exe.io/p6VLL
104.26.3.103301 Moved Permanently 0 B IP 104.26.3.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p6VLL HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 23:03:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 00:03:12 GMT
Location: https://exe.io/p6VLL
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpyxWHu%2FnZX1SUuc1y15ZVrV3imXEDeCIPj7AkowoJVano%2F5XsuFqaoWJJHzCs7%2B6BgQ1VE95j5thTJKX08LSfasb8Yvc81W0SVH3Qx8C0mCV2rsXrXrsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ef9adacda1bfa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Wed, 30 Nov 2022 00:17:44 GMT
Date: Tue, 29 Nov 2022 23:03:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Wed, 30 Nov 2022 00:52:44 GMT
Date: Tue, 29 Nov 2022 23:03:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5473
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:12 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4Q9HDc8N0iHCfkztzx/mGnAHgliB1c455T/g4aMz7JwcAH92kJFmvwAH/n1G7NIstBsBAuwCp7E=
x-amz-request-id: 4SRZDMGZ83GS8ZAA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 22:45:38 GMT
age: 1054
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4904
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:12 GMT
Etag: "63866bb2-37"
Last-Modified: Tue, 29 Nov 2022 20:29:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 22:19:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2614
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 23:03:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4904
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:12 GMT
Etag: "63866bb2-37"
Last-Modified: Tue, 29 Nov 2022 20:29:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1934a261f7e042e1bd80f832c3aa0243
330b9d8f9a3ef1b32a8b788895a31e13aa09b39f
66a647639cf87ed0633d0a9b58779e5989a2aed1881804dceb3cf97c11459824
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "66A647639CF87ED0633D0A9B58779E5989A2AED1881804DCEB3CF97C11459824"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1864
Expires: Tue, 29 Nov 2022 23:34:16 GMT
Date: Tue, 29 Nov 2022 23:03:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 22:11:13 GMT
cache-control: public,max-age=3600
age: 3119
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1934a261f7e042e1bd80f832c3aa0243
330b9d8f9a3ef1b32a8b788895a31e13aa09b39f
66a647639cf87ed0633d0a9b58779e5989a2aed1881804dceb3cf97c11459824
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "66A647639CF87ED0633D0A9B58779E5989A2AED1881804DCEB3CF97C11459824"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6940
Expires: Wed, 30 Nov 2022 00:58:52 GMT
Date: Tue, 29 Nov 2022 23:03:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3467
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:13 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
www.googletagmanager.com/gtag/js?id=UA-135952122-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash cc2f7f6ec7c7313950b86639f651d031
9335983fa4f104e9fd000f2a76f3a22b9ffe4d65
847199c108459d30c1d18f0fc863bfa5712fc2672c7fad2644986e30200c2b5c
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 23:03:13 GMT
expires: Tue, 29 Nov 2022 23:03:13 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 22:20:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3254f7c878d1f52f6503bf5b5b01b8fa
9061a49e98763ce6261db1792944ddd73a63ae03
ec1dace4e9720c35cdaecc0b552c805852d307eedbd02c06e9f3642facd4b3d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC1DACE4E9720C35CDAECC0B552C805852D307EEDBD02C06E9F3642FACD4B3D3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13386
Expires: Wed, 30 Nov 2022 02:46:19 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c6e345cc53e63f4754a28b0fcef3766
b5a9f0048124696b641b5ee09961104fa19f7d10
c0f44122d6220549a46a1f1743a19d90fb8347fc07fa8877f05d6d19a917db7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0F44122D6220549A46A1F1743A19D90FB8347FC07FA8877F05D6D19A917DB7E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11477
Expires: Wed, 30 Nov 2022 02:14:30 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3254f7c878d1f52f6503bf5b5b01b8fa
9061a49e98763ce6261db1792944ddd73a63ae03
ec1dace4e9720c35cdaecc0b552c805852d307eedbd02c06e9f3642facd4b3d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC1DACE4E9720C35CDAECC0B552C805852D307EEDBD02C06E9F3642FACD4B3D3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13386
