1bmVNIycxfkMiLj86UisjNzIfJilnLlYpITYvWHZ6HHYXY21ocxEreWtmChFtaHNVOiYvOxxheCJ7Dwx+bmYKEW1oc0slbWkCAGVmamocYXg9Jl-o4J39xf2F4a3MJYnhrZgtjLjMxXDUnImYLFXFsbQl1PWdy
54.230.245.4200 OK 524 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/oWkM5U0g5LFc1dy4qXW5waHEMYXx8KUo8Jip+ezQDAg5UYSwqDh8nMj5+CXUkOy1ebm4/LVpueXwiXTF1bmVNIycxfkMiLj86UisjNzIfJilnLlYpITYvWHZ6HHYXY21ocxEreWtmChFtaHNVOiYvOxxheCJ7Dwx+bmYKEW1oc0slbWkCAGVmamocYXg9Jl-o4J39xf2F4a3MJYnhrZgtjLjMxXDUnImYLFXFsbQl1PWdy
IP 54.230.245.4:0
File type ASCII text, with very long lines (702), with no line terminators
Hash 0ed802db5e846691dab63e3276947415
5a91245f1b327cc49829c605fd87d25ab3461016
2db174280cf91afc1d1401b48de62dab6cf10d24750cd77c5f51ca908f76cf96
GET /oWkM5U0g5LFc1dy4qXW5waHEMYXx8KUo8Jip+ezQDAg5UYSwqDh8nMj5+CXUkOy1ebm4/LVpueXwiXTF1bmVNIycxfkMiLj86UisjNzIfJilnLlYpITYvWHZ6HHYXY21ocxEreWtmChFtaHNVOiYvOxxheCJ7Dwx+bmYKEW1oc0slbWkCAGVmamocYXg9Jl-o4J39xf2F4a3MJYnhrZgtjLjMxXDUnImYLFXFsbQl1PWdy HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yresumeform.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 524
date: Fri, 02 Sep 2022 19:59:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7mZNwxQ5aqIO87pOoQ6ODmQv0pQk69112w8YnlUpRsFmuvtj4L5TFQ==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/0bks2TkwNJFgocxoiUnN0VnICd3hIIUUhIh52dAV0AzJfKCIYCnxoOBQvC35qAipYKXFILlgtcV9tVyouU38QOjwBIAs0PQguTyU0BSZHaDkPdlshNgcnWi9pXA0DYHxLeQZmNF96E30OS3kGIiUAPk5rfl4zDngTWH8TfQ5LeQY8Okt4d3d6QHsfa35eLF-MtJwFuBAh+XnoGfn1eehN8fAgiRCsqATMTfApXfRh+aht2Bw
54.230.245.4200 OK 604 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/0bks2TkwNJFgocxoiUnN0VnICd3hIIUUhIh52dAV0AzJfKCIYCnxoOBQvC35qAipYKXFILlgtcV9tVyouU38QOjwBIAs0PQguTyU0BSZHaDkPdlshNgcnWi9pXA0DYHxLeQZmNF96E30OS3kGIiUAPk5rfl4zDngTWH8TfQ5LeQY8Okt4d3d6QHsfa35eLF-MtJwFuBAh+XnoGfn1eehN8fAgiRCsqATMTfApXfRh+aht2Bw
IP 54.230.245.4:0
File type ASCII text, with very long lines (875), with no line terminators
Hash 4956c6f3a780a25c97caaa150b5c0ff2
b81e6a02efa81b8bd90f66fe0d5baa5adef01d4e
9595c8cc1531bc7055e10ef3336a85480d5ea43fbc48f97ac2b9602700bdc67d
GET /0bks2TkwNJFgocxoiUnN0VnICd3hIIUUhIh52dAV0AzJfKCIYCnxoOBQvC35qAipYKXFILlgtcV9tVyouU38QOjwBIAs0PQguTyU0BSZHaDkPdlshNgcnWi9pXA0DYHxLeQZmNF96E30OS3kGIiUAPk5rfl4zDngTWH8TfQ5LeQY8Okt4d3d6QHsfa35eLF-MtJwFuBAh+XnoGfn1eehN8fAgiRCsqATMTfApXfRh+aht2Bw HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yresumeform.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 604
date: Fri, 02 Sep 2022 19:59:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZTMeh7aKejskNTLdDFIdp2HrmUQCJWQVVt9KE8l9NnnQK4YoqIOqVg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4903
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Last-Modified: Fri, 02 Sep 2022 18:37:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
d192r5l88wrng7.cloudfront.net/cbmFUaUMNDjoPfBoIMFR7WlJmX3JICycGLR5cNzEtNzkVCic0DiZPNxQFaVllAgA6Dn5IBDoKfl9HNQ0hU1VyHCJTDDsTKgINNUxxKFR6WWZcUXwRcl9EZytmXFE4AC0bGXFbcxZZYjZ1WkRnK2ZcUSYfZl0gbV9tXkhxW3MJBDcCLEtTEltzX1FkWHNfRG-ZZJQcTMQ8sFkRmL3pYT2RPNlNQ
54.230.245.4200 OK 190 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/cbmFUaUMNDjoPfBoIMFR7WlJmX3JICycGLR5cNzEtNzkVCic0DiZPNxQFaVllAgA6Dn5IBDoKfl9HNQ0hU1VyHCJTDDsTKgINNUxxKFR6WWZcUXwRcl9EZytmXFE4AC0bGXFbcxZZYjZ1WkRnK2ZcUSYfZl0gbV9tXkhxW3MJBDcCLEtTEltzX1FkWHNfRG-ZZJQcTMQ8sFkRmL3pYT2RPNlNQ
IP 54.230.245.4:0
File type ASCII text, with no line terminators
Hash 003ce485acd18accae3dfe7df738cf83
740e2433c03268c6ce9ac10cf9e79eb7ebcf4557
f23523eb8c95fc05cd042cbc82c718b9698638edaa7cd89ed8f8e51e71e81d4a
