exe.io/m6omTeKR
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m6omTeKR HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 09:25:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 10:25:20 GMT
Location: https://exe.io/m6omTeKR
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GR4t8g2UrAIORhk7NQF%2Bc%2BxEBFX1kLmQl%2F%2BPCXWfuENIyNT4cISLDwo5FFZYLJoQQRg9GFVsvu3kOR5LMgaSROKermpMqs7m0ybPHSVM7OYL36ovnvnBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748f5b02aff8fab4-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 09:08:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zVgU68SLAyZ4yTXVadbuwTdk4Oo79VX2bmYsteTEnHhyN2nw2DjC2w==
Age: 1026
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5727
Expires: Sun, 11 Sep 2022 11:00:47 GMT
Date: Sun, 11 Sep 2022 09:25:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HmNw3A2jFbmNW8kjTt2T1NxdduJWMVGMDzhWMLATfKMCuj7eH5dJIQ==
age: 7688
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fea5e8d0ac9c64a447e683c376f0a6d4
3a2c207de014e3472a0137c6e2c47320d89fe9c3
5a5d6c528c6f43fed5a5938f686bc0b6e3712eebd59b948c994e0f0d829dd199
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A5D6C528C6F43FED5A5938F686BC0B6E3712EEBD59B948C994E0F0D829DD199"
Last-Modified: Sun, 11 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6085
Expires: Sun, 11 Sep 2022 11:06:46 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-135952122-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP
File type ASCII text, with very long lines (1615)
Hash 8e9feac827298f7119db947a2269f1d0
05f9309a6b128434390e149a34ea1cf7b4683c79
0bf41f3b95b04a8388a395f3e757eeb2165fa99027ffbd3c7daaf838cbb45713
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 09:25:21 GMT
expires: Sun, 11 Sep 2022 09:25:21 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nh.eugeniecor.com/1clkn/29529
200 OK 26 B URL HTTP/1.1 nh.eugeniecor.com/1clkn/29529
IP
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/29529 HTTP/1.1
Host: nh.eugeniecor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 09:25:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 12-Sep-2022 09:25:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 12-Sep-2022 09:25:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exe.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 19:07:15 GMT
expires: Tue, 05 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 483486
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exe.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 435260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3277
Expires: Sun, 11 Sep 2022 10:19:58 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3277
Expires: Sun, 11 Sep 2022 10:19:58 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7564
Expires: Sun, 11 Sep 2022 11:31:25 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 09:23:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4H0t_LMRwRY9ndxqE5EhTEdZShG6aMbhihsHK-PjAvEBrYBS09tfMg==
Age: 1754
pectthatmye.shop/utx?cb=or08MkfUBvgp&top=exe.app&tid=822524
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=or08MkfUBvgp&top=exe.app&tid=822524
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=or08MkfUBvgp&top=exe.app&tid=822524 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exe.app
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exe.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 09:26:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7Ml3DSfnl8dwwxWzn0G-qlZv-6Vc6NmBs_eWjGYqL7VR5O6GIaOAcA==
X-Firefox-Spdy: h2
pectthatmye.shop/UlI0S2ozMFcmVTNvVm0fID4JblgUdwYNDmFjRCNSNDRAKV4gYUxlCT49QS8MID1aP0Q8N0BuWBQ4enoCGQBjAT8cK2UhMgcfTAcEOjN2HBp3YHIvWwsAeSEBIxZxLwYRAQ0ZCAYfQQ8pIR1zGCM9GF8oBTAWcRI/YAQCEh1nBXoiW2YAcgJYGQpcHy8GOUEBW2oWUiFeYxZiMwYfEXkSPQE5TQcNHBV4HB0lE0MkWxgGDAc9KANGEiwQKlYcOGMAQx0FCzgFHyg8YwEJWjEUVQgzIRZxAg0wYVAYPmAQDAwGAxZSEwEaAEMdBR0WegMoED5OKFolGlccR2thYScraxlnfyQXP1sGDmMbcyoiImJhLDBrN3weLwo7Wz0jJWNkLTI1FmM8LGA3WQYyET9fbQAhPVo7VxE4BxEBNht9cis6P3A7Gg