Expires: Wed, 30 Nov 2022 02:46:19 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3763
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:13 GMT
Etag: "63866b9a-37"
Last-Modified: Tue, 29 Nov 2022 20:29:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
exee.app/p6VLL
172.67.151.153200 OK 168 kB IP 172.67.151.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61750)
Size 168 kB (167981 bytes)
Hash 085b3f44f5c544349fbadaa474e35b9b
27316a1f65095074cd7b28252c69a5c6ffc70a4b
40c92eb88009065065259902cdd9b381d5a7a28bbe9596ea888cab00522d5f6b
GET /p6VLL HTTP/1.1
Host: exee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:12 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=ffe37681b63d12fbda5bf592033b354b; path=/; HttpOnly
csrfToken=a39ea08888e697d00d0053466d7b6b0857233d55103d3cda5cf310191cf772f06563d15476d9abe7a55925aeb5011442666a57fe457b0cabe78f31097660535d; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG7LUh1n0TYjiEkZ3TdmB5%2B6ttmcBBjJvsjv8OKcLN%2Fp79P6dIPHUMK%2BAvT9atchEy%2Br2iK9S4ocq6l58VhyZY5CT6oWa47Ymvwz78TJMWbKNbqCQrdICr71eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b0ca5ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9fbd71f67201a0428c19d6a726c89bf
ab8f474825fca13772639ab689c0f190ef2ee7d1
fdced6c4d035e8f40e719aaa50eb9ad071c404e78f71f99a3c2e7bf886283c91
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FDCED6C4D035E8F40E719AAA50EB9AD071C404E78F71F99A3C2E7BF886283C91"
Last-Modified: Tue, 29 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3863
Expires: Wed, 30 Nov 2022 00:07:36 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 40ce48359a1c3a5f1a0347a5e1aa6cbe
50e7a1e47058334ce76d640feca3cfd616e69c18
f72a564ba72dccd6b3b12d077276ed88cf244d8439c1980eecefef9c2948baec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F72A564BA72DCCD6B3B12D077276ED88CF244D8439C1980EECEFEF9C2948BAEC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Wed, 30 Nov 2022 00:49:18 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 40ce48359a1c3a5f1a0347a5e1aa6cbe
50e7a1e47058334ce76d640feca3cfd616e69c18
f72a564ba72dccd6b3b12d077276ed88cf244d8439c1980eecefef9c2948baec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F72A564BA72DCCD6B3B12D077276ED88CF244D8439C1980EECEFEF9C2948BAEC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Wed, 30 Nov 2022 00:49:18 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 101432
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:05 GMT
expires: Tue, 28 Nov 2023 18:56:05 GMT
cache-control: public, max-age=31536000
age: 101228
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arthwhilearthu.com/utx?cb=rx69SXGmJpKT&top=exee.app&tid=822524
54.230.111.68204 No Content 0 B URL HTTP/2 arthwhilearthu.com/utx?cb=rx69SXGmJpKT&top=exee.app&tid=822524
IP 54.230.111.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=rx69SXGmJpKT&top=exee.app&tid=822524 HTTP/1.1
Host: arthwhilearthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 23:03:13 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 29 Nov 2022 23:04:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: keL9UXT2S8CurqQKk2aLUxl7tCSqjrzn7brMb2joWizCzYtTfh6Eag==
X-Firefox-Spdy: h2
arthwhilearthu.com/RDR1S2MlVhYmXCUJF20WNlhIblECEUcNB3VEQiwTcUNMfBZzQEJlAChbAC8FNlsbP00qUQFuUQJRJyYTDmEPEg8GZxZ6IBB9MQc0cHsRDQt8bSQBBAVwGnM0AG4tCQkGADQ8EAFzRH9QCVMjejIuQzovJAllPiwQKno0PwQATRY8IHdQOAAnIGEQelYyfkUSEwVsJDo7PQQRBCACdT48EC9QIAYNEk0kczcHDDIBNw1gEQgbfFIkEQkTfBl8MhcMMAc3PHY7HlpzbUQsGhAHASEhd24wLjsdcjcOWnNtRQ4VBnxMJSZ3YRopJAFzJScbfVASHiYQB1g/CRZwNxsGLH09Lw99WiwzWi5jPSBTEU0gCSkqbTAKJSwBLCw5dmNGJwoBBycqLz5EMAIUM1k+My10eD0jCQUGHSoBPW05LxRiXgYkDTQJOigtAVU4Aws1bDk
54.230.111.68200 OK 1.2 kB URL HTTP/2 arthwhilearthu.com/RDR1S2MlVhYmXCUJF20WNlhIblECEUcNB3VEQiwTcUNMfBZzQEJlAChbAC8FNlsbP00qUQFuUQJRJyYTDmEPEg8GZxZ6IBB9MQc0cHsRDQt8bSQBBAVwGnM0AG4tCQkGADQ8EAFzRH9QCVMjejIuQzovJAllPiwQKno0PwQATRY8IHdQOAAnIGEQelYyfkUSEwVsJDo7PQQRBCACdT48EC9QIAYNEk0kczcHDDIBNw1gEQgbfFIkEQkTfBl8MhcMMAc3PHY7HlpzbUQsGhAHASEhd24wLjsdcjcOWnNtRQ4VBnxMJSZ3YRopJAFzJScbfVASHiYQB1g/CRZwNxsGLH09Lw99WiwzWi5jPSBTEU0gCSkqbTAKJSwBLCw5dmNGJwoBBycqLz5EMAIUM1k+My10eD0jCQUGHSoBPW05LxRiXgYkDTQJOigtAVU4Aws1bDk
IP 54.230.111.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 3361f990b9d3a792d6bf3f7b40ce8b9b