GET /cbmFUaUMNDjoPfBoIMFR7WlJmX3JICycGLR5cNzEtNzkVCic0DiZPNxQFaVllAgA6Dn5IBDoKfl9HNQ0hU1VyHCJTDDsTKgINNUxxKFR6WWZcUXwRcl9EZytmXFE4AC0bGXFbcxZZYjZ1WkRnK2ZcUSYfZl0gbV9tXkhxW3MJBDcCLEtTEltzX1FkWHNfRG-ZZJQcTMQ8sFkRmL3pYT2RPNlNQ HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yresumeform.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Fri, 02 Sep 2022 19:59:37 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LSRU1OYpRoNPZyoMlkpnBlwPJGGpo3AgBB4wlkbX2SUqxLVQvHvHVg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fff3c3423df04184990d63734b355c3c
e9c0a8b02e58d3d2737147aecbb17a993b919d10
aa6fbde260973606437789335994e7c9194cd1a6f4a5268cdf9f72ff71d46347
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
in-page-push.com/400/3230648
139.45.197.15200 OK 32 kB URL HTTP/2 in-page-push.com/400/3230648
IP 139.45.197.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash edc489c578e99525203a101473708574
d0cd73c3ef6986989d09038bc945c48cb3107306
2c6a6f8dcccd5553c26c3d20f2a88d6be956f52e91569936e911837e204e8e93
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3230648 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: application/javascript
x-trace-id: e5adceed3f96bc275cc178d5f0fd2e78
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=88189d91f0d74dad94dd747c0744c6cc; expires=Sat, 02 Sep 2023 19:59:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4d6c49cdfc9ba8e2c35c0864cdd02a9a
ea1b2234ca6f8e87594c1cd3329d61ccf1e6c8a2
662b1013ed12b05bebf54a1cb3040105777d022f0768b3e3fe532b1d8239bfbe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 02 Sep 2022 18:41:12 GMT
expires: Fri, 02 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4705
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yresumeform.autos/utx?cb=3tJnRXqcUC37&top=eio.io&tid=889494
65.9.44.68204 No Content 0 B URL HTTP/2 yresumeform.autos/utx?cb=3tJnRXqcUC37&top=eio.io&tid=889494
IP 65.9.44.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3tJnRXqcUC37&top=eio.io&tid=889494 HTTP/1.1
Host: yresumeform.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eio.io
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 19:59:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://eio.io
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 02 Sep 2022 20:00:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a30105057fbcc8761b99df13f333a9ea.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: q5MDJ40RygC4-UNd4lhDqPNiAGzuA7cthI_BD0AzwfVr47p4l9rYKg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 370512c9b504ce0167a35fe0bb9759c4
a2e3256ca8a170263257579806f0eb178efd01c3
6b9d970c623186cbb46fad202152e9fc07dda0c53b26388d970da532cd9dd22a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 19:59:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S973727434%3A1662148777381873&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUvgO5akvPisO7Wnohrga_oruiGvM_PDMGoS13gFsmiUSS4g7uLrwNwE6rLDb4X-1GkPSD_6w
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-0R8yu3l05OJmrRzL-RIZhw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:sU42M6qWBmZcrVeznNeeHM8X1QKNbg:9oPmJYw91Ri7Cokm;Path=/;Expires=Sun, 01-Sep-2024 19:59:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 400 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash b2c989caa045e2cd2a8c63a0d6c064ab
fceefc55e35722dad52d28d2279a5116637dd42c
0ef4e172bc4644a698c726e7ba9d7aa5af49f81e17d4f981f3c4d7272cc9ce90
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 19:59:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S436485969%3A1662148777392299&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVBq4SVxe8mHV6TO2KhI-qBKbcTCwyIZO5spzj5-9VvA6ZZSLAq_1c02Q4hek-9MMTVhLUbmg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-rb8HhbRyGtMDHp7x52ZkCw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:8tXcbnm_2_kTvekaalYVb9azYYRfAg:-BbOXIanMUlTMUe2;Path=/;Expires=Sun, 01-Sep-2024 19:59:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=717570478&t=pageview&_s=1&dl=https%3A%2F%2Feio.io%2FLolJ7&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAAC~&jid=32350210&gjid=81317092&cid=1290439265.1662148776&tid=UA-135952122-1&_gid=1662028519.1662148776&_r=1>m=2ou8v0&z=933750
