exe.io/wAKIf
104.26.3.103301 Moved Permanently 0 B IP 104.26.3.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wAKIf HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 22:03:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 23:03:50 GMT
Location: https://exe.io/wAKIf
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RpxHO4wGYSVDYA05Qnp01ZkdsrK9Onr5%2FrF667eLJ%2BmIJ7pwLXClTqZSb2QSqaLoapimGvGQRm13lzxlTV6SuUNXoH0TJ5USgLfH4n%2B2t5TiLLD8vmLfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7705ea9aaf19b515-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7687
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 22:03:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4065
Cache-Control: max-age=135303
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:50 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:38:53 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8607
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9f38871d10e3d1e09d3fe7a660e8da71
d9c9874f2a285b226fde8b5fab15b7b3f20a4d5b
3f7c6a53f5861d2e58b6a54d75a7ea9240c10c213ee3f15beb99ec90d8e52dce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Etag: "63812d26-117"
Last-Modified: Sat, 26 Nov 2022 21:28:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2778
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +pjkQCuK+5scuQEk/+TzN35RJ6icKNbu7Sa0BR/55GoT2jyy8V0QZBwqcTMwXfyxbdtmw508Ng4=
x-amz-request-id: 7NXRCXR18XNSNEDT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:44:23 GMT
age: 1168
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
exe.io/wAKIf
104.26.2.103302 Found 278 B IP 104.26.2.103:0
Hash 9f38871d10e3d1e09d3fe7a660e8da71
d9c9874f2a285b226fde8b5fab15b7b3f20a4d5b
3f7c6a53f5861d2e58b6a54d75a7ea9240c10c213ee3f15beb99ec90d8e52dce
GET /wAKIf HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: text/html; charset=UTF-8
location: https://exee.app/wAKIf
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=11fc83db345d7941e8c58b06dd14b393; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TaXJ9pp69eZ0ZEmNYAvN3%2FRKpfCFIuCd1pe6mdbUIxQGlRM9UebwgPNvfETkvfdC8FJDxKAQISamoHIcpnYst615I%2FQoRrRPWXX7Q1vG53w5Ubaq5SYOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705ea9beb8cb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e8a34504e34dd94514cc6227f30fa27
326e26bee15338dd963d7b604796609c2110f8ee
2d503aebe3f5068d83e20b3f31461d2dbeb70b8a06e079c270cc689f18750ad3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2D503AEBE3F5068D83E20B3F31461D2DBEB70B8A06E079C270CC689F18750AD3"
Last-Modified: Sat, 26 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8829
Expires: Sun, 27 Nov 2022 00:31:00 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e8a34504e34dd94514cc6227f30fa27
326e26bee15338dd963d7b604796609c2110f8ee
2d503aebe3f5068d83e20b3f31461d2dbeb70b8a06e079c270cc689f18750ad3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2D503AEBE3F5068D83E20B3F31461D2DBEB70B8A06E079C270CC689F18750AD3"
Last-Modified: Sat, 26 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8829
Expires: Sun, 27 Nov 2022 00:31:00 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 3159
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a264945d6b805a4c4052fdc234a3fc64
b8263f9d07989c2591de2af7e28fab914e5646b0
78ca1d23f0f162f0e8be7e90f3dfe8870b71de4294eb90433ad32c4c6b56ffd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78CA1D23F0F162F0E8BE7E90F3DFE8870B71DE4294EB90433AD32C4C6B56FFD9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13939
Expires: Sun, 27 Nov 2022 01:56:10 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-135952122-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e5a8190b75f7c46186bcc9b9825a7ee5
fdd1d93eb47ab6ff2271a50207acb5f0c4c08230
4f6c58cea0f47015777a7b4285a64c6b108ceb37cd400446aac9072e5cda3a4c
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 22:03:51 GMT
expires: Sat, 26 Nov 2022 22:03:51 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7991f4ffc45da6a67e18b47660ad0596
992d9dd8f539fb5c035b64e6b7e907252312b846
1feeaaf58bfce72640e932a4b9104d668db288ba56091ec9a4e760dba4f045d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1FEEAAF58BFCE72640E932A4B9104D668DB288BA56091EC9A4E760DBA4F045D1"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Sat, 26 Nov 2022 22:41:43 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
exee.app/wAKIf
104.21.48.127200 OK 168 kB IP 104.21.48.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61445)
Size 168 kB (167703 bytes)
Hash 988ce08d4d8f051b597a5e905ed0c30d
510d9e48a0407c9c68f4d4e7d2e061b7c98a17ae
b7543f7019870cbd1c4406e31ec66d927ee21b359d4744c857d5345fd2440eba
GET /wAKIf HTTP/1.1
Host: exee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=c193b252dc263462b54a55063704659a; path=/; HttpOnly
csrfToken=f60f13cac47d9bfec47a75ba8a5be045c3fae5a8f185dd90b9b4dc9cc2148336e974bd49a4d0186de72ba966345e661e4438a818770e22d4fb3054fd1b0fb33f; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyEnXcWmHdEdoqOahNVvP%2FQ8fBFykQwNE0ODpkm9jEzf94XSooOx2DQDdBuqTSdvsGHJcMqlSnUDVAG1fjZvKy6fbFvoLcWK0BuXsZ5HA%2BbkcXHUm%2F68pjxBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705ea9cf854b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: max-age=130923
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:25:54 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f4a7fb0a46243afcdef495930802d62
979a0675885be263f28e6b3cf9a699c8cdd69f04
6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6341
Expires: Sat, 26 Nov 2022 23:49:32 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7991f4ffc45da6a67e18b47660ad0596
992d9dd8f539fb5c035b64e6b7e907252312b846