a57b8c9406d12007909bfc67525574a1aa92f742
02b73845c733c310b6fd83150117fe3fe1c17019f08a3819ca94dfe845df16fa
GET /RDR1S2MlVhYmXCUJF20WNlhIblECEUcNB3VEQiwTcUNMfBZzQEJlAChbAC8FNlsbP00qUQFuUQJRJyYTDmEPEg8GZxZ6IBB9MQc0cHsRDQt8bSQBBAVwGnM0AG4tCQkGADQ8EAFzRH9QCVMjejIuQzovJAllPiwQKno0PwQATRY8IHdQOAAnIGEQelYyfkUSEwVsJDo7PQQRBCACdT48EC9QIAYNEk0kczcHDDIBNw1gEQgbfFIkEQkTfBl8MhcMMAc3PHY7HlpzbUQsGhAHASEhd24wLjsdcjcOWnNtRQ4VBnxMJSZ3YRopJAFzJScbfVASHiYQB1g/CRZwNxsGLH09Lw99WiwzWi5jPSBTEU0gCSkqbTAKJSwBLCw5dmNGJwoBBycqLz5EMAIUM1k+My10eD0jCQUGHSoBPW05LxRiXgYkDTQJOigtAVU4Aws1bDk HTTP/1.1
Host: arthwhilearthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Tue, 29 Nov 2022 23:03:13 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IB6G1kd-KU-umJmtsghxSneyFJ2LPD3dxmYVCmnWOJ6rlV_k0UWBPg==
X-Firefox-Spdy: h2
arthwhilearthu.com/utx?cb=jtLLyNXmgpRr&top=exee.app&tid=889494
54.230.111.68204 No Content 0 B URL HTTP/2 arthwhilearthu.com/utx?cb=jtLLyNXmgpRr&top=exee.app&tid=889494
IP 54.230.111.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=jtLLyNXmgpRr&top=exee.app&tid=889494 HTTP/1.1
Host: arthwhilearthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 23:03:13 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exee.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 29 Nov 2022 23:04:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y9DmoJn-FXBRKAz1qe6rBWf__dtUBnb5wQAnp3BIDP1vc-HhWbB2OA==
X-Firefox-Spdy: h2
arthwhilearthu.com/WkV2T3c7JxUiSDt4FGkCKClLakUcYEQJE2s1QSgHbzJPeAJtMUFhFDYqAysRKCoYO1k0IAJqRRx8IiEtHhExCgMdFkY+LzAqEAVEHB8SJE5pISAZGBIBNyUzIHA6ACYXDT4bNjcNNCREHB0VLiEbFEMVIz0nPSQDICQRfwEdBiQ3JSM2LwY/HBQXDRQ0CRo3QQ8BFXczMxM6AB4PDjkeFCIKETgBHXcjejYSCBQDMwMMPycYMyQgAj4Ld0d3JRI9MS4NKQw/DT4pCg4FBQgNOyYxDTEzLERrFy8KLTcjDwEFCA07eDQZBzcrRTYWMgk5IiM0I0MLKFsVUmgDP30DHyYMey87dSMMEQwDQRg/FCkkBw8dDzUkNBAXGiIRMyFOHRkQfSMXTh0mGyMjPC03Pic9FBkIIy41IzgfEiZFIyc8KTd9FAwEUCUENSsGcg0VIyUJEgo9DyxDDHA8AA
54.230.111.68200 OK 1.2 kB URL HTTP/2 arthwhilearthu.com/WkV2T3c7JxUiSDt4FGkCKClLakUcYEQJE2s1QSgHbzJPeAJtMUFhFDYqAysRKCoYO1k0IAJqRRx8IiEtHhExCgMdFkY+LzAqEAVEHB8SJE5pISAZGBIBNyUzIHA6ACYXDT4bNjcNNCREHB0VLiEbFEMVIz0nPSQDICQRfwEdBiQ3JSM2LwY/HBQXDRQ0CRo3QQ8BFXczMxM6AB4PDjkeFCIKETgBHXcjejYSCBQDMwMMPycYMyQgAj4Ld0d3JRI9MS4NKQw/DT4pCg4FBQgNOyYxDTEzLERrFy8KLTcjDwEFCA07eDQZBzcrRTYWMgk5IiM0I0MLKFsVUmgDP30DHyYMey87dSMMEQwDQRg/FCkkBw8dDzUkNBAXGiIRMyFOHRkQfSMXTh0mGyMjPC03Pic9FBkIIy41IzgfEiZFIyc8KTd9FAwEUCUENSsGcg0VIyUJEgo9DyxDDHA8AA
IP 54.230.111.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 1e321510493c4e9ab104c62a77836393
a8bb37ea9add263b9e3c63764939ee01f973d313
3f47b6241dcce7bf2e331df6f9c32337f9efcfdcbb692f7450b209d68fc2904f
GET /WkV2T3c7JxUiSDt4FGkCKClLakUcYEQJE2s1QSgHbzJPeAJtMUFhFDYqAysRKCoYO1k0IAJqRRx8IiEtHhExCgMdFkY+LzAqEAVEHB8SJE5pISAZGBIBNyUzIHA6ACYXDT4bNjcNNCREHB0VLiEbFEMVIz0nPSQDICQRfwEdBiQ3JSM2LwY/HBQXDRQ0CRo3QQ8BFXczMxM6AB4PDjkeFCIKETgBHXcjejYSCBQDMwMMPycYMyQgAj4Ld0d3JRI9MS4NKQw/DT4pCg4FBQgNOyYxDTEzLERrFy8KLTcjDwEFCA07eDQZBzcrRTYWMgk5IiM0I0MLKFsVUmgDP30DHyYMey87dSMMEQwDQRg/FCkkBw8dDzUkNBAXGiIRMyFOHRkQfSMXTh0mGyMjPC03Pic9FBkIIy41IzgfEiZFIyc8KTd9FAwEUCUENSsGcg0VIyUJEgo9DyxDDHA8AA HTTP/1.1
Host: arthwhilearthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Tue, 29 Nov 2022 23:03:13 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CKQHjdiVOwoTQBxeaEg3t8d0VGVvedG6bE9sNpiaGw8wRd6oA1pmSw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arthwhilearthu.com/SDU3MFApV1RdbykIVRYlOlkKFWIOEAV2NHlFAFcgfUIOByV/QQAeMyRaQlQ2OlpZRH4mUEMVYg5aY3Y4H1cHQyYGT1B6NAxST308Ak9SdyQjYm9AIQVcYnEaHE1bYBJxDXB0NCF7Zl89Llx+Zhx7c1hTEQVEflppOmZkBDkHB0NVMhsFD34WAhAFdjEhBQRlORFfflpoDH9OAWkSdlsVYgpsWlgqEG1DWxwyDXV8KQVDfWUgfVNzaTkbW1sIMR9vdVViJEdxdSB9U3QIdXpzdmhhfFNgZSQqWwJfHCRZEgIWKWJEZQMmWQ97OQp+UnFhOG9bQDwufXFKCBBGRWAEZWByehckRHJ2YX9TYFg9EFtDCTYfZ1F8Ax1Eekc7I3t/ATsDbUcIMhBdUVIEJFltR3YiRlheIHVfRwcEJwFtcTo
54.230.111.68200 OK 1.2 kB URL HTTP/2 arthwhilearthu.com/SDU3MFApV1RdbykIVRYlOlkKFWIOEAV2NHlFAFcgfUIOByV/QQAeMyRaQlQ2OlpZRH4mUEMVYg5aY3Y4H1cHQyYGT1B6NAxST308Ak9SdyQjYm9AIQVcYnEaHE1bYBJxDXB0NCF7Zl89Llx+Zhx7c1hTEQVEflppOmZkBDkHB0NVMhsFD34WAhAFdjEhBQRlORFfflpoDH9OAWkSdlsVYgpsWlgqEG1DWxwyDXV8KQVDfWUgfVNzaTkbW1sIMR9vdVViJEdxdSB9U3QIdXpzdmhhfFNgZSQqWwJfHCRZEgIWKWJEZQMmWQ97OQp+UnFhOG9bQDwufXFKCBBGRWAEZWByehckRHJ2YX9TYFg9EFtDCTYfZ1F8Ax1Eekc7I3t/ATsDbUcIMhBdUVIEJFltR3YiRlheIHVfRwcEJwFtcTo