200 OK 1.2 kB URL HTTP/2 pectthatmye.shop/UlI0S2ozMFcmVTNvVm0fID4JblgUdwYNDmFjRCNSNDRAKV4gYUxlCT49QS8MID1aP0Q8N0BuWBQ4enoCGQBjAT8cK2UhMgcfTAcEOjN2HBp3YHIvWwsAeSEBIxZxLwYRAQ0ZCAYfQQ8pIR1zGCM9GF8oBTAWcRI/YAQCEh1nBXoiW2YAcgJYGQpcHy8GOUEBW2oWUiFeYxZiMwYfEXkSPQE5TQcNHBV4HB0lE0MkWxgGDAc9KANGEiwQKlYcOGMAQx0FCzgFHyg8YwEJWjEUVQgzIRZxAg0wYVAYPmAQDAwGAxZSEwEaAEMdBR0WegMoED5OKFolGlccR2thYScraxlnfyQXP1sGDmMbcyoiImJhLDBrN3weLwo7Wz0jJWNkLTI1FmM8LGA3WQYyET9fbQAhPVo7VxE4BxEBNht9cis6P3A7Gg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash 982325f158374e1659b3e44616799f42
28e5e06b4567ccc123635bf506126266bce708ea
9f8ab95887d3d0cf7c0b5be47e8abeb147833fe8026b539a188f6fc66d7e868c
GET /UlI0S2ozMFcmVTNvVm0fID4JblgUdwYNDmFjRCNSNDRAKV4gYUxlCT49QS8MID1aP0Q8N0BuWBQ4enoCGQBjAT8cK2UhMgcfTAcEOjN2HBp3YHIvWwsAeSEBIxZxLwYRAQ0ZCAYfQQ8pIR1zGCM9GF8oBTAWcRI/YAQCEh1nBXoiW2YAcgJYGQpcHy8GOUEBW2oWUiFeYxZiMwYfEXkSPQE5TQcNHBV4HB0lE0MkWxgGDAc9KANGEiwQKlYcOGMAQx0FCzgFHyg8YwEJWjEUVQgzIRZxAg0wYVAYPmAQDAwGAxZSEwEaAEMdBR0WegMoED5OKFolGlccR2thYScraxlnfyQXP1sGDmMbcyoiImJhLDBrN3weLwo7Wz0jJWNkLTI1FmM8LGA3WQYyET9fbQAhPVo7VxE4BxEBNht9cis6P3A7Gg HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Sun, 11 Sep 2022 09:25:21 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DZ24GnES9rSEgbWcPa63HZzPjvrhZ9SF3rzNFOsQg15rNicwQupaNw==
X-Firefox-Spdy: h2
pectthatmye.shop/utx?cb=fxUF7Om11h0o&top=exe.app&tid=889494
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=fxUF7Om11h0o&top=exe.app&tid=889494
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fxUF7Om11h0o&top=exe.app&tid=889494 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exe.app
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exe.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 09:26:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YDT7gu2Rp4svxou_Vf4uIucyG9oe1HmhQD1WEjogRoGX58i6m7WrcA==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3277
Expires: Sun, 11 Sep 2022 10:19:58 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
lcreatessque.xyz/ZWswSjNKVFM5DgQBdgxkDyFWC10nAXEcQCIIZ3J0PQxyMFESIhY+WgFWCHIKUVIEbEMMDw17FRYfUT5GFlYBbFoLDV93FRNWAWQAUUUCch1UTUV3AkMfQCtUWFoWOkcRBw17BVNZCHILVloAfQNU
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/ZWswSjNKVFM5DgQBdgxkDyFWC10nAXEcQCIIZ3J0PQxyMFESIhY+WgFWCHIKUVIEbEMMDw17FRYfUT5GFlYBbFoLDV93FRNWAWQAUUUCch1UTUV3AkMfQCtUWFoWOkcRBw17BVNZCHILVloAfQNU
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZWswSjNKVFM5DgQBdgxkDyFWC10nAXEcQCIIZ3J0PQxyMFESIhY+WgFWCHIKUVIEbEMMDw17FRYfUT5GFlYBbFoLDV93FRNWAWQAUUUCch1UTUV3AkMfQCtUWFoWOkcRBw17BVNZCHILVloAfQNU HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cujXunjWYl%2BjnTBo4klW6KN6uHz6%2F189f8C7HHH3Od64s%2BWF%2Bl31zqqN14p8ASW7cYSVCHCJup6%2Fe1bEQBUqhqCPLtTTCZ9OQWny6GPqrGJVzrglg5IBLOclQ3%2BV0wxOgWn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b091cd60b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lcreatessque.xyz/b3NNVWRATC4mWQo0PTgGOjkAAjI9ES4QUQ4mC2AeO0IDAzMBJmshDQtOdWdWWkF5cxQGF3BkQhwHLCERHE58cw0BFSJoQhlOfHtXW11/bUpeVThoVUkHPTQDUkJrJRAbH3BkUllBdW1cXEJ9Y1BX
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/b3NNVWRATC4mWQo0PTgGOjkAAjI9ES4QUQ4mC2AeO0IDAzMBJmshDQtOdWdWWkF5cxQGF3BkQhwHLCERHE58cw0BFSJoQhlOfHtXW11/bUpeVThoVUkHPTQDUkJrJRAbH3BkUllBdW1cXEJ9Y1BX
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b3NNVWRATC4mWQo0PTgGOjkAAjI9ES4QUQ4mC2AeO0IDAzMBJmshDQtOdWdWWkF5cxQGF3BkQhwHLCERHE58cw0BFSJoQhlOfHtXW11/bUpeVThoVUkHPTQDUkJrJRAbH3BkUllBdW1cXEJ9Y1BX HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fm1Ad7Tg7FfwmxivHi8Qz4SR3y2HyZE4kKuQczCmXTfyyeY5w%2FJcTEJyxwHjetVamu8BMSQFPS6LQDcm8ilN%2F2%2FGnMrd0fXyg%2BQc9ZM5nlKKE7X9Aaj1GeBP%2BhdHH37E9ZkI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b091cd10b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pectthatmye.shop/WVpOR0s4OC0qdDhnLGE+KzZzYnkff3wBL2prPi9zPzw6JX8raTZpKDU1OyMtKzUgM2U3PzpieR8/GykZLQAaJDMeLQMDCBoDKgQdPgovLHoDAg8JexEyegwcChAEBhobMR4CBQ8XKRIsFDYhBA4KAwEEHT4SKgUsFBl/BT0MPSkLHR5jCBQ8Cw4DAicDC34KIh4tFB4fDQsBBjMLCgEVHjofDAIlHwwPDhwaPSoGGjUNKncSKw8MKyIMDHcRAyAqCB8OGB8LAQ0/DBg0fB4yKSMONBgLAR1pGAoSAQMLDxYaDAx3ERkKCBwfIggVFAE7PQ4MDSwLG2MoCg8eJSUYHz42Hg4LORgWLzMICD8KGw0HFAkbPh0JCSoMHwYeDA4YMwcbaR8FHh8LaC04NjQ+eic8CSBwcw5oPAF8Pg