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=717570478&t=pageview&_s=1&dl=https%3A%2F%2Feio.io%2FLolJ7&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAAC~&jid=32350210&gjid=81317092&cid=1290439265.1662148776&tid=UA-135952122-1&_gid=1662028519.1662148776&_r=1>m=2ou8v0&z=933750
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=717570478&t=pageview&_s=1&dl=https%3A%2F%2Feio.io%2FLolJ7&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAAC~&jid=32350210&gjid=81317092&cid=1290439265.1662148776&tid=UA-135952122-1&_gid=1662028519.1662148776&_r=1>m=2ou8v0&z=933750 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://eio.io
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://eio.io
date: Fri, 02 Sep 2022 19:59:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4903
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 19:59:37 GMT
Last-Modified: Fri, 02 Sep 2022 18:37:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WBN488wYS5XtLkaXCA/QUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aWfelScxdxSaPLmkB77m1tdxtwU=
ocsp.sectigo.com/
104.18.32.68200 OK 506 B IP 104.18.32.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ff1cdf291153f8879b02946c56329e67
2934c69c30f6f8c0a31661b0d3bff2a3396ba088
be55d20bf325db70a6f30c1a63d4d735e161a7e28e33469e3108a6e6d68ba98b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 19:59:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=512142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7448d3c3ea31b523-OSL
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 181188066a747564d588dbb007cb4da3
b18b3680ac5b817c6719359653ffa10f65b4e3cd
f61f57e91aa2a1712e00e8227aff1727611564bd214ce19ba027d071f95c2ec1
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eio.io
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://eio.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=864ed39086714d7ebbb2ce490b400af5; expires=Sat, 02 Sep 2023 19:59:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
in-page-push.com/500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 0 B URL HTTP/2 in-page-push.com/500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://eio.io/
Origin: https://eio.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:37 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://eio.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
in-page-push.com/500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 67 kB URL HTTP/2 in-page-push.com/500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Hash d872a49884a7c1a004abeac81f6779c7
a05b71731226b15117f59a28877e224e06222889
d692cd3dd6cff729e1ef0cda5a62f60adbb321e8917b1a09537a166dfa7f8983
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3230648?excludes=&oaid=864ed39086714d7ebbb2ce490b400af5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://eio.io
Connection: keep-alive
Referer: https://eio.io/
Cookie: OAID=88189d91f0d74dad94dd747c0744c6cc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: application/javascript
x-trace-id: d5cfc398eb9897f81e868d9ddf4efbf7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://eio.io
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=864ed39086714d7ebbb2ce490b400af5; expires=Sat, 02 Sep 2023 19:59:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