1feeaaf58bfce72640e932a4b9104d668db288ba56091ec9a4e760dba4f045d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1FEEAAF58BFCE72640E932A4B9104D668DB288BA56091EC9A4E760DBA4F045D1"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Sat, 26 Nov 2022 22:41:43 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.3:0
Hash 143e436db1d5bdf40d7c22d892fc3df5
e20e9219a8647c2054faedf12ead07652c97dabf
ecd8c4bc7134917fefde8a5780e4f5296bee808d29e3eadf5ec6e33cdbb980cc
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 19:07:15 GMT
expires: Tue, 21 Nov 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 442596
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nadjustifygas.com/utx?cb=m0jOnBM2Cxri&top=exee.app&tid=889494
54.230.111.124204 No Content 0 B URL HTTP/2 nadjustifygas.com/utx?cb=m0jOnBM2Cxri&top=exee.app&tid=889494
IP 54.230.111.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=m0jOnBM2Cxri&top=exee.app&tid=889494 HTTP/1.1
Host: nadjustifygas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 22:03:51 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 26 Nov 2022 22:04:51 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pb6Sz6WTzj9aLC2_Hzj-wIe7QYiNmCaItIm1rpNy2VDwBxicURndAg==
X-Firefox-Spdy: h2
nadjustifygas.com/utx?cb=nokJH1889lVp&top=exee.app&tid=822524
54.230.111.124204 No Content 0 B URL HTTP/2 nadjustifygas.com/utx?cb=nokJH1889lVp&top=exee.app&tid=822524
IP 54.230.111.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=nokJH1889lVp&top=exee.app&tid=822524 HTTP/1.1
Host: nadjustifygas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 22:03:51 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 26 Nov 2022 22:04:51 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _8PGimTogVcsR_Z2L11QL1LD_dZ0zXJZl6aVmt8OfgCzGzFrWFMrlQ==
X-Firefox-Spdy: h2
nadjustifygas.com/aDdWZjUJVTULCgkKNEBAGltrQwcuEmQgUVpFJRBWBQYkXkAeWjBIVgRYIwJTGlg4EhsGUiJDBy5yBzEMW3gRBVwpdToDYixiESNCPlE1VwQrdDooWypmBD52PHEFKW0DQxsKVgpTEisFLHMiNn07RBczYB9THDB/IH8xFVIpZRcgZDtmFCB0PmAMEQE8YDoWBDtmGC92K0cFIWApYRwkATxiBDdHLwYQKHcGQBUhcCF4Gjd4P38AM30/Wz0vZAZ5MD4FUHgaEUYxYy40XjBiMjFwWmUyNEIEbzRXDDt0LzBeMGIyNnEBDgw3TVliF1ZFLnQUXwY/BnsveSJgBAJnWFgEPHMfBRUwUVhmAwVnOVkYAHAuBxMtUipkFQ9zEm9mP3w+BBQAZwAGAAVkA1IFAXwGdhdeUT5mMgNnHwYcBWADdBQwbE5dJQlbGAoYJ38bDzoqYR1UGhFPAlg
54.230.111.124200 OK 1.2 kB URL HTTP/2 nadjustifygas.com/aDdWZjUJVTULCgkKNEBAGltrQwcuEmQgUVpFJRBWBQYkXkAeWjBIVgRYIwJTGlg4EhsGUiJDBy5yBzEMW3gRBVwpdToDYixiESNCPlE1VwQrdDooWypmBD52PHEFKW0DQxsKVgpTEisFLHMiNn07RBczYB9THDB/IH8xFVIpZRcgZDtmFCB0PmAMEQE8YDoWBDtmGC92K0cFIWApYRwkATxiBDdHLwYQKHcGQBUhcCF4Gjd4P38AM30/Wz0vZAZ5MD4FUHgaEUYxYy40XjBiMjFwWmUyNEIEbzRXDDt0LzBeMGIyNnEBDgw3TVliF1ZFLnQUXwY/BnsveSJgBAJnWFgEPHMfBRUwUVhmAwVnOVkYAHAuBxMtUipkFQ9zEm9mP3w+BBQAZwAGAAVkA1IFAXwGdhdeUT5mMgNnHwYcBWADdBQwbE5dJQlbGAoYJ38bDzoqYR1UGhFPAlg
IP 54.230.111.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 3bed13563250366c59906e250b181b73
27a237946355a51aaf5e62f8903d2536479854b6
624737012025216db54a8dd0e9bf9e89943edd92195ae04a7c38f625ad17445b
GET /aDdWZjUJVTULCgkKNEBAGltrQwcuEmQgUVpFJRBWBQYkXkAeWjBIVgRYIwJTGlg4EhsGUiJDBy5yBzEMW3gRBVwpdToDYixiESNCPlE1VwQrdDooWypmBD52PHEFKW0DQxsKVgpTEisFLHMiNn07RBczYB9THDB/IH8xFVIpZRcgZDtmFCB0PmAMEQE8YDoWBDtmGC92K0cFIWApYRwkATxiBDdHLwYQKHcGQBUhcCF4Gjd4P38AM30/Wz0vZAZ5MD4FUHgaEUYxYy40XjBiMjFwWmUyNEIEbzRXDDt0LzBeMGIyNnEBDgw3TVliF1ZFLnQUXwY/BnsveSJgBAJnWFgEPHMfBRUwUVhmAwVnOVkYAHAuBxMtUipkFQ9zEm9mP3w+BBQAZwAGAAVkA1IFAXwGdhdeUT5mMgNnHwYcBWADdBQwbE5dJQlbGAoYJ38bDzoqYR1UGhFPAlg HTTP/1.1
Host: nadjustifygas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Sat, 26 Nov 2022 22:03:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8YUsUY65kUAU6Bf1vfe9Qv-vA44VnX52407yP2K80b--_gDgisBcBg==
X-Firefox-Spdy: h2
nadjustifygas.com/R2lHSVImCyQkbSZUJW8nNQV6bGABTHUPNnUbND8xKlg1cScxBCFnMSsGMi00NQYpPXwpDDNsYAEDHXgUFwgsIhcXAAIENi8kcwJjIxEfezpwPHR4EAgTMA8YPw00BQMsBQQjOTYlIAc3AQcwJhswBXQGKgYdECQUNysuLhgJBw0EHgYCPio+Mx8FIwczP3R4EA09fw8bKwZiexQJESA6FC08Kg4BCj0jMz0LDQYmd3UrCRgfKyo9CyMQKH4aNHRQFyxjI1wICB8pKD19ZgA+Px8LFCwiKxQRASElIik/dBtqDC4/HwsTDgMDYwEFJiU5CzgqB3d1LwInaxMND2QlKAsBHzoXOz86BAUrYnsQEAc/AwsQMxcsYyRbDC45LioPG2sLITMRCw9QJiwUIw4mJTpyKBMuawMQfwAZEBkeDWMdASIiAHI4FBsrEB5hIyEoBzd0MCQFKiE3AyN+DmEFAyk
54.230.111.124200 OK 1.2 kB URL HTTP/2 nadjustifygas.com/R2lHSVImCyQkbSZUJW8nNQV6bGABTHUPNnUbND8xKlg1cScxBCFnMSsGMi00NQYpPXwpDDNsYAEDHXgUFwgsIhcXAAIENi8kcwJjIxEfezpwPHR4EAgTMA8YPw00BQMsBQQjOTYlIAc3AQcwJhswBXQGKgYdECQUNysuLhgJBw0EHgYCPio+Mx8FIwczP3R4EA09fw8bKwZiexQJESA6FC08Kg4BCj0jMz0LDQYmd3UrCRgfKyo9CyMQKH4aNHRQFyxjI1wICB8pKD19ZgA+Px8LFCwiKxQRASElIik/dBtqDC4/HwsTDgMDYwEFJiU5CzgqB3d1LwInaxMND2QlKAsBHzoXOz86BAUrYnsQEAc/AwsQMxcsYyRbDC45LioPG2sLITMRCw9QJiwUIw4mJTpyKBMuawMQfwAZEBkeDWMdASIiAHI4FBsrEB5hIyEoBzd0MCQFKiE3AyN+DmEFAyk
IP 54.230.111.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash 9e47575d76cc89048c5f57ac606a2310
eac8778bc7bacbccd1ae98021e848a7decca3371
1eafc18f39318da8a2d833ee5241c729565f81a79c8f4ca814454e174e35e38b
GET /R2lHSVImCyQkbSZUJW8nNQV6bGABTHUPNnUbND8xKlg1cScxBCFnMSsGMi00NQYpPXwpDDNsYAEDHXgUFwgsIhcXAAIENi8kcwJjIxEfezpwPHR4EAgTMA8YPw00BQMsBQQjOTYlIAc3AQcwJhswBXQGKgYdECQUNysuLhgJBw0EHgYCPio+Mx8FIwczP3R4EA09fw8bKwZiexQJESA6FC08Kg4BCj0jMz0LDQYmd3UrCRgfKyo9CyMQKH4aNHRQFyxjI1wICB8pKD19ZgA+Px8LFCwiKxQRASElIik/dBtqDC4/HwsTDgMDYwEFJiU5CzgqB3d1LwInaxMND2QlKAsBHzoXOz86BAUrYnsQEAc/AwsQMxcsYyRbDC45LioPG2sLITMRCw9QJiwUIw4mJTpyKBMuawMQfwAZEBkeDWMdASIiAHI4FBsrEB5hIyEoBzd0MCQFKiE3AyN+DmEFAyk HTTP/1.1
Host: nadjustifygas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Sat, 26 Nov 2022 22:03:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 523KNGb9l_1o-MmefXZEaLwhdZMwHvW633rp8HglomIKfocwL-bD_w==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.3:0
Hash 143e436db1d5bdf40d7c22d892fc3df5
e20e9219a8647c2054faedf12ead07652c97dabf
ecd8c4bc7134917fefde8a5780e4f5296bee808d29e3eadf5ec6e33cdbb980cc