IP 54.230.111.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3014), with no line terminators
Hash 30e1f7dc68310704da81db699d5859c1
a229158c7f0805c9946c8ac606ee98b0d0efa149
71f6fd384337d62a8c64d773ae26a17d2d55a6b3e8aa4a6518ddad425552978d
GET /SDU3MFApV1RdbykIVRYlOlkKFWIOEAV2NHlFAFcgfUIOByV/QQAeMyRaQlQ2OlpZRH4mUEMVYg5aY3Y4H1cHQyYGT1B6NAxST308Ak9SdyQjYm9AIQVcYnEaHE1bYBJxDXB0NCF7Zl89Llx+Zhx7c1hTEQVEflppOmZkBDkHB0NVMhsFD34WAhAFdjEhBQRlORFfflpoDH9OAWkSdlsVYgpsWlgqEG1DWxwyDXV8KQVDfWUgfVNzaTkbW1sIMR9vdVViJEdxdSB9U3QIdXpzdmhhfFNgZSQqWwJfHCRZEgIWKWJEZQMmWQ97OQp+UnFhOG9bQDwufXFKCBBGRWAEZWByehckRHJ2YX9TYFg9EFtDCTYfZ1F8Ax1Eekc7I3t/ATsDbUcIMhBdUVIEJFltR3YiRlheIHVfRwcEJwFtcTo HTTP/1.1
Host: arthwhilearthu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Tue, 29 Nov 2022 23:03:13 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cxE3WN0ARMMQ4NFOJP8W0nT8L-LBGxsD1ur4doK073w6-onkRPeKeA==
X-Firefox-Spdy: h2
cutopporting.com/N2g5azUYV1oYCFICbz94fzJ2KWJUKms+RnoJXil6ZB9vBXZyLR8fXFNVAV8GBV4ITUVeDARaDREbTQpBQhsEWhNeBl8ECBEeBFobB0YLRQcRHQRaE0MYWAwIBk5JH0FbVQhdAw5fD1kMDloLUwM
104.21.33.48204 No Content 0 B URL HTTP/2 cutopporting.com/N2g5azUYV1oYCFICbz94fzJ2KWJUKms+RnoJXil6ZB9vBXZyLR8fXFNVAV8GBV4ITUVeDARaDREbTQpBQhsEWhNeBl8ECBEeBFobB0YLRQcRHQRaE0MYWAwIBk5JH0FbVQhdAw5fD1kMDloLUwM
IP 104.21.33.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N2g5azUYV1oYCFICbz94fzJ2KWJUKms+RnoJXil6ZB9vBXZyLR8fXFNVAV8GBV4ITUVeDARaDREbTQpBQhsEWhNeBl8ECBEeBFobB0YLRQcRHQRaE0MYWAwIBk5JH0FbVQhdAw5fD1kMDloLUwM HTTP/1.1
Host: cutopporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYrA1SIKS3MRxrQYzhvMSy8lao%2FclTe3Xi6wM3AHIjMRhZtttPRJze49hOeU%2F6FygxSqmJ%2FkIr5haKCGJKdlGzuN%2F6h71s3k1G5keZqXgqy4DQTcp1JAfnUU4%2BNmmvyuN2rA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b42fedb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cutopporting.com/VFJjMm17bQBBUBo/Nkg7EBMgZAogOSFFVAYTNGspFhQUcDQzH0VGBDBvWwBfYWBXFB09Nl4DSycmAkYYJ29SFAQ6NAwPSyJvUhxeYHxQA0NldBYPXHImE1MKaWNFQhkgPl4DW2JrVARfbWtRAF5m
104.21.33.48204 No Content 0 B URL HTTP/2 cutopporting.com/VFJjMm17bQBBUBo/Nkg7EBMgZAogOSFFVAYTNGspFhQUcDQzH0VGBDBvWwBfYWBXFB09Nl4DSycmAkYYJ29SFAQ6NAwPSyJvUhxeYHxQA0NldBYPXHImE1MKaWNFQhkgPl4DW2JrVARfbWtRAF5m
IP 104.21.33.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VFJjMm17bQBBUBo/Nkg7EBMgZAogOSFFVAYTNGspFhQUcDQzH0VGBDBvWwBfYWBXFB09Nl4DSycmAkYYJ29SFAQ6NAwPSyJvUhxeYHxQA0NldBYPXHImE1MKaWNFQhkgPl4DW2JrVARfbWtRAF5m HTTP/1.1
Host: cutopporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azXz9TJr9kQYNVLlPXCCsGr%2BzZ3BTm%2Bzz7qYiMr8H%2FV2iJEgCkOFR7%2FzvKFElE%2Fdq7101Sr6%2Be2Svl2PmI9IbR8ifUQ9ZlPemeoFlq%2FI5o46Rq8o60EDqhja1R%2BmB3FG3hl%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b42fe6b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cutopporting.com/cjZxcjldCRIBBCtYKzpqOnQiI1dHAiAkfzNSQgZxJwY3VwswUDQ7HwZfFU8BSg9FSw1URhgWBEMQAgZYBkMCTwhUXx8UVk8QB08IXAVFXApDGEBUTE8HVwZJE1FMQx8CQgUeBEMAR0sORARISwtAAUA
104.21.33.48204 No Content 0 B URL HTTP/2 cutopporting.com/cjZxcjldCRIBBCtYKzpqOnQiI1dHAiAkfzNSQgZxJwY3VwswUDQ7HwZfFU8BSg9FSw1URhgWBEMQAgZYBkMCTwhUXx8UVk8QB08IXAVFXApDGEBUTE8HVwZJE1FMQx8CQgUeBEMAR0sORARISwtAAUA
IP 104.21.33.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cjZxcjldCRIBBCtYKzpqOnQiI1dHAiAkfzNSQgZxJwY3VwswUDQ7HwZfFU8BSg9FSw1URhgWBEMQAgZYBkMCTwhUXx8UVk8QB08IXAVFXApDGEBUTE8HVwZJE1FMQx8CQgUeBEMAR0sORARISwtAAUA HTTP/1.1
Host: cutopporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9C86dSA0Zj7RrAJxPpToHP09%2F2J8lRKj2%2BaDd1KvBJW2qlZcX874RKZOJseW92xp73mn0VoqeH67vEgGx7NUlBhgn9PJteiwPVDKPYxXq1Q%2FiVe2OSmGlk9UKJZK2SUp9Xn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b44819b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9fbd71f67201a0428c19d6a726c89bf
ab8f474825fca13772639ab689c0f190ef2ee7d1
fdced6c4d035e8f40e719aaa50eb9ad071c404e78f71f99a3c2e7bf886283c91
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FDCED6C4D035E8F40E719AAA50EB9AD071C404E78F71F99A3C2E7BF886283C91"
Last-Modified: Tue, 29 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3863
Expires: Wed, 30 Nov 2022 00:07:36 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
172.64.198.35200 OK 103 kB IP 172.64.198.35:0
Size 103 kB (102745 bytes)
Hash e8d3fd2de4c7c13e3f148258d2ca09a2
5266fb12839c3fdfe6a9ffd128038d47b9c960c5
bd59db55250e1e87cd0a508ed3d732395d0bdff366d637cbd148919149f413f8