200 OK 1.2 kB URL HTTP/2 pectthatmye.shop/WVpOR0s4OC0qdDhnLGE+KzZzYnkff3wBL2prPi9zPzw6JX8raTZpKDU1OyMtKzUgM2U3PzpieR8/GykZLQAaJDMeLQMDCBoDKgQdPgovLHoDAg8JexEyegwcChAEBhobMR4CBQ8XKRIsFDYhBA4KAwEEHT4SKgUsFBl/BT0MPSkLHR5jCBQ8Cw4DAicDC34KIh4tFB4fDQsBBjMLCgEVHjofDAIlHwwPDhwaPSoGGjUNKncSKw8MKyIMDHcRAyAqCB8OGB8LAQ0/DBg0fB4yKSMONBgLAR1pGAoSAQMLDxYaDAx3ERkKCBwfIggVFAE7PQ4MDSwLG2MoCg8eJSUYHz42Hg4LORgWLzMICD8KGw0HFAkbPh0JCSoMHwYeDA4YMwcbaR8FHh8LaC04NjQ+eic8CSBwcw5oPAF8Pg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 4948f1ee55e5f62c702d8c1d8424e23e
19c1979b3884545e7d4ee62811898611e2c37ab7
c178c70125920a4fd4898b36ba150accd8c9994226bb7a6ad441bd8f31d670d6
GET /WVpOR0s4OC0qdDhnLGE+KzZzYnkff3wBL2prPi9zPzw6JX8raTZpKDU1OyMtKzUgM2U3PzpieR8/GykZLQAaJDMeLQMDCBoDKgQdPgovLHoDAg8JexEyegwcChAEBhobMR4CBQ8XKRIsFDYhBA4KAwEEHT4SKgUsFBl/BT0MPSkLHR5jCBQ8Cw4DAicDC34KIh4tFB4fDQsBBjMLCgEVHjofDAIlHwwPDhwaPSoGGjUNKncSKw8MKyIMDHcRAyAqCB8OGB8LAQ0/DBg0fB4yKSMONBgLAR1pGAoSAQMLDxYaDAx3ERkKCBwfIggVFAE7PQ4MDSwLG2MoCg8eJSUYHz42Hg4LORgWLzMICD8KGw0HFAkbPh0JCSoMHwYeDA4YMwcbaR8FHh8LaC04NjQ+eic8CSBwcw5oPAF8Pg HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Sun, 11 Sep 2022 09:25:21 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TvZE9KfGjlHT1T-Is4iUyNKsFbit0TYjlwUWfLdhGfsmxxX4QBpTvA==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7564
Expires: Sun, 11 Sep 2022 11:31:25 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
IP
File type ASCII text, with very long lines (4741), with no line terminators
Hash 66105838a23d33ffeaff1b46e91493da
5ca20cb4e7995221de8b651b358ec60d0a657adb
06cf1ec54b9a6bf5bddc7baba5a4ed8d2306f40872681a0234b57526eab1643f
GET /ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exe.app
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 1309
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-1285"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3332757
expires: Fri, 01 Sep 2023 09:25:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTyIi0EBDyLUspr9HUO9XP7ZYLsGGAsgzTA9ckiDt2koXSK4846ekLgVf7zC8LjSNlK45if2VzWEpvif7dAt2XJqZhH8Brq66o6E1GXsa%2FAujuSROS36iygSi7YWsK9mFM4C5CVM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748f5b0a6beeb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Last-Modified: Sun, 11 Sep 2022 07:37:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
pectthatmye.shop/RWZtdFMkBA4ZbCRbD1ImNwpQUWEDQ18yN3ZXHRxrIwAZFmc3VRVaMCkJGBA1NwkDAH0rAxlRYQMCNzMZKzE6GxsBNwZRYQMwPzUfBFQ/JwYDIDsWYjElLjYCdyQvJjUVMgItFSwBPy0XBCImA2Y2IQc2MRUIVREbIjwMFQYyLywDOGBULyJjDC4uICMdMDglFBU3BS4FLiMeN2IuNi43HgElLEAUIyAKHQV1Ch0gYh81OQ0VJzA4EAYCVlQjBiIVGjYRAAc8GSckLisEAQcKFSUBdDcPIGIfNSsnahUwFDo2J1Y/IQB1LB8jNAguLzAaAzc7NTskVx0iBilLCRsEKTAlIgQuKykmEgY2GiEwF1c4EgZ0LCAiYH0AOiIeYwweGz01WzcXITcsG00JIi8EQSMRXzQ
200 OK 1.2 kB URL HTTP/2 pectthatmye.shop/RWZtdFMkBA4ZbCRbD1ImNwpQUWEDQ18yN3ZXHRxrIwAZFmc3VRVaMCkJGBA1NwkDAH0rAxlRYQMCNzMZKzE6GxsBNwZRYQMwPzUfBFQ/JwYDIDsWYjElLjYCdyQvJjUVMgItFSwBPy0XBCImA2Y2IQc2MRUIVREbIjwMFQYyLywDOGBULyJjDC4uICMdMDglFBU3BS4FLiMeN2IuNi43HgElLEAUIyAKHQV1Ch0gYh81OQ0VJzA4EAYCVlQjBiIVGjYRAAc8GSckLisEAQcKFSUBdDcPIGIfNSsnahUwFDo2J1Y/IQB1LB8jNAguLzAaAzc7NTskVx0iBilLCRsEKTAlIgQuKykmEgY2GiEwF1c4EgZ0LCAiYH0AOiIeYwweGz01WzcXITcsG00JIi8EQSMRXzQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3006), with no line terminators
Hash bc1a395f9ba0e734217c0bd132ae2e7b
64f8857c9a9ebbad63a4a5f2714a552362aee332
959c2b183896dcfd29e937b40342c7dc0deb81c2a44c45571b849c5880db3cbe
GET /RWZtdFMkBA4ZbCRbD1ImNwpQUWEDQ18yN3ZXHRxrIwAZFmc3VRVaMCkJGBA1NwkDAH0rAxlRYQMCNzMZKzE6GxsBNwZRYQMwPzUfBFQ/JwYDIDsWYjElLjYCdyQvJjUVMgItFSwBPy0XBCImA2Y2IQc2MRUIVREbIjwMFQYyLywDOGBULyJjDC4uICMdMDglFBU3BS4FLiMeN2IuNi43HgElLEAUIyAKHQV1Ch0gYh81OQ0VJzA4EAYCVlQjBiIVGjYRAAc8GSckLisEAQcKFSUBdDcPIGIfNSsnahUwFDo2J1Y/IQB1LB8jNAguLzAaAzc7NTskVx0iBilLCRsEKTAlIgQuKykmEgY2GiEwF1c4EgZ0LCAiYH0AOiIeYwweGz01WzcXITcsG00JIi8EQSMRXzQ HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Sun, 11 Sep 2022 09:25:21 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LMyosJxnOfQWypT7LovI19TeZesADYhfLZmvJ4kjs4ru15keyfhPHA==
X-Firefox-Spdy: h2
lcreatessque.xyz/S05YTXRkcTs+SR58CjsgeRQyGzI7a2oLInkqCxUachkBGzotKx51Uj8nPHBMf31qe0VtPjEpSXp2fj4AKjotPkl6aDEjEiRzfjtJemBoY0VlfX44SXpoLD0VLHNpawQ/OjRwRX14anVMc31pfUN5fA