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 231660
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nadjustifygas.com/amRJQlILBiovbQtZK2QnGAh0Z2AsQXsENlgWOjQxB1U7eiccCS9sMQYLPCY0GAsnNnwEAT1nYCwAGxo+HTUjJT8sDH0pEBAhGAQaUiUqFyIpAAguOC8TBDYEADIMDBMzKAAqB1oqAXprJg8tKQYuXC0WCiMBAhA1Dy4YFDgiJn0qEDI2LwcBMAUsB2M9KnguZiwmcXYHOQ8fBwUJLwhyKg8HIXNhOTIucwc5Fy0KKDwoEAcmKygMOjU5VAs4ES0QAxQKLFIQByYrKh8HID5UGywRHQAqEzwgJSpyYzwHETI1OVQINQYHJgIPCictKgQ2KwUxc2E5NmQhPD0dfRUEMiZscBAOVCUAMQ0MeREHLAoKLAcMIx0ANiMcEAsIHQsNERcoVw8sBAwmEXoYTA46LTwaWQ0GYQ0IDTQVEjN+
54.230.111.124200 OK 1.2 kB URL HTTP/2 nadjustifygas.com/amRJQlILBiovbQtZK2QnGAh0Z2AsQXsENlgWOjQxB1U7eiccCS9sMQYLPCY0GAsnNnwEAT1nYCwAGxo+HTUjJT8sDH0pEBAhGAQaUiUqFyIpAAguOC8TBDYEADIMDBMzKAAqB1oqAXprJg8tKQYuXC0WCiMBAhA1Dy4YFDgiJn0qEDI2LwcBMAUsB2M9KnguZiwmcXYHOQ8fBwUJLwhyKg8HIXNhOTIucwc5Fy0KKDwoEAcmKygMOjU5VAs4ES0QAxQKLFIQByYrKh8HID5UGywRHQAqEzwgJSpyYzwHETI1OVQINQYHJgIPCictKgQ2KwUxc2E5NmQhPD0dfRUEMiZscBAOVCUAMQ0MeREHLAoKLAcMIx0ANiMcEAsIHQsNERcoVw8sBAwmEXoYTA46LTwaWQ0GYQ0IDTQVEjN+
IP 54.230.111.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 03a9c42733a98ecf9c3b7876b92ad68a
3d38e46abed99e7a8f76b2b7f5b08b4f160414f9
573b0b6420a20c04fe6a361c206369dd047a7f5b5996157f2c347f4648728984
GET /amRJQlILBiovbQtZK2QnGAh0Z2AsQXsENlgWOjQxB1U7eiccCS9sMQYLPCY0GAsnNnwEAT1nYCwAGxo+HTUjJT8sDH0pEBAhGAQaUiUqFyIpAAguOC8TBDYEADIMDBMzKAAqB1oqAXprJg8tKQYuXC0WCiMBAhA1Dy4YFDgiJn0qEDI2LwcBMAUsB2M9KnguZiwmcXYHOQ8fBwUJLwhyKg8HIXNhOTIucwc5Fy0KKDwoEAcmKygMOjU5VAs4ES0QAxQKLFIQByYrKh8HID5UGywRHQAqEzwgJSpyYzwHETI1OVQINQYHJgIPCictKgQ2KwUxc2E5NmQhPD0dfRUEMiZscBAOVCUAMQ0MeREHLAoKLAcMIx0ANiMcEAsIHQsNERcoVw8sBAwmEXoYTA46LTwaWQ0GYQ0IDTQVEjN+ HTTP/1.1
Host: nadjustifygas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Sat, 26 Nov 2022 22:03:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n28BCqmA_vS1AMjAt7LXAryBjxM24MA_dk42wRVwt94smAwm8wAckQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f4a7fb0a46243afcdef495930802d62
979a0675885be263f28e6b3cf9a699c8cdd69f04
6428e7f877dc58c23c7ac0d9597d40db3548026b8e5aa5f5c58706841b45bd1c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6428E7F877DC58C23C7AC0D9597D40DB3548026B8E5AA5F5C58706841B45BD1C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6341
Expires: Sat, 26 Nov 2022 23:49:32 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.3:0
Hash 143e436db1d5bdf40d7c22d892fc3df5
e20e9219a8647c2054faedf12ead07652c97dabf
ecd8c4bc7134917fefde8a5780e4f5296bee808d29e3eadf5ec6e33cdbb980cc
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
enaceanspection.com/MmVlRE8dWgY3cmEIXDQsZitTEiNKIyYqI2swMAEEUVQNJh5zJEMwJlZYXXB8AFNUYj9bAVh1dxQWESU7RxZYdWlbCwMrchQTWHVhAktXan0UEFh1aUYVBCNyA0MVMDteWFRyeQtQVXR9AVRQfXY
104.21.25.15204 No Content 0 B URL HTTP/2 enaceanspection.com/MmVlRE8dWgY3cmEIXDQsZitTEiNKIyYqI2swMAEEUVQNJh5zJEMwJlZYXXB8AFNUYj9bAVh1dxQWESU7RxZYdWlbCwMrchQTWHVhAktXan0UEFh1aUYVBCNyA0MVMDteWFRyeQtQVXR9AVRQfXY
IP 104.21.25.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MmVlRE8dWgY3cmEIXDQsZitTEiNKIyYqI2swMAEEUVQNJh5zJEMwJlZYXXB8AFNUYj9bAVh1dxQWESU7RxZYdWlbCwMrchQTWHVhAktXan0UEFh1aUYVBCNyA0MVMDteWFRyeQtQVXR9AVRQfXY HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 22:03:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buw7bqUdr6topaOTq67tgNT%2F6c3qazdFHAtnh6g%2BO0iwkZSAhOmA8TOEMFaBs6gn17lecVyHOULbexPx9TAYYk3efSew8ffd7McC0Yu19A5SWEAdOsU%2FtT%2FkcTZ%2B1vvs70zbcIBw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705eaa0de0ab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b4663e7924ed46b15cd9a38c5bca135
448bcca1e3031d58f6a30589eb9219325cb50572
1cb2b8c23bae8426d2c1d55bd14e02d8a0bc6e4c81e31643aafc96d9f2931d6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CB2B8C23BAE8426D2C1D55BD14E02D8A0BC6E4C81E31643AAFC96D9F2931D6A"
Last-Modified: Thu, 24 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Sun, 27 Nov 2022 01:07:04 GMT
Date: Sat, 26 Nov 2022 22:03:51 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9tiOyCY+OguXcNoYENeNXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zGk2zadgYOIghwlc6EHtZeSOfeE=
enaceanspection.com/N2liVUoYVgEmd1MEKCMfcg0mAAxDDgYQLmQ/UA94ZgU4MxMEOEQhI1NUWm1zA1BWczpeDV9kbEQdAyE/RFRTcyNZDw1obEFUU3t5A0dRZGQGTxdoexEdEjQtClhEJT5DBV9kfAFQV2V6BVpTYHIF
104.21.25.15204 No Content 0 B URL HTTP/2 enaceanspection.com/N2liVUoYVgEmd1MEKCMfcg0mAAxDDgYQLmQ/UA94ZgU4MxMEOEQhI1NUWm1zA1BWczpeDV9kbEQdAyE/RFRTcyNZDw1obEFUU3t5A0dRZGQGTxdoexEdEjQtClhEJT5DBV9kfAFQV2V6BVpTYHIF
IP 104.21.25.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N2liVUoYVgEmd1MEKCMfcg0mAAxDDgYQLmQ/UA94ZgU4MxMEOEQhI1NUWm1zA1BWczpeDV9kbEQdAyE/RFRTcyNZDw1obEFUU3t5A0dRZGQGTxdoexEdEjQtClhEJT5DBV9kfAFQV2V6BVpTYHIF HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 22:03:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW3iK0xUpqcNWvbZUh3kRVkyFZm%2ByQ5HhyvdtO4HD4W3uB%2FbXRh2dJHVnY8Y5vlxBn9fA4Xl6qrsovBSjkgP2ZbcjkxwM3C8ar3oBbxmEYueWAtED2iLcWr6J2LaH%2Ft3J0RDgUUT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705eaa10e53b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8a2e7ab9f879e661a79bbd1a8941771d
2ffaca360ca166595c22af6993fe09f828d94f2e
7de1ce8e8144f318bd65ae8f6cfc023abdd5f34da94a0fd9098b18e1be3413d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 22:03:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=412722,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705eaa1acdeb4fa-OSL
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
37.48.68.71200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 26 Nov 2022 22:03:51 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://exee.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
enaceanspection.com/bkhDVVBBdyAmbQoPdywzNhICAzckABc+KA0KFh8RPB57FAErBWUhOQp1e2diW3p3cyAHLH5kdh08IiElHXVyczkALixodhh1cntjWmZwZH5fbjZoYUg8MzQ3U3llJSQaJH5kZlhxdmVgXHtyYGNW