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3650
last-modified: Tue, 29 Nov 2022 22:02:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NljPpp0RL4vJKK7REew7Gcdud%2BpUqR5q0V%2BpXDZmUwUIsmsXVuCpxOjSjL2%2FNIi0%2FyaQR4EX5jrEM98ULFNmsiRS5AoDJYG3EXzRQrKObXSKEWcSbfBshMWuxRoQ9QZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9b48906745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JXXtF2Sn7O/4TMxv5XcX5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vcw5YgUq4j0eFG539OZtdwCdcA0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4fadc3debd5f5de20f763d29e2b84196
4bdc95e8b50718b858dfe94e28f8071402f53e06
6917aedc9d16cc4dea35ed5fffff8a28bf5e75118f7444f350076773b58e9b4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6917AEDC9D16CC4DEA35ED5FFFFF8A28BF5E75118F7444F350076773B58E9B4E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9175
Expires: Wed, 30 Nov 2022 01:36:08 GMT
Date: Tue, 29 Nov 2022 23:03:13 GMT
Connection: keep-alive
a.vdo.ai/core/v-exee-app/vdo.ai.js
172.64.104.3200 OK 4.5 kB URL HTTP/2 a.vdo.ai/core/v-exee-app/vdo.ai.js
IP 172.64.104.3:0
File type ASCII text, with very long lines (8481)
Hash e0f41486b75db420e984c33276c9ec1e
3b6fcee0cc651ed77cb5322e7c09b83d831bcee2
e5e9972b2274e668ab6bd21cdef1ea9a392ba5e089c17eeb529e9f46b5e89e39
GET /core/v-exee-app/vdo.ai.js HTTP/1.1
Host: a.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
vdo-server: Tag2
cache-control: public, max-age=1800
x-varnish: 76737572 3361537
via: 1.1 varnish-v4
x-cache: HIT
cf-cache-status: EXPIRED
last-modified: Tue, 29 Nov 2022 23:02:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiX3hj8mKEsS5MrrR4glW2LJSJIeU8pqRVMm%2FibgYv%2BH5WL0CD%2BpFWj8AdsKvi%2BrOFBfiylFRBtn4K3RhXagxqSCVBMNzIvBthbUYpmDUKp7j1iU5hyQvCe%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b40ecb76c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1p7gp5w97u7t7.cloudfront.net/eRmpJUzYlBSc1CTIDLW4OdFh8YQJgADo8WDZXBjB4AwsEG143MgV1QjwOdGMQKgsnNAtgDycwC3dMKDdUe15vJ0YpAXQqXy0dOCFAKwskdUMnVyQ8TC8GJTITdCx8fQZjWHl7QS8ELTxBNU97Y1gyT3tjB3ZEeXYFBE97Y0EvBH9nE3UobGEGPlx9dgUET3-tjRDBPehIHdl9nYx9jWHk0UyUBJnYEAFh5YgZ2W3liE3RaLzpEIwwmKxN0LHhjA2habyYLdw
54.230.245.133200 OK 504 B URL HTTP/2 d1p7gp5w97u7t7.cloudfront.net/eRmpJUzYlBSc1CTIDLW4OdFh8YQJgADo8WDZXBjB4AwsEG143MgV1QjwOdGMQKgsnNAtgDycwC3dMKDdUe15vJ0YpAXQqXy0dOCFAKwskdUMnVyQ8TC8GJTITdCx8fQZjWHl7QS8ELTxBNU97Y1gyT3tjB3ZEeXYFBE97Y0EvBH9nE3UobGEGPlx9dgUET3-tjRDBPehIHdl9nYx9jWHk0UyUBJnYEAFh5YgZ2W3liE3RaLzpEIwwmKxN0LHhjA2habyYLdw
IP 54.230.245.133:0
File type ASCII text, with very long lines (699), with no line terminators
Hash 956142744decad30c55a935a1cfe9e45
ab35e6a4ed943d084ad79bf8860bc2ddbfb0b9c4
9b5e54c53b8c3846db9539f36c8d62b3bd0d1bc55d3295060dc76718fdf55f45
GET /eRmpJUzYlBSc1CTIDLW4OdFh8YQJgADo8WDZXBjB4AwsEG143MgV1QjwOdGMQKgsnNAtgDycwC3dMKDdUe15vJ0YpAXQqXy0dOCFAKwskdUMnVyQ8TC8GJTITdCx8fQZjWHl7QS8ELTxBNU97Y1gyT3tjB3ZEeXYFBE97Y0EvBH9nE3UobGEGPlx9dgUET3-tjRDBPehIHdl9nYx9jWHk0UyUBJnYEAFh5YgZ2W3liE3RaLzpEIwwmKxN0LHhjA2habyYLdw HTTP/1.1
Host: d1p7gp5w97u7t7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arthwhilearthu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 504
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ItL8Hg3CEOMxtq-xSYxtsauZtSr5Yf5Gf9XsQrCBS1CEpZll_7YYVw==
X-Firefox-Spdy: h2
d1p7gp5w97u7t7.cloudfront.net/oTFhWb0svNzgJdDgxMlJzeGtkWXpqMiUAJTxlPB98GDdiNQomfiIVL3FocAMqIj9rSS4iO2tebS08NFJ/ai03UiYjIj8DJy19ZCl+YmhzXXtkLz8BLyMvJUp5fDYiSnl8aWZBe2lrFEp5fC8/AX14fWUtbn5oLll/aWsUSnl8KiBKeA1pZlplfHFzXXsrPT-UEJGlqEF17fWhmXnt9fWRfLSUqMwkkNH1kKXp8bXhfbTllZw
54.230.245.133200 OK 181 B URL HTTP/2 d1p7gp5w97u7t7.cloudfront.net/oTFhWb0svNzgJdDgxMlJzeGtkWXpqMiUAJTxlPB98GDdiNQomfiIVL3FocAMqIj9rSS4iO2tebS08NFJ/ai03UiYjIj8DJy19ZCl+YmhzXXtkLz8BLyMvJUp5fDYiSnl8aWZBe2lrFEp5fC8/AX14fWUtbn5oLll/aWsUSnl8KiBKeA1pZlplfHFzXXsrPT-UEJGlqEF17fWhmXnt9fWRfLSUqMwkkNH1kKXp8bXhfbTllZw
IP 54.230.245.133:0
File type ASCII text, with no line terminators
Hash ab6cdfd19080dbf5d91eda9b62e8b005
d7b85e2f7a30cb049a30cb0d96ea8b3d5874a0c5
a538076c2c3cee837c0dab061d75b1348d3f01e20a57186b52b97b5418b21376
GET /oTFhWb0svNzgJdDgxMlJzeGtkWXpqMiUAJTxlPB98GDdiNQomfiIVL3FocAMqIj9rSS4iO2tebS08NFJ/ai03UiYjIj8DJy19ZCl+YmhzXXtkLz8BLyMvJUp5fDYiSnl8aWZBe2lrFEp5fC8/AX14fWUtbn5oLll/aWsUSnl8KiBKeA1pZlplfHFzXXsrPT-UEJGlqEF17fWhmXnt9fWRfLSUqMwkkNH1kKXp8bXhfbTllZw HTTP/1.1