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/S05YTXRkcTs+SR58CjsgeRQyGzI7a2oLInkqCxUachkBGzotKx51Uj8nPHBMf31qe0VtPjEpSXp2fj4AKjotPkl6aDEjEiRzfjtJemBoY0VlfX44SXpoLD0VLHNpawQ/OjRwRX14anVMc31pfUN5fA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /S05YTXRkcTs+SR58CjsgeRQyGzI7a2oLInkqCxUachkBGzotKx51Uj8nPHBMf31qe0VtPjEpSXp2fj4AKjotPkl6aDEjEiRzfjtJemBoY0VlfX44SXpoLD0VLHNpawQ/OjRwRX14anVMc31pfUN5fA HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBqx91Wx9UNXa5W%2FgKIma1c9TXfAdsHiVyrmKjo%2FfKnRSdK7hrFJpAcQWgljeo%2B1Wgy5qN50qaRLMcBxylwVwEQ%2FERIdFfxNFqzY1VpyO3JIxA%2FZ9eEtkKo8aV7TBh555yh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b09dd930b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash abff5166fbd49f3162da898c1ed1b0c5
2fa6d7f7ae9da60c6ace36303821320ad5b4a67c
1aefea1673ceaaed1856797bf8de2743c897c162f63f6f6c1bea4c98f203e338
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AEFEA1673CEAAED1856797BF8DE2743C897C162F63F6F6C1BEA4C98F203E338"
Last-Modified: Fri, 09 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11674
Expires: Sun, 11 Sep 2022 12:39:55 GMT
Date: Sun, 11 Sep 2022 09:25:21 GMT
Connection: keep-alive
lcreatessque.xyz/ZjZFMWxJCSZCUQJbC3oNMlIGZCRfVwRaCDFVdAUoNFoTSzQ3Z2NFBQILfQNeUwRxFxwPUngAShVCJEUZFQt2FwUIUCoMDwpfJlpKEAt0H19SGHcJQlcQMAxdQEI1UAtbB2NBGBJaeABaUAR9CVRVB3UGVVI
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/ZjZFMWxJCSZCUQJbC3oNMlIGZCRfVwRaCDFVdAUoNFoTSzQ3Z2NFBQILfQNeUwRxFxwPUngAShVCJEUZFQt2FwUIUCoMDwpfJlpKEAt0H19SGHcJQlcQMAxdQEI1UAtbB2NBGBJaeABaUAR9CVRVB3UGVVI
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZjZFMWxJCSZCUQJbC3oNMlIGZCRfVwRaCDFVdAUoNFoTSzQ3Z2NFBQILfQNeUwRxFxwPUngAShVCJEUZFQt2FwUIUCoMDwpfJlpKEAt0H19SGHcJQlcQMAxdQEI1UAtbB2NBGBJaeABaUAR9CVRVB3UGVVI HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GasxrNnUdICwyexAZfwgiKXZJezp6kdnQKNEVJm5NB1FPwhecRdeXTOybVSPAToG23S%2FG7b3K3wgzNV7r7BHR49twVk5SGIYEm4eDSE6D5ay370Rjag8hSHV9IIc1LoAwA7%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b0a1dcf0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 11 Sep 2022 08:41:12 GMT
expires: Sun, 11 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 2649
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Last-Modified: Sun, 11 Sep 2022 08:14:44 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8a3f147ac37bcccd79750e4229a8d99b
f76459233b24f681045ed0476a63d95a0f12623e
6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8a3f147ac37bcccd79750e4229a8d99b
f76459233b24f681045ed0476a63d95a0f12623e
6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d31ph8fftb4r3x.cloudfront.net/eUnRtZTcxGwMDCCYdCVgPak1ZXAN0Hh4KWSJJAQBkPENVMgUgMloCESYOCVgHdBgMC1BvUggLVG9FSwRTMElZQ0MiGwZYTTQOAxRPORUcEBEnFVAIWCgdAQlWd0YrUBliUV9VHypFXEAEEFFfVVs7GhgdEmBEFV0BDUJZQAQQUV9VRSRRXiQOZFpdTBJgRA-oAVDkbSFdxYERcVQdjRFxABWISBBdSNBsVQAUUTVtLB3QBUFQ
200 OK 621 B URL HTTP/2 d31ph8fftb4r3x.cloudfront.net/eUnRtZTcxGwMDCCYdCVgPak1ZXAN0Hh4KWSJJAQBkPENVMgUgMloCESYOCVgHdBgMC1BvUggLVG9FSwRTMElZQ0MiGwZYTTQOAxRPORUcEBEnFVAIWCgdAQlWd0YrUBliUV9VHypFXEAEEFFfVVs7GhgdEmBEFV0BDUJZQAQQUV9VRSRRXiQOZFpdTBJgRA-oAVDkbSFdxYERcVQdjRFxABWISBBdSNBsVQAUUTVtLB3QBUFQ
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash f13cd69d32986ff544dc412ea3d998f5
2f3769c8b318fe065ba38ec2a0fe324b5fbbc09b
4f6b24b94c8a53a25e8a93d4a49b36c5ec9fba46cd6cbbe5f3ac77f62fcb4204
GET /eUnRtZTcxGwMDCCYdCVgPak1ZXAN0Hh4KWSJJAQBkPENVMgUgMloCESYOCVgHdBgMC1BvUggLVG9FSwRTMElZQ0MiGwZYTTQOAxRPORUcEBEnFVAIWCgdAQlWd0YrUBliUV9VHypFXEAEEFFfVVs7GhgdEmBEFV0BDUJZQAQQUV9VRSRRXiQOZFpdTBJgRA-oAVDkbSFdxYERcVQdjRFxABWISBBdSNBsVQAUUTVtLB3QBUFQ HTTP/1.1
Host: d31ph8fftb4r3x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 621
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EDi9v2_0Sl3lBv9BQGLius0RPdxFvOwlLqeusG0C2rrFrQVYkxGsmQ==
X-Firefox-Spdy: h2
d31ph8fftb4r3x.cloudfront.net/jN1hKRWJUNyQjXUMxLnhaBWp/d1YRMjkqDEdlCS9RbTMuDCsOGSIoJkcobDEYU2V6Yw5WNi14RFI2KXhTETkuJ18Dfj41DVxlMCMYWSkyLgNGLWwwAwo1JT8LWzQrYFBxbWR1RwVoYj1TBn15B0cFaCYsDEIgb3dST2B8GlQDfXkHRwVoODNHBBlzc0wHcW-93UlA9KS4NEmoMd1IGaHp0UgZ9eHUEXiovIw1PfXgDWwF2emMXCmk
200 OK 528 B URL HTTP/2 d31ph8fftb4r3x.cloudfront.net/jN1hKRWJUNyQjXUMxLnhaBWp/d1YRMjkqDEdlCS9RbTMuDCsOGSIoJkcobDEYU2V6Yw5WNi14RFI2KXhTETkuJ18Dfj41DVxlMCMYWSkyLgNGLWwwAwo1JT8LWzQrYFBxbWR1RwVoYj1TBn15B0cFaCYsDEIgb3dST2B8GlQDfXkHRwVoODNHBBlzc0wHcW-93UlA9KS4NEmoMd1IGaHp0UgZ9eHUEXiovIw1PfXgDWwF2emMXCmk
IP
File type ASCII text, with very long lines (711), with no line terminators