104.21.25.15204 No Content 0 B URL HTTP/2 enaceanspection.com/bkhDVVBBdyAmbQoPdywzNhICAzckABc+KA0KFh8RPB57FAErBWUhOQp1e2diW3p3cyAHLH5kdh08IiElHXVyczkALixodhh1cntjWmZwZH5fbjZoYUg8MzQ3U3llJSQaJH5kZlhxdmVgXHtyYGNW
IP 104.21.25.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bkhDVVBBdyAmbQoPdywzNhICAzckABc+KA0KFh8RPB57FAErBWUhOQp1e2diW3p3cyAHLH5kdh08IiElHXVyczkALixodhh1cntjWmZwZH5fbjZoYUg8MzQ3U3llJSQaJH5kZlhxdmVgXHtyYGNW HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 22:03:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ky00RVRz2lEl6vYXsa4olyPFyKZUmkXB0iyNQgAFq%2FldVybX3Khfi316V8Z%2FWthcPU%2BSzZ4Sbdbyh0EaRw0lMQrirjmy7nqj9hKMNyXeHMHH6kb5f3yiKmP1TzrSwKntSIqVK%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705eaa1af37b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d2rsvcm1r8uvmf.cloudfront.net/EQW93OGciABleWDUGEwVfc11CClNnBQRXCTFSOXktMlcbdDM0DDtPHSsAUUwdJVJHHgsgARAFQSQBFAVWZw4TWlp1SQNICCpSGUAVJB4TURQrG1FNBnwCGEIOLQMWHVUHWlkIQnNfX08OLwsYTxRkXUdWE2RdRwlXb19SCyVkXUdPDi9ZQx1UA0pFCB93W1-ILJWRdR0oRZFw2CVd0QUcRQnNfEF0EKgBSCiFzX0YIV3BfRh1VcQkeSgInAA8dVQdeRw1JcUkCBVY
54.230.245.155200 OK 521 B URL HTTP/2 d2rsvcm1r8uvmf.cloudfront.net/EQW93OGciABleWDUGEwVfc11CClNnBQRXCTFSOXktMlcbdDM0DDtPHSsAUUwdJVJHHgsgARAFQSQBFAVWZw4TWlp1SQNICCpSGUAVJB4TURQrG1FNBnwCGEIOLQMWHVUHWlkIQnNfX08OLwsYTxRkXUdWE2RdRwlXb19SCyVkXUdPDi9ZQx1UA0pFCB93W1-ILJWRdR0oRZFw2CVd0QUcRQnNfEF0EKgBSCiFzX0YIV3BfRh1VcQkeSgInAA8dVQdeRw1JcUkCBVY
IP 54.230.245.155:0
File type ASCII text, with very long lines (707), with no line terminators
Hash 1b09cd2a79639cfffea7abb48c9f1162
0ef33add5a5cf76619f7d9e5ec66e7ce1e6e8941
654e7a5db63bb65bf8b0578e101f48df53afd556b142bc2d6fd960ad6ea1c256
GET /EQW93OGciABleWDUGEwVfc11CClNnBQRXCTFSOXktMlcbdDM0DDtPHSsAUUwdJVJHHgsgARAFQSQBFAVWZw4TWlp1SQNICCpSGUAVJB4TURQrG1FNBnwCGEIOLQMWHVUHWlkIQnNfX08OLwsYTxRkXUdWE2RdRwlXb19SCyVkXUdPDi9ZQx1UA0pFCB93W1-ILJWRdR0oRZFw2CVd0QUcRQnNfEF0EKgBSCiFzX0YIV3BfRh1VcQkeSgInAA8dVQdeRw1JcUkCBVY HTTP/1.1
Host: d2rsvcm1r8uvmf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjustifygas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 521
date: Sat, 26 Nov 2022 22:03:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G7ZeVhN6snIMPLxhWeJpJGjuo_gMM2QIgG_mDNzNmmwphmlip_s2Ew==
X-Firefox-Spdy: h2
d2rsvcm1r8uvmf.cloudfront.net/jZ1FPakkEPiEMdhM4K1dxX2h7U31BOzwFJxdsLQklCjkqLgNeFnwoIwl3OxAtWmFpBigJNnJMLAkycltvBjUtV31BJT8FIlo/NxgsFjUmGSMTdzoLdAo+NQMlCzBqWA9Sf39Pe1d5OAMnAz44GWxVYSEebFVhflpnV3R8KGxVYTgDJ1FlalkLQmN/En9TdH-wobFVhPRxsVBB+WnxJYWZPe1c2KgkiCHR9LHtXYH9aeFdgalh5ATg9Dy8IKWpYD1ZhekR5QSRyWw
54.230.245.155200 OK 600 B URL HTTP/2 d2rsvcm1r8uvmf.cloudfront.net/jZ1FPakkEPiEMdhM4K1dxX2h7U31BOzwFJxdsLQklCjkqLgNeFnwoIwl3OxAtWmFpBigJNnJMLAkycltvBjUtV31BJT8FIlo/NxgsFjUmGSMTdzoLdAo+NQMlCzBqWA9Sf39Pe1d5OAMnAz44GWxVYSEebFVhflpnV3R8KGxVYTgDJ1FlalkLQmN/En9TdH-wobFVhPRxsVBB+WnxJYWZPe1c2KgkiCHR9LHtXYH9aeFdgalh5ATg9Dy8IKWpYD1ZhekR5QSRyWw
IP 54.230.245.155:0
File type ASCII text, with very long lines (874), with no line terminators
Hash f9b3aec4f2b7287b424a69bc0422d8e4
5d0f504be86b415f7ce6a330d234c33ba4946f45
85a4398773080f6e4140e47467bf20575c5729804cfbfc9faf2d6ffca9649644
GET /jZ1FPakkEPiEMdhM4K1dxX2h7U31BOzwFJxdsLQklCjkqLgNeFnwoIwl3OxAtWmFpBigJNnJMLAkycltvBjUtV31BJT8FIlo/NxgsFjUmGSMTdzoLdAo+NQMlCzBqWA9Sf39Pe1d5OAMnAz44GWxVYSEebFVhflpnV3R8KGxVYTgDJ1FlalkLQmN/En9TdH-wobFVhPRxsVBB+WnxJYWZPe1c2KgkiCHR9LHtXYH9aeFdgalh5ATg9Dy8IKWpYD1ZhekR5QSRyWw HTTP/1.1
Host: d2rsvcm1r8uvmf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjustifygas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 600
date: Sat, 26 Nov 2022 22:03:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ma2ra7D7BKI8pqhgZ5nllaHsCzUinkWCtmVvX-3Dp02SiF9Y0Izq8g==
X-Firefox-Spdy: h2
d2rsvcm1r8uvmf.cloudfront.net/dRXlwQjgmFh4kBzEQFH8AcUpCdAljEwMtVjVENAYLIhU0NH89LkdkTD8dTXIeKRgeJQVjHB4hBXRfESZaeE1WN1l4FB84USkVEWcKA0xech13SVg1USsdHzVLYEtALExgS0BzCGtJVXF6YEtANVErT0RnCwdcQnJAc01VcXpgS0AwTmBKMXMIcFdAax13SR-cnWy4WVXB+d0lBcgh0SUFnCnUfGTBdIxYIZwoDSEB3FnVfBX8J
54.230.245.155200 OK 193 B URL HTTP/2 d2rsvcm1r8uvmf.cloudfront.net/dRXlwQjgmFh4kBzEQFH8AcUpCdAljEwMtVjVENAYLIhU0NH89LkdkTD8dTXIeKRgeJQVjHB4hBXRfESZaeE1WN1l4FB84USkVEWcKA0xech13SVg1USsdHzVLYEtALExgS0BzCGtJVXF6YEtANVErT0RnCwdcQnJAc01VcXpgS0AwTmBKMXMIcFdAax13SR-cnWy4WVXB+d0lBcgh0SUFnCnUfGTBdIxYIZwoDSEB3FnVfBX8J
IP 54.230.245.155:0
File type ASCII text, with no line terminators
Hash 3d55c2c98a182309f2919620737396c2
1cb1728049fa05ffa4c1c5a6817bdd701e9e74d4
fae54e928754b58f1a03f12aaa59068a9f652c2bee4cb1b9ec96115067ed7620
GET /dRXlwQjgmFh4kBzEQFH8AcUpCdAljEwMtVjVENAYLIhU0NH89LkdkTD8dTXIeKRgeJQVjHB4hBXRfESZaeE1WN1l4FB84USkVEWcKA0xech13SVg1USsdHzVLYEtALExgS0BzCGtJVXF6YEtANVErT0RnCwdcQnJAc01VcXpgS0AwTmBKMXMIcFdAax13SR-cnWy4WVXB+d0lBcgh0SUFnCnUfGTBdIxYIZwoDSEB3FnVfBX8J HTTP/1.1
Host: d2rsvcm1r8uvmf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjustifygas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 193
date: Sat, 26 Nov 2022 22:03:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q-hYpoeQPTiFya7WElTkY7OquVSTzXLBcYYirA-rEsa1PfBy85qEig==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.3:0
Hash 143e436db1d5bdf40d7c22d892fc3df5
e20e9219a8647c2054faedf12ead07652c97dabf
ecd8c4bc7134917fefde8a5780e4f5296bee808d29e3eadf5ec6e33cdbb980cc
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37166), with no line terminators
Hash 4c70add21c46cc7d0ecb1cf8f4b1e54c
77168a4e48a322b88e874454c07b89c75fafb704
2f72eeb2ed9f5c82868f0b8da10a170ae7feb50f995faee868d9294e92545a69
Analyzer Verdict Alert quad9 Sinkholed
GET /f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js HTTP/1.1