in-page-push.com/impression/Tlaw9K7wPTz2C2FR614e1-LalD8Sw9ThPQTj3lLqQZzxaV1ymVnAaei_sc31oamaOAmwQFjDOLP_uKYYLxrJDaL-pCUOMcps2q52ovIY2UMByCMZYRrb7umYAsFQ9RrBUuTP7E2Fl7ZkswKSv9ASGpquBXUSEOnyESiIQCA8nff6J3iDx7w7hn1XGs46ARGq4_QvohtbwKSkIlOeeWcqHwBObaC5Xknegi8L4UqPCBJFf5iphsyF02XMtzhZUpEc6AdaFP08yTyNX2fS4p2OIQfK_1ybjg91QZ4rGQ06B1xfnyCHy9DurB_nxS7HTvKMnRLLSWMkE8Lh439W9o3A956jx79UuQCVO3NhjMBcapQrGPVWjD7nffWTA-7gotPQqdFrU-yZGOTs51QdCE2tYqjfRM8aq_9UXN5PgdSoi10n-1E62R8V36uAQnxupG-DK9uQ2hRDisDF_dlcrWFNr5RFG18l_ZfhxfLEPqoh57hbOe9858MnvhCIlfFwH6x3nzugvpS5bRqgWX8mV2Q_bOeUqkU=?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 43 B URL HTTP/2 in-page-push.com/impression/Tlaw9K7wPTz2C2FR614e1-LalD8Sw9ThPQTj3lLqQZzxaV1ymVnAaei_sc31oamaOAmwQFjDOLP_uKYYLxrJDaL-pCUOMcps2q52ovIY2UMByCMZYRrb7umYAsFQ9RrBUuTP7E2Fl7ZkswKSv9ASGpquBXUSEOnyESiIQCA8nff6J3iDx7w7hn1XGs46ARGq4_QvohtbwKSkIlOeeWcqHwBObaC5Xknegi8L4UqPCBJFf5iphsyF02XMtzhZUpEc6AdaFP08yTyNX2fS4p2OIQfK_1ybjg91QZ4rGQ06B1xfnyCHy9DurB_nxS7HTvKMnRLLSWMkE8Lh439W9o3A956jx79UuQCVO3NhjMBcapQrGPVWjD7nffWTA-7gotPQqdFrU-yZGOTs51QdCE2tYqjfRM8aq_9UXN5PgdSoi10n-1E62R8V36uAQnxupG-DK9uQ2hRDisDF_dlcrWFNr5RFG18l_ZfhxfLEPqoh57hbOe9858MnvhCIlfFwH6x3nzugvpS5bRqgWX8mV2Q_bOeUqkU=?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/Tlaw9K7wPTz2C2FR614e1-LalD8Sw9ThPQTj3lLqQZzxaV1ymVnAaei_sc31oamaOAmwQFjDOLP_uKYYLxrJDaL-pCUOMcps2q52ovIY2UMByCMZYRrb7umYAsFQ9RrBUuTP7E2Fl7ZkswKSv9ASGpquBXUSEOnyESiIQCA8nff6J3iDx7w7hn1XGs46ARGq4_QvohtbwKSkIlOeeWcqHwBObaC5Xknegi8L4UqPCBJFf5iphsyF02XMtzhZUpEc6AdaFP08yTyNX2fS4p2OIQfK_1ybjg91QZ4rGQ06B1xfnyCHy9DurB_nxS7HTvKMnRLLSWMkE8Lh439W9o3A956jx79UuQCVO3NhjMBcapQrGPVWjD7nffWTA-7gotPQqdFrU-yZGOTs51QdCE2tYqjfRM8aq_9UXN5PgdSoi10n-1E62R8V36uAQnxupG-DK9uQ2hRDisDF_dlcrWFNr5RFG18l_ZfhxfLEPqoh57hbOe9858MnvhCIlfFwH6x3nzugvpS5bRqgWX8mV2Q_bOeUqkU=?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Feio.io%2FLolJ7&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Cookie: OAID=864ed39086714d7ebbb2ce490b400af5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 19:59:38 GMT
content-type: image/gif
content-length: 43
x-trace-id: 8a4147a7cf29fcc93ba8030f57906755
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14896
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 19:59:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14896
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 19:59:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14896
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 19:59:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14896
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 19:59:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 80532
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:44:27 GMT
age: 80111
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 13:36:12 GMT
age: 23006
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 76280
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:31:42 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 77276
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 79523
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S973727434%3A1662148777381873&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUvgO5akvPisO7Wnohrga_oruiGvM_PDMGoS13gFsmiUSS4g7uLrwNwE6rLDb4X-1GkPSD_6w
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S973727434%3A1662148777381873&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUvgO5akvPisO7Wnohrga_oruiGvM_PDMGoS13gFsmiUSS4g7uLrwNwE6rLDb4X-1GkPSD_6w
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S973727434%3A1662148777381873&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUvgO5akvPisO7Wnohrga_oruiGvM_PDMGoS13gFsmiUSS4g7uLrwNwE6rLDb4X-1GkPSD_6w HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 19:59:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-BL0jej9ua6-yJDC68h9Q-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=HDnEIYkaRrWTcxa4ic9FZ0ePQUKoFUYFzpzRrfWKdBngKn9bq9gjTBSBc0jNRTvrv9F9wqjDAslPxPyywBha_DU10qRUaO_8rr8Hxf6TnjicLlTZzsJE-zRQRsMDm9orlq6NoXyopJOrJtRXeB_rO1LCyFXGq77ASfvp0fufEGo; expires=Sat, 04-Mar-2023 19:59:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S436485969%3A1662148777392299&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVBq4SVxe8mHV6TO2KhI-qBKbcTCwyIZO5spzj5-9VvA6ZZSLAq_1c02Q4hek-9MMTVhLUbmg