Hash f071074b1f01289818973fd8f0d5f6a9
a9501a7a49c2fde801445b5a58b4e2422d05ef96
19fcc0896eace5b5140aa34e0c5147ae834b65cddc889e64c3babcf4bbe4b10d
GET /jN1hKRWJUNyQjXUMxLnhaBWp/d1YRMjkqDEdlCS9RbTMuDCsOGSIoJkcobDEYU2V6Yw5WNi14RFI2KXhTETkuJ18Dfj41DVxlMCMYWSkyLgNGLWwwAwo1JT8LWzQrYFBxbWR1RwVoYj1TBn15B0cFaCYsDEIgb3dST2B8GlQDfXkHRwVoODNHBBlzc0wHcW-93UlA9KS4NEmoMd1IGaHp0UgZ9eHUEXiovIw1PfXgDWwF2emMXCmk HTTP/1.1
Host: d31ph8fftb4r3x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 528
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KC_TyqoGIBvC17l_x-5JLhnunjIndHeNdl3J-gHlGib1TRYdZ6CnMg==
X-Firefox-Spdy: h2
d31ph8fftb4r3x.cloudfront.net/dZGJnWWoHDQk/VRALA2RSUFFVb1tCCBQ2BBRfPToYFigRYDADKw5sGjBbPn8eHgZaaUwIAwk+V0IHCTpXVUQGPQhZVkEsC1kPCCMDCA4GfFgiV0lpT1ZSTyFbVUdUG09WUgswBBEaQmtaHFpRBlxQR1QbT1ZSFS9PVyNeb0RUS0JrWgMHBDIFQVAha1pVUl-doWlVHVWkMDRACPwUcR1UfU1JMV38fWVM
200 OK 189 B URL HTTP/2 d31ph8fftb4r3x.cloudfront.net/dZGJnWWoHDQk/VRALA2RSUFFVb1tCCBQ2BBRfPToYFigRYDADKw5sGjBbPn8eHgZaaUwIAwk+V0IHCTpXVUQGPQhZVkEsC1kPCCMDCA4GfFgiV0lpT1ZSTyFbVUdUG09WUgswBBEaQmtaHFpRBlxQR1QbT1ZSFS9PVyNeb0RUS0JrWgMHBDIFQVAha1pVUl-doWlVHVWkMDRACPwUcR1UfU1JMV38fWVM
IP
File type ASCII text, with no line terminators
Hash f62987cc0c593bbc97ab95676db5a658
0ddaa3599049e2c976989fa10a47138f6473afac
c82a35141f1e2f3aacd2d6a83b456855e81bf55d05d98067ffc28571814ba2df
GET /dZGJnWWoHDQk/VRALA2RSUFFVb1tCCBQ2BBRfPToYFigRYDADKw5sGjBbPn8eHgZaaUwIAwk+V0IHCTpXVUQGPQhZVkEsC1kPCCMDCA4GfFgiV0lpT1ZSTyFbVUdUG09WUgswBBEaQmtaHFpRBlxQR1QbT1ZSFS9PVyNeb0RUS0JrWgMHBDIFQVAha1pVUl-doWlVHVWkMDRACPwUcR1UfU1JMV38fWVM HTTP/1.1
Host: d31ph8fftb4r3x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 189
date: Sun, 11 Sep 2022 09:25:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o8R42Ig08ExZOHUugCQRxucRCfuz2MF12Dlgr1XHovUrCNBY-a-_0A==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 073f23031d86e46380dcc25127094e79
3c015eac611f0dba79bda69900e11303783d234b
46c48bb4cbcca45ec938eb50d2bcdf310c44b48b52d2148614df7ba0f55c52d9
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 09:25:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1930359986%3A1662888321919708&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqAEJ-ruxejzsQe3EaIpM_de0_1LTO7BHiUjUHx_zONImdJTAGvzsDbgkYtIBaPytlOPdwMdA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-jcXohMMXmlTDeXQCgcNong' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:UqNwp02JZ_3Cpb3CShfdwZ1e-4C0mA:Mov66qxlr46VsoO3;Path=/;Expires=Tue, 10-Sep-2024 09:25:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 2ba6a4f5207a567b1a41e333c01793e6
3e85db110ebe9e00a9905cfe5c5e70ef1192d720
9dbb2e87c6d2e4be279562c0698c6c31fd37ce60d1a75399e5714f66de5f0905
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 09:25:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S134721549%3A1662888321933080&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoxLkqeZTUWoNLpdVUnSwfziMjruhUqHYvGAxtY_hUTWGEL934OymX_VPq9i0TtPTt1m-06Gw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-w5BVedoinAH6ehzyWIy_vw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:9StxAaZDF-7uhScFosA5REHcgvkWTA:fnKRXqBOI2eWIb_S;Path=/;Expires=Tue, 10-Sep-2024 09:25:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 12 kB IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Hash 48d14aecd9c2350c08476ff191ec4a1f
f018f7affba45d23d19dd2a57ab6ef8db7bd1215
a9717003744921c50526a53c1b9322c4315f5543e9f89eb8ecdff2e8013a76a7
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j50EP1MI%2BP4R2GEU1JI%2BInpO6TEZIePXh%2FLgjmg6aTsBC%2BTfrDf6g6MBtIGxgwNqd%2B934nga1fBdiudiMO%2FtjkpcPS4lI%2BSQ%2BEVy0IThjDuj2lpq4abnQECFDXv%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f5b0c0bf3b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N44x3yO5W6HrzQu2S9Jraw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a6XM/gcJtD4RjRPrAkPEi1i6nYs=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:22 GMT
Last-Modified: Sun, 11 Sep 2022 08:14:44 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 472 B IP
Hash 431bccffdaad5a26e75e6dd4f8b1abaa
e4b0ac57e7c2d6d00e508cd99231b0f8d58942af
d2b9c8db43c744d36bc73630962238d7fb9017730f8ef8df9b6af1913b08cf35
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 09:25:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:52:23 GMT