Host: fightingcowardlycoffin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 22:03:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a0173b948889d968fe0c7195eb4ff57
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6882
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 22:03:52 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143943
Date: Sat, 26 Nov 2022 22:03:52 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:02:55 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I9IEZsC71OYrhbcsmkrgf1vEoGkjylJ8Y6OHRsfZeX1_-ZbX_w-JWw==
Age: 1912
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 743c9539bda02d924aa2ccdf663d2104
5b7d2a6cb48d799f6f868afc5b5ac76ff13fb625
91dd87b4f3fe853ed7adec5dbd1ae107fdf7080929299200c90cf52688da14ea
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
set-cookie: uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; expires=Tue, 23 Nov 2032 22:03:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e99fcdc3ed7523948d56cbe1c943fcf3
4b8a3c27fa51771c288a392441d678321d7a3717
60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Last-Modified: Sat, 26 Nov 2022 20:29:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 20:41:08 GMT
expires: Sat, 26 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 4964
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e99fcdc3ed7523948d56cbe1c943fcf3
4b8a3c27fa51771c288a392441d678321d7a3717
60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 1.9 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ebb78984b5146367cbf4f2cda517f6a1
86875cde84cbfd201419d95a65d59cf440b8a8be
75b8ed4a4c1aa26770a9ec316921c5390b4dbba8f3cf1fae64b71e3c70759ddc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6882
Expires: Sat, 26 Nov 2022 23:58:34 GMT
Date: Sat, 26 Nov 2022 22:03:52 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash d4efc6c0ee491982cd748f5661ea7a97
aa6cf94645fc218ede4ab3a7deaf336b57c7d155
47e269c39f1cf2d0e0bdf49f6ced1394f80fb07cb4288b8d0cd1a1adf9546f24
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 22:03:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S905973016%3A1669500232716371&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu6O-Jj0XjjHfaE6JR-HBbS-zkquKGwWP8HBXQW7D-Z5nSeRZfuYOPIPJwzhjlGJ_S4DPbiqw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-PTavI7s5dyJXGmOJqkzQKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:-RJtpqXadvimhwOei8xVblBjIfSR3Q:N_R9KZYVFj02blRR;Path=/;Expires=Mon, 25-Nov-2024 22:03:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 429bbf337f75ea04cdab0e6900521d77
e55883c6f183050d009ef28726290dc6e88c832a
f3978612d36910e11274530e00b41193f3ea99be21a6d65fd2a0303629e128e0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 22:03:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1089571237%3A1669500232757391&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvBiGYjaqL0qRCsC1-5yed9UaW1HBFauzexLWVZZSoAFjGmbTcOzc6oGZgQgiZzrKKxmTl2Vg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-vilNhCIgBXYc4Kp248tzwg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:ch7n8e0CgGLGz9tEb2RY_UnhPC1jsA:dRSGcO5MY6Wx6rJG;Path=/;Expires=Mon, 25-Nov-2024 22:03:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae452333438465bef0a71a80768855a0
dae89646a66487e12b6dba40b7796c4b608506bd
dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:52 GMT
Last-Modified: Sat, 26 Nov 2022 20:29:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
friendshipmale.com/sfp.js
104.21.234.92200 OK 29 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 0258d71978d8bcea3e56e7b678b3c296
d398cc231d3545d7b2fef64e49a666255e8ec0ec
079df9b306bd9ca830d9d18a8b68e11bdce3adfb568f87df6dd634c8d73668b9
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d3980ab9835fc823c04b09c1545d48ae
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 22:03:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pxMWD1l1mbCSpDXLyZaYZd0WlxDwGc5NBZ2kdfdaUfNHYHyF58xMv4IzhHkqaEtIqrRDrqdnSJroFG2tu370P7EbD0vOTcgs4vx4wzu1XM1CyFdV1mqta5h6UcgBkM1ztpUs9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaa4e889886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0285adfe1c03ece15941876c3655519
ad3012f2c06e7d5e0036026aac114da29db4e2a3
28d1729de2f16e8b2feec61b058f0953920c3d5713fc8f25af3ee9f6b6f79c3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D1729DE2F16E8B2FEEC61B058F0953920C3D5713FC8F25AF3EE9F6B6F79C3B"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3503
Expires: Sat, 26 Nov 2022 23:02:16 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c0748d6b73f44e551a70bbd351fa44b
938677b2f0d2152ebb028c00d095492d4946d2ee
4e3fa15077f57b5966d4b60f2a856c9defe22ad657f6374387c83d8afe466861
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E3FA15077F57B5966D4B60F2A856C9DEFE22AD657F6374387C83D8AFE466861"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11520
Expires: Sun, 27 Nov 2022 01:15:53 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17201
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17201
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17201
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17201
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=41a11c95-3fa1-439d-b4c3-385b61698288&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=41a11c95-3fa1-439d-b4c3-385b61698288&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=41a11c95-3fa1-439d-b4c3-385b61698288&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 22:03:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbc576f702144b102a678daa9f9fa498
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17201
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 1299
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 1299
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 874
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 1299