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S436485969%3A1662148777392299&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVBq4SVxe8mHV6TO2KhI-qBKbcTCwyIZO5spzj5-9VvA6ZZSLAq_1c02Q4hek-9MMTVhLUbmg
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S436485969%3A1662148777392299&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVBq4SVxe8mHV6TO2KhI-qBKbcTCwyIZO5spzj5-9VvA6ZZSLAq_1c02Q4hek-9MMTVhLUbmg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 19:59:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-6HPqTQMPy-p0a9pR1qtBjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=VAu9glP_9-_z1XtIoW_8_J4CY5XIM8TjI5fi2ybXWy5djPaeDqJn8_LKlMu-d4DOeoUjtkb78N37TNj67425tSXAgmI6xeromI2hF6PxLAYqEW3Ntt9mgJvHQ7DrX7GohVfnClBkxYGVHxYt1nlUCKVa0iQ-SxKkvmHUkr4xf3Q; expires=Sat, 04-Mar-2023 19:59:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freychang.fun/
104.21.45.207200 OK 0 B IP 104.21.45.207:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Origin: https://eio.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: text/plain
set-cookie: csu=1419552412133131@1@1662148777; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://eio.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGD5KUVdUqBUfVq8o5zqffUvuAlxbTzbjosTtu5C%2FgyF1RhG7yIc2AfYgw761XEuo8v%2FK3eRYks9hahAdmQ3HcpVJgAS1VfDVJHo5lncMqDFexuZnSEQkTvsQ8QjSiQ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3c28dabb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exe.io/LolJ7
172.67.71.40200 OK 0 B IP 172.67.71.40:0
GET /LolJ7 HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:36 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=70da418866c52a718c1bb0e0d0a566b7; path=/; HttpOnly
csrfToken=14b517b4d0526c6f67001c74018b45759ca0c8c2dec32264167adc81c394abbb29e6e52875808fd6c387045ab505f6c515882694bda4835ef020c6e5c802d69f; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf3lxalTkovcQO5PAYJ6XLHoffg64p8T5%2BF%2FIlqJ2E1qr2wS3Ui6%2BsxlZTZge5ZH2DVUO0n5verlzbVPkXY1PzGFTxwtR%2FmbinI6bUUKUKc9tgz%2BsHMOYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448d3bb7fc2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
104.21.45.207200 OK 0 B IP 104.21.45.207:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Origin: https://eio.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://eio.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2351
last-modified: Fri, 02 Sep 2022 19:20:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqc3tfS%2F2CbWwamCZ1BtZO0ST2LYx2BlChZnWeyXiBZDZmEcZVSG0O%2Fmhu2%2Bq%2BpP%2FPPCFY4pLAcbEu2fxnNT%2Bq4kF0wXDMs5deOnyZRkJw38sRAJ%2FfXoUW0PIv9yIAu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7448d3c27da1b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
104.21.45.207200 OK 0 B IP 104.21.45.207:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eio.io/
Origin: https://eio.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Sep 2022 19:59:37 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://eio.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2351
last-modified: Fri, 02 Sep 2022 19:20:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCBHwe0eWVyQcvC%2BOFyMjaVyDDMbIE5jh%2BhzRUo6aW6L5DYTnXkNnDu2e5w56jj2lGYOCxdlehfCddpyay6xGpYA1JxpzYYwv0xgMQbgV0AJmC5rpaADaP0wCRNGnnMM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7448d3c27da2b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eio.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uJTFRsz/Jk1iQ+Hu04+E4Qx/QwbAEvVKz6584TkqyIUVoKby737K3a5SpRKVhlzp3tM583is/KqmhfqtVlHbdg==
date: Fri, 02 Sep 2022 19:59:37 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2