Expires: Thu, 15 Sep 2022 12:52:22 GMT
Etag: "e4b0ac57e7c2d6d00e508cd99231b0f8d58942af"
Cache-Control: max-age=357419,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748f5b0dac031bfa-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://exe.app
Content-Length: 1512
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 11 Sep 2022 09:25:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://exe.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
in-page-push.com/400/3230648
200 OK 33 kB URL HTTP/2 in-page-push.com/400/3230648
IP
Hash 32f178a87d5278f2a9dea5e18e10c586
36e49f9e1ffbb39d8769978165edae9b9d381ab0
5ed103d8670a74f861b832570fb45c941805f15bab3add2866955a73ac4ba9e8
GET /400/3230648 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: application/javascript
x-trace-id: 35d5cc7d97149e6b8a4400235eaa6bf9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=537b0ad6c0a841929966f1f2113af503; expires=Mon, 11 Sep 2023 09:25:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
200 OK 65 B IP
File type JSON data\012- , ASCII text
Hash 9192c7d6682bd7b00d01f1422a83aa15
1a2787ea12b65f24b62a68e8ac0cb4dae0a489a3
72d74d27e0e1fa306be1dd10a1945a20aee2c1633a7d453bdb42ffe9450c8ee4
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exe.app
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:22 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://exe.app
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=429f7adcc96a46fda16ff56946131768; expires=Mon, 11 Sep 2023 09:25:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
in-page-push.com/500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 in-page-push.com/500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://exe.app/
Origin: https://exe.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:22 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://exe.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 315 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9248b848c45e85c85c0bc27e49fb7601
d3e270ce8981989353fa2a690fbc1653a38e70b2
bf7bfa44e745c99a30461142e8e1a81e2e7a4aad4ac919438ab4a61f46675c65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:25:22 GMT
Last-Modified: Sun, 11 Sep 2022 08:08:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
in-page-push.com/500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 67 kB URL HTTP/2 in-page-push.com/500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash 428cfca8fa5926a38813801cc4784bd2
8a4525d4032ef104685bb3a1fbbfa5659dcaa5b6
9ce1aed80bcfb64b241b0cd06fe4eb5ab0758dd53b3b7e7511a69ed152e73b48
GET /500/3230648?excludes=&oaid=429f7adcc96a46fda16ff56946131768&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://exe.app
Connection: keep-alive
Referer: https://exe.app/
Cookie: OAID=537b0ad6c0a841929966f1f2113af503
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:22 GMT
content-type: application/javascript
x-trace-id: 2fea13cab5234a913dd7c10c7ee8809d
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://exe.app
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=429f7adcc96a46fda16ff56946131768; expires=Mon, 11 Sep 2023 09:25:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
in-page-push.com/impression/KoW4yCYVlA-RueJJFF2_tuANTc4Ylpi4iAmKicCLwyeKX_8n9NEgj39lo5YBRAXczI0nqyAqGmhVlm6uT5-Z_X7rKOA29Jt4w67Ci30j85JvZFVUDJvdCUQj_FrhqjWbRNN-npPzjxH5wajjg_Lwfp5RwVM3WH2DJjwP7LSPJ8IIS9OUvyXHgWfYzwaw22PGVC6KzVcb6edPRtU7G3D8NbFKW2VIoB4OCZ9UpowVBGJC_OZGRkcmiaqesImjAfFbZEFMb8LDW4W3UmlujlXHo789Qs2WBVDarZnVCjNJR_3bAfKMkJfxFGv7d6osqAVpbpsmzPK60wOAwEnpY5PekRcppZhtrhZJTKk_TkMmOo7Jha1YXc5pd9OpFPi1CCC0MI1kf_DxaxVJUywPz743clScaSZnQcjgcKUXKrcFLUpY7JxwqyQ8iQKhhZ_r2ZkZ6Ui4pCQe7MIecuZc_WQJCpups3DF0l_gLWZaoZlUgHRg1hi2h03B0Iywfve8OiRTW9JyPE657h3m0EzTYAo1x-z9y-zvRbmN?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 in-page-push.com/impression/KoW4yCYVlA-RueJJFF2_tuANTc4Ylpi4iAmKicCLwyeKX_8n9NEgj39lo5YBRAXczI0nqyAqGmhVlm6uT5-Z_X7rKOA29Jt4w67Ci30j85JvZFVUDJvdCUQj_FrhqjWbRNN-npPzjxH5wajjg_Lwfp5RwVM3WH2DJjwP7LSPJ8IIS9OUvyXHgWfYzwaw22PGVC6KzVcb6edPRtU7G3D8NbFKW2VIoB4OCZ9UpowVBGJC_OZGRkcmiaqesImjAfFbZEFMb8LDW4W3UmlujlXHo789Qs2WBVDarZnVCjNJR_3bAfKMkJfxFGv7d6osqAVpbpsmzPK60wOAwEnpY5PekRcppZhtrhZJTKk_TkMmOo7Jha1YXc5pd9OpFPi1CCC0MI1kf_DxaxVJUywPz743clScaSZnQcjgcKUXKrcFLUpY7JxwqyQ8iQKhhZ_r2ZkZ6Ui4pCQe7MIecuZc_WQJCpups3DF0l_gLWZaoZlUgHRg1hi2h03B0Iywfve8OiRTW9JyPE657h3m0EzTYAo1x-z9y-zvRbmN?