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
age: 1299
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 10:16:33 GMT
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
age: 42440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tallysaturatesnare.com/sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=41a11c95-3fa1-439d-b4c3-385b61698288%3A3%3A1
173.233.139.164200 OK 4.2 kB URL HTTP/1.1 tallysaturatesnare.com/sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=41a11c95-3fa1-439d-b4c3-385b61698288%3A3%3A1
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (5791), with no line terminators
Hash fed402919150a35342fcd236827ea2c9
12f0267f49a848a8b776099dc1f8036cb449787e
3d50daa964eecd59c3cc9ed3608d4f7bb887a0e5bfe142c62ed0be07c5edd06e
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=41a11c95-3fa1-439d-b4c3-385b61698288%3A3%3A1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:53 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://exee.app
Access-Control-Allow-Origin: https://exee.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17869332; expires=Sun, 27 Nov 2022 22:03:53 GMT; secure; SameSite=None
uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; expires=Sat, 03 Dec 2022 22:03:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 22:03:53 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 22:03:53 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 27 Nov 2022 22:03:53 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 27 Nov 2022 22:03:53 GMT; secure; SameSite=None
slecf585f65c6c65123b95dd09be324de3bb=[3760951]; expires=Sat, 26 Nov 2022 22:03:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20052483de5538ed888945214b8f4148
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0b22265adf4fd99a7235ed0ac7add76f
d23fa4d3a7b6d8f52656040c4d63c4d8a832c468
67ca414c8555f4757545f05b38ac55c7e3d98d40fee3c291059a04ae2028421c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4473
Cache-Control: max-age=164154
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:03:53 GMT
Etag: "63825a0a-116"
Expires: Mon, 28 Nov 2022 19:39:47 GMT
Last-Modified: Sat, 26 Nov 2022 18:25:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcxRfHZxP%2Fmh9NQGkoQCdEARI%2B797e3t2SIsKEIIsktpIg086%2FPU88t7Oa2b09WwJZiYRSgHQoDeX6e%2F4jQoSIRAkCnSmILCHlKJALXNDSIIFSUKGzT7J4xb739vOK9%2F2%2B%2BXi7OCY%2BCnq0ct1sKq3pQlT3a6%2BtqlSY0tVu3K4Fft2%2FVFtVaat5qTaYfmz%2FzcCP6v7rtXclXzcLDT%2Fw%2FcAPaleVlYkZLJxQqOxRHNRjv95s1IOoiYH9b%2B8KD456EP1j8gKUmPxv7cljKD5G2vv6inTrucneeKdXaJobi77Yfz9dT02ZondWJtZDku7PpmHchJDPz8Gk%2BzMFMP2dqQIwNSHerwFYuj9bE6y%2Fe7op05ApmHgOZX8MqcdQdAxu7kGJpwTgAjeWkfb2bhhb0o1TSqd0Quae%2FQVVTsjcbxeR9r5a1GpQu2V0kSuTOgySCmowhuqOkRUHyDc9qPIAPL8LJX4mC8%2BuIe3tLDttoMTRq82ABgGPo%2FkwocF8M4zFPGvycD7sRKwVtOJOo9M5sUipMVQyhpZDUHcehfNQKA9F4qHIPPTEUY1GceL77YQlYdhpcs7DkPOo0xKRCJudxEfBpxqGyLMhuB6C2y1kdgvraghb%2FAC3VsEJDy4n6IsKpSQoHUFJCUpFUOYEZb%2FaFdo1XLUntCtYMMuNWQ6rkcm723TX5F2Zku3smDw%2FNc678PAi1uVRLYk6UdKKeIu3oqARsjgSwo%2BZDBtNIUPG4FQF5c6BOg%2BbakLOf%2FgHMjUh5xYXwOgBnD4AV6%2BAFi%2BBlqN2wwddGzU7PjbTPTmQdWUgTIUsn0O%2B4W3rY%2FLiyeli3obkh5f%2FfpB%2Fe%2Bejf8BthcxWuKN%2BJOjq%2B6ObpiQ7N03pyOPlLFc9tUmnZ72V01zOPXxPbpTGiqUrbvjFW3wKpuWj29Ll12gqVNp15MtFJYS0V43lkny35FYlWync2mJh0yK7tvL21aVeZqVzyqRjUPW0%2FQBcTcj%2Fr2%2BdPNiXP3kCZcewRYVecUhmAWUOwLMtuOzw8u%2F9n76JP7gAZwisPpthmYeyqEa2wc5%2BakWg5VlPWQUnzyxg8vD7P0%2FZtruPrvVA83tIexX6tkJfV6B6CFecH%2BWZPbz8S3gSYNobMW29Haat%2FuzUWqeOajJK%2FET6DcmSmCVt6os4acaMxoFss4gGyN2E3%2F106V8AAAD%2F%2FwEAAP%2F%2FcffPVIgEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcxRfHZxP%2Fmh9NQGkoQCdEARI%2B797e3t2SIsKEIIsktpIg086%2FPU88t7Oa2b09WwJZiYRSgHQoDeX6e%2F4jQoSIRAkCnSmILCHlKJALXNDSIIFSUKGzT7J4xb739vOK9%2F2%2B%2BXi7OCY%2BCnq0ct1sKq3pQlT3a6%2BtqlSY0tVu3K4Fft2%2FVFtVaat5qTaYfmz%2FzcCP6v7rtXclXzcLDT%2Fw%2FcAPaleVlYkZLJxQqOxRHNRjv95s1IOoiYH9b%2B8KD456EP1j8gKUmPxv7cljKD5G2vv6inTrucneeKdXaJobi77Yfz9dT02ZondWJtZDku7PpmHchJDPz8Gk%2BzMFMP2dqQIwNSHerwFYuj9bE6y%2Fe7op05ApmHgOZX8MqcdQdAxu7kGJpwTgAjeWkfb2bhhb0o1TSqd0Quae%2FQVVTsjcbxeR9r5a1GpQu2V0kSuTOgySCmowhuqOkRUHyDc9qPIAPL8LJX4mC8%2BuIe3tLDttoMTRq82ABgGPo%2FkwocF8M4zFPGvycD7sRKwVtOJOo9M5sUipMVQyhpZDUHcehfNQKA9F4qHIPPTEUY1GceL77YQlYdhpcs7DkPOo0xKRCJudxEfBpxqGyLMhuB6C2y1kdgvraghb%2FAC3VsEJDy4n6IsKpSQoHUFJCUpFUOYEZb%2FaFdo1XLUntCtYMMuNWQ6rkcm723TX5F2Zku3smDw%2FNc678PAi1uVRLYk6UdKKeIu3oqARsjgSwo%2BZDBtNIUPG4FQF5c6BOg%2BbakLOf%2FgHMjUh5xYXwOgBnD4AV6%2BAFi%2BBlqN2wwddGzU7PjbTPTmQdWUgTIUsn0O%2B4W3rY%2FLiyeli3obkh5f%2FfpB%2Fe%2Bejf8BthcxWuKN%2BJOjq%2B6ObpiQ7N03pyOPlLFc9tUmnZ72V01zOPXxPbpTGiqUrbvjFW3wKpuWj29Ll12gqVNp15MtFJYS0V43lkny35FYlWync2mJh0yK7tvL21aVeZqVzyqRjUPW0%2FQBcTcj%2Fr2%2BdPNiXP3kCZcewRYVecUhmAWUOwLMtuOzw8u%2F9n76JP7gAZwisPpthmYeyqEa2wc5%2BakWg5VlPWQUnzyxg8vD7P0%2FZtruPrvVA83tIexX6tkJfV6B6CFecH%2BWZPbz8S3gSYNobMW29Haat%2FuzUWqeOajJK%2FET6DcmSmCVt6os4acaMxoFss4gGyN2E3%2F106V8AAAD%2F%2FwEAAP%2F%2FcffPVIgEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcxRfHZxP%2Fmh9NQGkoQCdEARI%2B797e3t2SIsKEIIsktpIg086%2FPU88t7Oa2b09WwJZiYRSgHQoDeX6e%2F4jQoSIRAkCnSmILCHlKJALXNDSIIFSUKGzT7J4xb739vOK9%2F2%2B%2BXi7OCY%2BCnq0ct1sKq3pQlT3a6%2BtqlSY0tVu3K4Fft2%2FVFtVaat5qTaYfmz%2FzcCP6v7rtXclXzcLDT%2Fw%2FcAPaleVlYkZLJxQqOxRHNRjv95s1IOoiYH9b%2B8KD456EP1j8gKUmPxv7cljKD5G2vv6inTrucneeKdXaJobi77Yfz9dT02ZondWJtZDku7PpmHchJDPz8Gk%2BzMFMP2dqQIwNSHerwFYuj9bE6y%2Fe7op05ApmHgOZX8MqcdQdAxu7kGJpwTgAjeWkfb2bhhb0o1TSqd0Quae%2FQVVTsjcbxeR9r5a1GpQu2V0kSuTOgySCmowhuqOkRUHyDc9qPIAPL8LJX4mC8%2BuIe3tLDttoMTRq82ABgGPo%2FkwocF8M4zFPGvycD7sRKwVtOJOo9M5sUipMVQyhpZDUHcehfNQKA9F4qHIPPTEUY1GceL77YQlYdhpcs7DkPOo0xKRCJudxEfBpxqGyLMhuB6C2y1kdgvraghb%2FAC3VsEJDy4n6IsKpSQoHUFJCUpFUOYEZb%2FaFdo1XLUntCtYMMuNWQ6rkcm723TX5F2Zku3smDw%2FNc678PAi1uVRLYk6UdKKeIu3oqARsjgSwo%2BZDBtNIUPG4FQF5c6BOg%2BbakLOf%2FgHMjUh5xYXwOgBnD4AV6%2BAFi%2BBlqN2wwddGzU7PjbTPTmQdWUgTIUsn0O%2B4W3rY%2FLiyeli3obkh5f%2FfpB%2Fe%2Bejf8BthcxWuKN%2BJOjq%2B6ObpiQ7N03pyOPlLFc9tUmnZ72V01zOPXxPbpTGiqUrbvjFW3wKpuWj29Ll12gqVNp15MtFJYS0V43lkny35FYlWync2mJh0yK7tvL21aVeZqVzyqRjUPW0%2FQBcTcj%2Fr2%2BdPNiXP3kCZcewRYVecUhmAWUOwLMtuOzw8u%2F9n76JP7gAZwisPpthmYeyqEa2wc5%2BakWg5VlPWQUnzyxg8vD7P0%2FZtruPrvVA83tIexX6tkJfV6B6CFecH%2BWZPbz8S3gSYNobMW29Haat%2FuzUWqeOajJK%2FET6DcmSmCVt6os4acaMxoFss4gGyN2E3%2F106V8AAAD%2F%2FwEAAP%2F%2FcffPVIgEAAA%3D HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 093fd3861b809d332e524c03d33f9277