Host: d1p7gp5w97u7t7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arthwhilearthu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 181
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lV3xftWyJbBqHWsh_MKj-Cf0Q3WR2hWBcKU-avdzFZHDHRvq1UaGlQ==
X-Firefox-Spdy: h2
d1p7gp5w97u7t7.cloudfront.net/9TnZDTGEtGS0qXjofJ3FZdk93dVVoHDAjDz5LOQMHHTAmHBk3FXcaVAQ5ZTgbKktzag0vGCRxRysYIHFQaBcnLlx6UDc8DiVLOiUKOQcxOgwvG2U5AHMbLDYIIhoiaVMIQ218RHxGazsIIBIsOxJrRHMiFWtEc31RYEZmfyNrRHM7CCBAd2lSDFNxfBl4Qm-Z/I2tEcz4Xa0UCfVF7WHNlRHxGJCkCJRlmfid8RnJ8UX9GcmlTfhAqPgQoGTtpUwhHc3lPflA2cVA
54.230.245.133200 OK 626 B URL HTTP/2 d1p7gp5w97u7t7.cloudfront.net/9TnZDTGEtGS0qXjofJ3FZdk93dVVoHDAjDz5LOQMHHTAmHBk3FXcaVAQ5ZTgbKktzag0vGCRxRysYIHFQaBcnLlx6UDc8DiVLOiUKOQcxOgwvG2U5AHMbLDYIIhoiaVMIQ218RHxGazsIIBIsOxJrRHMiFWtEc31RYEZmfyNrRHM7CCBAd2lSDFNxfBl4Qm-Z/I2tEcz4Xa0UCfVF7WHNlRHxGJCkCJRlmfid8RnJ8UX9GcmlTfhAqPgQoGTtpUwhHc3lPflA2cVA
IP 54.230.245.133:0
File type ASCII text, with very long lines (875), with no line terminators
Hash 0b9cf64ddc447c8f12593bf1c98b2f8b
52bf387853b4eb845c2e23b9a382f0c18dc94709
af9f93be73e7072624e53a1ba3b76a6bcb0299c7a0bd72d68eacd11d355ae052
GET /9TnZDTGEtGS0qXjofJ3FZdk93dVVoHDAjDz5LOQMHHTAmHBk3FXcaVAQ5ZTgbKktzag0vGCRxRysYIHFQaBcnLlx6UDc8DiVLOiUKOQcxOgwvG2U5AHMbLDYIIhoiaVMIQ218RHxGazsIIBIsOxJrRHMiFWtEc31RYEZmfyNrRHM7CCBAd2lSDFNxfBl4Qm-Z/I2tEcz4Xa0UCfVF7WHNlRHxGJCkCJRlmfid8RnJ8UX9GcmlTfhAqPgQoGTtpUwhHc3lPflA2cVA HTTP/1.1
Host: d1p7gp5w97u7t7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://arthwhilearthu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 626
date: Tue, 29 Nov 2022 23:03:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0_ynSHJoJIsxXeyiRw-n0OnjsxPAFp_11171lR427p7DxK7Vq4Nfgw==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1d7846e2a7294173c85271c0da130678
102a56df28bfb864653439cf703e0d8ca45f23cf
2774004fdfb065b1b02763317038c875bbadcf79fb05b6979c220c1a129ed04c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 23:03:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:52:36 GMT
Expires: Mon, 05 Dec 2022 04:52:35 GMT
Etag: "102a56df28bfb864653439cf703e0d8ca45f23cf"
Cache-Control: max-age=452361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771ef9b5dd221c0e-OSL
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 29 Nov 2022 23:03:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://exee.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 fightingcowardlycoffin.com/f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37193), with no line terminators
Hash 582dd593bcff446141a85a81f6717671
239fced23a69721a06a1d946edb92dcd7f371a44
92061442edb061ba6d5e5048f356aa2b4b0b0b2c18b79d9a087a173215bb289f
Analyzer Verdict Alert quad9 Sinkholed
GET /f5/85/f6/f585f65c6c65123b95dd09be324de3bb.js HTTP/1.1
Host: fightingcowardlycoffin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f25e9663a13200f2481e621463562425
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
analytics.vdo.ai/logger
172.64.105.3200 OK 44 kB IP 172.64.105.3:0
Hash e1f3949f4027661d32212df42c26f4dc
ba426d48842bfbaeb3f14aaa31790521fd4578ea
7bc045ddb3fd9ab4dff7bb4a771e99d3056d5726a2ee9ca8e757801caee868b3
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 124
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqShohx9lmdHC%2FELcvCxc1CToIXw%2BTuG4D8V4vcSJMfJicMt2HwVvIAp2Vry35%2FOHYwtZ5yEjFYbhB8%2BmFfHILr47KbM0jSK%2BqSDhic2wHMjTQG7sY%2B2twpHH6W%2FSKLkP5to"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b5fef271ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10648
Expires: Wed, 30 Nov 2022 02:00:42 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 55 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 55
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:03:14 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F7YLWcwRCiabeBuKwVfc1aT_zvUCr2y8fghUceHmES77hSJXUJj7Qg==
Age: 2122
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 7279f540b06128926e699280991cf35e
e4373279bf7e01d951858d6f0065c5ea99ba30eb
64ef655d60c7e8dba1f895c44a5f70748148cbed452476796719648eafbd4bbd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:14 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
set-cookie: uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; expires=Fri, 26 Nov 2032 23:03:14 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:03:14 GMT