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/KoW4yCYVlA-RueJJFF2_tuANTc4Ylpi4iAmKicCLwyeKX_8n9NEgj39lo5YBRAXczI0nqyAqGmhVlm6uT5-Z_X7rKOA29Jt4w67Ci30j85JvZFVUDJvdCUQj_FrhqjWbRNN-npPzjxH5wajjg_Lwfp5RwVM3WH2DJjwP7LSPJ8IIS9OUvyXHgWfYzwaw22PGVC6KzVcb6edPRtU7G3D8NbFKW2VIoB4OCZ9UpowVBGJC_OZGRkcmiaqesImjAfFbZEFMb8LDW4W3UmlujlXHo789Qs2WBVDarZnVCjNJR_3bAfKMkJfxFGv7d6osqAVpbpsmzPK60wOAwEnpY5PekRcppZhtrhZJTKk_TkMmOo7Jha1YXc5pd9OpFPi1CCC0MI1kf_DxaxVJUywPz743clScaSZnQcjgcKUXKrcFLUpY7JxwqyQ8iQKhhZ_r2ZkZ6Ui4pCQe7MIecuZc_WQJCpups3DF0l_gLWZaoZlUgHRg1hi2h03B0Iywfve8OiRTW9JyPE657h3m0EzTYAo1x-z9y-zvRbmN?_z=3230648&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=2&pl=https%3A%2F%2Fexe.app%2Fm6omTeKR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Cookie: OAID=429f7adcc96a46fda16ff56946131768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:25:22 GMT
content-type: image/gif
content-length: 43
x-trace-id: 85fd08d280fd1df1eb55caa8e68cc30c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sun, 11 Sep 2022 12:43:23 GMT
Date: Sun, 11 Sep 2022 09:25:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sun, 11 Sep 2022 12:43:23 GMT
Date: Sun, 11 Sep 2022 09:25:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Sun, 11 Sep 2022 12:43:23 GMT
Date: Sun, 11 Sep 2022 09:25:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
age: 42082
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 40253
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b290c3f75a769f5cb0f36b5c84436c9b
22e386713ccb95ca1cf9aa367a5ad02bd1664954
e311757ae3bc5b821a9c1d4d654250b1ac936228eb4a600aa1e5b391d25adaaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10611
x-amzn-requestid: 1492333f-e0ed-4061-8c16-a62e0687b95e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLgc-EBkIAMF27A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae11f-555b67794d0bdfd3384ebde8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:45:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: gz4lq1qR5Erx6Gfh8Qh4C2RGT4-GLRLZZcMZLAvVztYBgYenM9LIhA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:18 GMT
etag: "22e386713ccb95ca1cf9aa367a5ad02bd1664954"
content-type: image/jpeg
age: 42305
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de6622cfd812509b317913e1a5e9cfc8
84e4a39c92ab111cc1072f898990cea6b05da6cf
6d41b564c2e15215d05ba74ba2ae08abf74f6aef9e58e808d31afc6d1ba123af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9319
x-amzn-requestid: 44d731e9-1da0-4ad0-9fbb-1b170fac3bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxaFtpIAMFWAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2e155359546dae806f6dbfe2;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a4f99UhuEWfzdGyMv22TnGq98xCUpM1at-u8BNxNrDUSNC4yfHLHVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 42289
etag: "84e4a39c92ab111cc1072f898990cea6b05da6cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd709702d50113aec782e45bb5ecb2a8
c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856
0ec10618a7f2f77cd339e9d1b4e58d29c1c9ad1575f434c813c1d3014c90bf76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9990
x-amzn-requestid: 712405bf-0677-4711-bde0-8040561267a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLlngEY0IAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae963-75feb6255b5cf4fa51ba7d54;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:21:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LMS65rPhliq1UWuz823twST0_lBxm7VrcLy28tOMTvCm85TsR7OVCg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 14:30:06 GMT
age: 68117
etag: "c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 12:19:07 GMT
age: 75976
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S134721549%3A1662888321933080&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoxLkqeZTUWoNLpdVUnSwfziMjruhUqHYvGAxtY_hUTWGEL934OymX_VPq9i0TtPTt1m-06Gw
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S134721549%3A1662888321933080&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoxLkqeZTUWoNLpdVUnSwfziMjruhUqHYvGAxtY_hUTWGEL934OymX_VPq9i0TtPTt1m-06Gw