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9542
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
172.67.74.218200 OK 6.5 kB URL HTTP/2 cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
IP 172.67.74.218:0
File type HTML document text\012- HTML document, ASCII text
Hash 84c607bd4f1bdaa767bf2c003af9253b
a41fdd763940c69f9e225a69dd61cb5cef9f2833
fd54aa2d8b5f5212ac340f34a0a32b0b2059a65e322e70083c06f5748abc1b32
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 363887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UguS%2BDEV%2F3Q1oEQwnbsKVCr82BP9af3CIOGsunkqmpJ%2FuVUnGHY3OyfNlQR1rVJwrYB6tzUdDJ0Ek9bBaJJR6e3T5rjb3320FVKQOhg%2FjoF%2F1krljCdCsDZiIKfS2SR81%2Fmb3Eo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaac9c08b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=44
173.233.139.164200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=44
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=44 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9542
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 22:03:53 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png
172.64.109.13200 OK 175 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png
IP 172.64.109.13:0
File type PNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data
Size 175 kB (174730 bytes)
Hash 85bc2f8a287afa33ac84c90178055d00
c98e7ebd06397a77a20607f55fe4ebf1b57ca334
85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30
GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 648478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qhW0sVwPUKdSKVe4pxQclwObBotdiZ9%2F8rZieehEcpCEj6dswsKNHJU9278Q1i6Dz7UmZfFeSGRz3Hdc7YB2TIcA%2Bt5JaPIYEqQ%2FKY4GzPnRj5jYIll0VT2tfsr%2BRcIUyfTheYPusb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaad78d17738-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=104
173.233.139.164200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=104
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=104 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css
172.64.109.13200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css
IP 172.64.109.13:0
Hash 7d924b546cf98fcbbe1f1a66415efde9
8e0a8461aeb82f933769ab0e9fa69499aa974b35
634a2180f3499f5a77e19fd106d0521148296f7fb5baa3c57701d284d9279df7
GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 230002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy6wQprxePVOeWZOh9kk1R5qa%2B9Cf6zs0v9YFyi%2FBePRdvbhbLIBY0OBGA5pUYUaskgc%2FBXyJApcMXGzqZpy9PlCZCAQqOeILo%2Bi00GI5HyVew1o5vKf9%2B%2FlxUNdg36kUZR5RrvODUps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaad48877738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=36
173.233.139.164200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=36
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=36 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 268186
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 270605
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P9XX5eouTiQRnEg4I72z3dPdNtDsE1RhbzjyQSr%2FWvdytb09VUdU9PFpQlAclBYSQXj73f2WQxBjHgUVFmPRgWhIwH2YN78OpFUHLwJLM7sPgO%2Fd7rzzu87%2FfVx1vVAfFR0f0rF82G0pouxW2%2F9doNlQtTu9al663Ab%2FtnWjdU3o3OtIazjx28Gfhx23%2B99a7k62ap4we%2BH%2FhB67yyMjPDpUMKVTxKg3bqt6NOO4gjDO1%2Fe1d5cNSDGByQF6DE9H9rTx5D8Qny%2FtfnpFsvTfHGO%2F1K09JYDMTO%2B%2Fl6buoc%2FeMysx6yfGc%2BDeOmhHx%2BAibfmSuAGWzPFICpKfF%2BDcDynfmaYIP7R5syDZmDiedQDyaQegJFJ%2BDmDpR4SgAucOky8v6DS8bW9NYRpTM6JQvP%2FoKqp2Tht9PI%2B18tazVsXTO6KpXJHYZZAzWcQK1OUFS7KDc8qHoXvLwNJX4mS88uIO9vX3baQIn9V6OABgFP48Uwo8FiFKZikUU8XAyTmHWDbpp0kuTQIqUmUNkEWo5A3UlUzkOlPFSZh6rw0Bf7LRqnme%2F3MpaFYRJxzsOQ8zjpiliEUZL5qPhMwwhlMQLXI3C7icJuYl2NYKsf4NYaOOHBlQQD0aCWBLUjqClBrQjqkqAeNPeFdh3XPBDaVSyY5848h83YlKtb9L4pV2VOtooD8vzMOO%2FUw9NYl%2FutLE7irBvzLu%2FGQSdkaSyEnzIZdiIhQ8bgVAPlToA6DxtqSk5%2B%2BAcKNSUnlpfA6C6c3gVXr4BWL4HW417HB10bR4mPjfyBHMq2MhCmQVEuoLzlbekD8uLh6VLeg%2BR7Z%2F%2B%2BV35786N%2FwG2Dwja4qX4kWNV3x1dNTbavmtqRx5eLUvXVBp2d9VpJS7nw8D15qzZWrJxzoy%2Fe4jMwKx9dl668QHOh8lVHvlxWQkh73lguyXcr7oZkVyq3tlzZvCouXHn7%2FEq%2FsNI5ZfIJqHrauweupuT%2FFzcPH%2BzLnzyBshPYqkG%2F2iPzgDK74MUmXLF39vfBT9%2BkH5yCMwRWH8%2BwwkNdNWPbYcc%2FtSLQ8rinrIGTxxYwuff9n0dsy93FqvVAyzvI%2Bw0GtsFAN6B6BFedHJeF3Tv7S3gYYNobM229baat%2FuzIWqf2W3EQyYQlPS4Ek1wEvU6YhL7fESLqpTJIUbopv%2F3pyr8AAAD%2F%2FwEAAP%2F%2FZf9BsogEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P9XX5eouTiQRnEg4I72z3dPdNtDsE1RhbzjyQSr%2FWvdytb09VUdU9PFpQlAclBYSQXj73f2WQxBjHgUVFmPRgWhIwH2YN78OpFUHLwJLM7sPgO%2Fd7rzzu87%2FfVx1vVAfFR0f0rF82G0pouxW2%2F9doNlQtTu9al663Ab%2FtnWjdU3o3OtIazjx28Gfhx23%2B99a7k62ap4we%2BH%2FhB67yyMjPDpUMKVTxKg3bqt6NOO4gjDO1%2Fe1d5cNSDGByQF6DE9H9rTx5D8Qny%2FtfnpFsvTfHGO%2F1K09JYDMTO%2B%2Fl6buoc%2FeMysx6yfGc%2BDeOmhHx%2BAibfmSuAGWzPFICpKfF%2BDcDynfmaYIP7R5syDZmDiedQDyaQegJFJ%2BDmDpR4SgAucOky8v6DS8bW9NYRpTM6JQvP%2FoKqp2Tht9PI%2B18tazVsXTO6KpXJHYZZAzWcQK1OUFS7KDc8qHoXvLwNJX4mS88uIO9vX3baQIn9V6OABgFP48Uwo8FiFKZikUU8XAyTmHWDbpp0kuTQIqUmUNkEWo5A3UlUzkOlPFSZh6rw0Bf7LRqnme%2F3MpaFYRJxzsOQ8zjpiliEUZL5qPhMwwhlMQLXI3C7icJuYl2NYKsf4NYaOOHBlQQD0aCWBLUjqClBrQjqkqAeNPeFdh3XPBDaVSyY5848h83YlKtb9L4pV2VOtooD8vzMOO%2FUw9NYl%2FutLE7irBvzLu%2FGQSdkaSyEnzIZdiIhQ8bgVAPlToA6DxtqSk5%2B%2BAcKNSUnlpfA6C6c3gVXr4BWL4HW417HB10bR4mPjfyBHMq2MhCmQVEuoLzlbekD8uLh6VLeg%2BR7Z%2F%2B%2BV35786N%2FwG2Dwja4qX4kWNV3x1dNTbavmtqRx5eLUvXVBp2d9VpJS7nw8D15qzZWrJxzoy%2Fe4jMwKx9dl668QHOh8lVHvlxWQkh73lguyXcr7oZkVyq3tlzZvCouXHn7%2FEq%2FsNI5ZfIJqHrauweupuT%2FFzcPH%2BzLnzyBshPYqkG%2F2iPzgDK74MUmXLF39vfBT9%2BkH5yCMwRWH8%2BwwkNdNWPbYcc%2FtSLQ8rinrIGTxxYwuff9n0dsy93FqvVAyzvI%2Bw0GtsFAN6B6BFedHJeF3Tv7S3gYYNobM229baat%2FuzIWqf2W3EQyYQlPS4Ek1wEvU6YhL7fESLqpTJIUbopv%2F3pyr8AAAD%2F%2FwEAAP%2F%2FZf9BsogEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P9XX5eouTiQRnEg4I72z3dPdNtDsE1RhbzjyQSr%2FWvdytb09VUdU9PFpQlAclBYSQXj73f2WQxBjHgUVFmPRgWhIwH2YN78OpFUHLwJLM7sPgO%2Fd7rzzu87%2FfVx1vVAfFR0f0rF82G0pouxW2%2F9doNlQtTu9al663Ab%2FtnWjdU3o3OtIazjx28Gfhx23%2B99a7k62ap4we%2BH%2FhB67yyMjPDpUMKVTxKg3bqt6NOO4gjDO1%2Fe1d5cNSDGByQF6DE9H9rTx5D8Qny%2FtfnpFsvTfHGO%2F1K09JYDMTO%2B%2Fl6buoc%2FeMysx6yfGc%2BDeOmhHx%2BAibfmSuAGWzPFICpKfF%2BDcDynfmaYIP7R5syDZmDiedQDyaQegJFJ%2BDmDpR4SgAucOky8v6DS8bW9NYRpTM6JQvP%2FoKqp2Tht9PI%2B18tazVsXTO6KpXJHYZZAzWcQK1OUFS7KDc8qHoXvLwNJX4mS88uIO9vX3baQIn9V6OABgFP48Uwo8FiFKZikUU8XAyTmHWDbpp0kuTQIqUmUNkEWo5A3UlUzkOlPFSZh6rw0Bf7LRqnme%2F3MpaFYRJxzsOQ8zjpiliEUZL5qPhMwwhlMQLXI3C7icJuYl2NYKsf4NYaOOHBlQQD0aCWBLUjqClBrQjqkqAeNPeFdh3XPBDaVSyY5848h83YlKtb9L4pV2VOtooD8vzMOO%2FUw9NYl%2FutLE7irBvzLu%2FGQSdkaSyEnzIZdiIhQ8bgVAPlToA6DxtqSk5%2B%2BAcKNSUnlpfA6C6c3gVXr4BWL4HW417HB10bR4mPjfyBHMq2MhCmQVEuoLzlbekD8uLh6VLeg%2BR7Z%2F%2B%2BV35786N%2FwG2Dwja4qX4kWNV3x1dNTbavmtqRx5eLUvXVBp2d9VpJS7nw8D15qzZWrJxzoy%2Fe4jMwKx9dl668QHOh8lVHvlxWQkh73lguyXcr7oZkVyq3tlzZvCouXHn7%2FEq%2FsNI5ZfIJqHrauweupuT%2FFzcPH%2BzLnzyBshPYqkG%2F2iPzgDK74MUmXLF39vfBT9%2BkH5yCMwRWH8%2BwwkNdNWPbYcc%2FtSLQ8rinrIGTxxYwuff9n0dsy93FqvVAyzvI%2Bw0GtsFAN6B6BFedHJeF3Tv7S3gYYNobM229baat%2FuzIWqf2W3EQyYQlPS4Ek1wEvU6YhL7fESLqpTJIUbopv%2F3pyr8AAAD%2F%2FwEAAP%2F%2FZf9BsogEAAA%3D HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=41a11c95-3fa1-439d-b4c3-385b61698288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 22:03:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e22951a303a8add4b58d98334abdfc3f
Strict-Transport-Security: max-age=0; includeSubdomains
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3963
last-modified: Sat, 26 Nov 2022 20:57:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep3401I6G2a6fxmVuct9LDX5VpqehluaREs7kgoRGsNKfV%2Fr3i6qg%2F5HIvTTwhrfzbbcY14cjyppxwWb%2FtYQe3nXmmXZTp%2BS04L2icmsug5W2ZLs8%2FdyShpLsSh%2FgGMH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaa0ae4506c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: text/plain
set-cookie: csu=265496440536497@1@1669500231; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXrCTaCH5gw4lIX1ZSBglq0U%2FG%2FYfi4tbewXogxFqMjiDViguoR7kkZ6opON1bxNc3d77wb2qNkZMfCt1zwlBf3mGcX0us%2Bk%2BiGCVKNE64foMcMYCLe8xr7I34HbXeDg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705eaa0eeb306c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S905973016%3A1669500232716371&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu6O-Jj0XjjHfaE6JR-HBbS-zkquKGwWP8HBXQW7D-Z5nSeRZfuYOPIPJwzhjlGJ_S4DPbiqw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S905973016%3A1669500232716371&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu6O-Jj0XjjHfaE6JR-HBbS-zkquKGwWP8HBXQW7D-Z5nSeRZfuYOPIPJwzhjlGJ_S4DPbiqw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S905973016%3A1669500232716371&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu6O-Jj0XjjHfaE6JR-HBbS-zkquKGwWP8HBXQW7D-Z5nSeRZfuYOPIPJwzhjlGJ_S4DPbiqw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 22:03:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-OMhdfKbiftAA1UY7l7jJTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js
IP 172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 648478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LE2XggvMu0CmtGfrOB%2BIYO7Hj4fRIVEKXS3Hk07hpYC9YzCvdgrmmj%2FkisyvlcDgUKZ7fRJ17UFasjrdWMYCoQChs2DQiP4OhhFyxKqBLQUP9Oln0q7lV1qPOL542RTqJjJU6rScQdAQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaad78d47738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 22:03:51 GMT
date: Sat, 26 Nov 2022 22:03:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3963
last-modified: Sat, 26 Nov 2022 20:57:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4AcjkDv32VzLOC9GzFO4n8kCCwATLMe1Y0PkwhVpc9FdM1Pi%2B87%2F9v9w%2FxbmJrW9da3Dm2tNyitqECL1Lce8HnwCFjPiVIwtzhklDfrMZzAzIP9BeaYyPhyr897sit6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaa0ae4106c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
IP 172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 230002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw4VQmt7HKTtfsNsgAdcR8rAJ8wxIHBaDMc5ZpJ3y1ZVVzQJoY7FtVmcdM1%2B95BMv61kldY1JGEbAQ2%2FaEN707LxjjsdIEn8oyRbCnS8DWkVKXFN6BWYtEP2H00TTB7v9zBKeLSgLojL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaadf9947738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
IP 172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:53 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 230002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AODFIxXIqxqiI%2BudIpO0eTPs9OP0tYj6svei6FQdKKP%2Bk%2FS75KVgzGwWSwPBgtgGFenYD2xk%2FXBPPbOqS5%2BFsoiGQYBKk5pQraj4SkuVTVmPmTDrCfsKXDImmCLy7YK%2FkHq4cHIwWV0k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705eaad38617738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
172.67.149.153200 OK 0 B URL HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:03:51 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rcZfpx3%2FugvQpn2kEbYTNd3RkZRFcy2sfeou244edvJ%2B8FqYBGkQgArPk8jZoCLIQQJ%2FqweZuz6FMuX9i2iOebhzVLhiVP7RtC5zIWljh%2FhJzcmW5M%2Bmd8c%2FXeKBx9zTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705ea9feabab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2