Etag: "63866b9a-37"
Last-Modified: Tue, 29 Nov 2022 20:29:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 55
e1.o.lencr.org/
23.36.77.32200 OK 129 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Size 129 kB (129384 bytes)
Hash 12b596f29ad1b0de126fe8d7f0f170a7
ab579d76772fe52942657a7126fb6e0dfa78936a
99f05025a191a775148cae74bf887cb4b85bdfb49423d6add142b0a14026a754
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10648
Expires: Wed, 30 Nov 2022 02:00:42 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 22:46:55 GMT
expires: Wed, 30 Nov 2022 00:46:55 GMT
cache-control: public, max-age=7200
age: 979
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
targeting.vdo.ai/allowed_url.php?type=json&url=exee.app%2Fp6VLL&tag=v-exee-app&domain=exee.app
172.64.105.3200 OK 2.1 kB URL HTTP/2 targeting.vdo.ai/allowed_url.php?type=json&url=exee.app%2Fp6VLL&tag=v-exee-app&domain=exee.app
IP 172.64.105.3:0
File type JSON data\012- , ASCII text, with very long lines (8589)
Hash 87c856489d807b1d00b381bfa75fbe7c
ddadcced63bc68b07e7c5c7f261d13094f8633a8
90093385fc9aed21a39192e055d711e1444fb8cbe89884350c5a53c4e7f66478
GET /allowed_url.php?type=json&url=exee.app%2Fp6VLL&tag=v-exee-app&domain=exee.app HTTP/1.1
Host: targeting.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwBSVJ4U9K7cFhw0uQRj9%2FBpqwYSaQV%2BTDkUXi8bUoRqaFI56g5eLTiPyLXbiYw%2F9jSEyvx2sFbN7qSVKnDZFZMr542KmIbEKz9XWBTyOCJI%2Bb1kHaduDzP%2B0R0q85AOW2D%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9b5e9ff76dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a67f152254e0a2cfaf6ba5e5e51d9ae4
6ddc5ee596d0469d4d5f0bbcd1918677019337b4
d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.74200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126568 bytes)
Hash d298ebea71faa19cd8237ddf8c37d550
628f6436cdc4db74ecda4fad134b4499f41ad4cb
f02e9221a17b677d0aa0b76876bd82931f57bf5dd1ff9aa24a1ab945838b0e64
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126568
date: Tue, 29 Nov 2022 23:03:14 GMT
expires: Tue, 29 Nov 2022 23:03:14 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=551255224&t=timing&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&utc=video&utv=load_vdo.min.js&utl=v-exee-app&utt=204&_u=YEDAAUABCAAAACAAI~&jid=916270036&gjid=1249550703&cid=1683891882.1669762993&tid=UA-113932176-41&_gid=7965578.1669762993&_r=1>m=2oub90&z=137154858
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=551255224&t=timing&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&utc=video&utv=load_vdo.min.js&utl=v-exee-app&utt=204&_u=YEDAAUABCAAAACAAI~&jid=916270036&gjid=1249550703&cid=1683891882.1669762993&tid=UA-113932176-41&_gid=7965578.1669762993&_r=1>m=2oub90&z=137154858
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=551255224&t=timing&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&utc=video&utv=load_vdo.min.js&utl=v-exee-app&utt=204&_u=YEDAAUABCAAAACAAI~&jid=916270036&gjid=1249550703&cid=1683891882.1669762993&tid=UA-113932176-41&_gid=7965578.1669762993&_r=1>m=2oub90&z=137154858 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://exee.app
date: Tue, 29 Nov 2022 23:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=551255224&t=pageview&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABCAAAACAAI~&jid=607053349&gjid=248714429&cid=1683891882.1669762993&tid=UA-135952122-1&_gid=7965578.1669762993&_r=1>m=2oub90&z=1553286776
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=551255224&t=pageview&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABCAAAACAAI~&jid=607053349&gjid=248714429&cid=1683891882.1669762993&tid=UA-135952122-1&_gid=7965578.1669762993&_r=1>m=2oub90&z=1553286776
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=551255224&t=pageview&_s=1&dl=https%3A%2F%2Fexee.app%2Fp6VLL&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABCAAAACAAI~&jid=607053349&gjid=248714429&cid=1683891882.1669762993&tid=UA-135952122-1&_gid=7965578.1669762993&_r=1>m=2oub90&z=1553286776 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://exee.app
date: Tue, 29 Nov 2022 23:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.77302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 93624e36adb60e40bc2a58bb0201bd8f
1eb184346cb50ea13634981136c9550972eef333