IP
GET /v3/signin/identifier?dsh=S134721549%3A1662888321933080&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoxLkqeZTUWoNLpdVUnSwfziMjruhUqHYvGAxtY_hUTWGEL934OymX_VPq9i0TtPTt1m-06Gw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 09:25:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-p4lnzh6fG9yoUSuYOnGFhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=vB6L_3nzW-_C3RqckkQdhF6OAGA_TdyHcPmLzRml1YRuVIa-CILLY1J1xDNqkOzaJNqgq_GuZ3qsqTDQDiL_zwxQ5ByFuABMbuI98D865VmGTsB3ZonFAmNQDKvhOSdUU9nINgmzmq7Uq98eTSmvGC_VmZHFMKpSJFabksXXyKg; expires=Mon, 13-Mar-2023 09:25:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
exe.io/m6omTeKR
302 Found 0 B IP
GET /m6omTeKR HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 11 Sep 2022 09:25:20 GMT
content-type: text/html; charset=UTF-8
location: https://exe.app/m6omTeKR
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=31f6931948935228fd5c20f798677c75; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NL7D9UGRSPUjamifovvfXEGLwo3Ng8%2BA%2BaY%2BxSyYKMJt%2FWu%2FUzslB6RTSAHr1m3DPi%2FLsIb%2BSP%2B%2Fk4OhcNB%2BY%2B1tN3KfGV93zGxjDZ4ID9fDYMTfScC7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b046cdab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Origin: https://exe.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exe.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1556
last-modified: Sun, 11 Sep 2022 08:59:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT5rG%2BleV9UUzwzrGuLbwXXP7ztkE4HMlADOJZkXPIN6CO0xXUSTBEkMQO77u8mFZ%2F6liP1bp0ZXs9KnmAWnEgund0cZio1pJKq2rwz4jSx4xjkuYaIJI6FdqYQfsaYB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f5b08b9d8b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Origin: https://exe.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exe.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1556
last-modified: Sun, 11 Sep 2022 08:59:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISu7%2Bnw7n8HiyVQFiaUE2LrslxA2E8QG%2FJ%2B2EWiDO%2Ba1wL4EGEj4afYs%2Bn9k9RAmEHrSxUyvwZsChWq2ri8NKszJKeBSCNB%2BeQ%2F%2BytHdKcGZ1aHM0THQF3Vbbd8NNyFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f5b08b9d9b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: D9i9GOEWkKZkPWUXPdcXO17f0SyslBaVss7at5430auDAit2k6u02pPtuVnJOhzOMV/m39SzdH++1uXxwUnP1Q==
date: Sun, 11 Sep 2022 09:25:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
IP
GET /css?family=Open+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exe.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 09:25:21 GMT
date: Sun, 11 Sep 2022 09:25:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Origin: https://exe.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:25:21 GMT
content-type: text/plain
set-cookie: csu=1754871773220141@1@1662888321; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://exe.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzuM%2BKrQ9KhKoYzlPLn3iRzAJl2xxoKaUlfAYfMW2kqgyDAhXYhYxOv7y%2B1XvpXJZIX%2Fh2swqnFke0UHGMMxn2xZTp3t0JY9pUc6MKN55wDoXJVk4lAhaADTzeRcmd6X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f5b091a57b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1930359986%3A1662888321919708&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqAEJ-ruxejzsQe3EaIpM_de0_1LTO7BHiUjUHx_zONImdJTAGvzsDbgkYtIBaPytlOPdwMdA
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1930359986%3A1662888321919708&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqAEJ-ruxejzsQe3EaIpM_de0_1LTO7BHiUjUHx_zONImdJTAGvzsDbgkYtIBaPytlOPdwMdA
IP
GET /v3/signin/identifier?dsh=S1930359986%3A1662888321919708&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqAEJ-ruxejzsQe3EaIpM_de0_1LTO7BHiUjUHx_zONImdJTAGvzsDbgkYtIBaPytlOPdwMdA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 09:25:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-TqVhJGdkIe7783TTCvIusQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=WiG3yYOTHteGMRmYEX2LMqyq5xB9ZF3GmtUQ3awz53BqsvP4pebnEXUpQxukXr3oIyrSG-BR2ybVQJQoQj-vCevFRgPINdTH_3xwQD0JoBQI6ALlMQezfZ9FzwMPZwh4uMAQIL5Ow55AXTACdz93OAH2KLIRrGOzlX_zGr-tFC4; expires=Mon, 13-Mar-2023 09:25:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
104.26.3.103
104.17.25.14
95.101.11.115
139.45.195.8
172.255.6.133
157.240.200.35