4bc0fcd53ef96df505001dc1ce3fd8125a5e6f3da5cd566df5d5ff7964daf9bc
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 23:03:14 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-871696138%3A1669762994505761&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvPRG_9oCqiq96iFHc_1EE6Zc2wKwMFmSGFEz-FQ9awz5bFXuAmen0niO4uO4LI4DYmHyFaIQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-DpKf70OYJm17mAmV-P56pw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:ba-sUQrRbYdAppwS3FlsKcImwfKsHQ:C_Sf7Mr3M3iYUskO;Path=/;Expires=Thu, 28-Nov-2024 23:03:14 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/v3/signin/identifier?dsh=S1292202798%3A1669762994485838&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsvF_yHxOPMyh7oRggeAkWMXW_qxLlYp356qesgSwxXVQJXhM8o0HudYvOsqnqYpPo7ILjspA
142.250.74.77403 Forbidden 858 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1292202798%3A1669762994485838&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsvF_yHxOPMyh7oRggeAkWMXW_qxLlYp356qesgSwxXVQJXhM8o0HudYvOsqnqYpPo7ILjspA
IP 142.250.74.77:0
Hash db6f0963135ba5c5aeae298b51c30d56
c081f415df5bf7032def62bc34bea0989ea7b7bd
1ad87fece45c195e30d09b04eb2720ac7e746c45b7080e98a0dd4064e9fc0b6b
GET /v3/signin/identifier?dsh=S1292202798%3A1669762994485838&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsvF_yHxOPMyh7oRggeAkWMXW_qxLlYp356qesgSwxXVQJXhM8o0HudYvOsqnqYpPo7ILjspA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 23:03:14 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-lZ7l5-76J2FKhitiboZuLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11609
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11609
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11609
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11609
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11609
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 4229
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e08af5b1d18986e112913c6e69cc8ce6
151b60134a66305bd72dbb3810f67a57720b2af1
555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:17:16 GMT
age: 2758
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 4009
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CQERARyqGc2C8dEihlWw5X9eI6QqdR9Equ683aCy1XkizytQdod9Kw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:57:25 GMT
age: 3949
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 4229
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c5277610f3a542571abb53ffb3d4df1
ce411cc5b0a37bbd89551d06d7d0349f45734e97
3bf1105631ef7fda0249a46390ca90f904ea73b0a4f017c2db85326550a80a3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9812
x-amzn-requestid: 70bfeb68-0703-44bf-8550-50c759d52d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDbFolIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-73fb65ee2b9161372819207f;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QQCoNlJBSE2V-IQlZr37dhINTABRu3ms9Y1p4FweO36HD-U6m9vvwg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 4229
etag: "ce411cc5b0a37bbd89551d06d7d0349f45734e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-871696138%3A1669762994505761&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvPRG_9oCqiq96iFHc_1EE6Zc2wKwMFmSGFEz-FQ9awz5bFXuAmen0niO4uO4LI4DYmHyFaIQ
142.250.74.77403 Forbidden 2.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-871696138%3A1669762994505761&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvPRG_9oCqiq96iFHc_1EE6Zc2wKwMFmSGFEz-FQ9awz5bFXuAmen0niO4uO4LI4DYmHyFaIQ
IP 142.250.74.77:0
Hash a2548efa448a8c8d402f6775c1d2dacb
bd1f8d877b848783c6f766559c71703c5082f705
6bbd42a3f90e7889ae317d4b4cd83b7e5f3dc3736e179fbdf27b7d15e6dca018
GET /v3/signin/identifier?dsh=S-871696138%3A1669762994505761&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvPRG_9oCqiq96iFHc_1EE6Zc2wKwMFmSGFEz-FQ9awz5bFXuAmen0niO4uO4LI4DYmHyFaIQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 23:03:14 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-DqMFFyaAKLO_mLxsGhhqlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 130019dcc63335aaf43e4a8e2ad23343
c1667bde5fe5b739392176faf986c0bee92fac2d
42b28a671f597caf6a4c500a406db5a7e4c350ddcb9181c9da35e78e10e31d3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B28A671F597CAF6A4C500A406DB5A7E4C350DDCB9181C9DA35E78E10E31D3E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5009
Expires: Wed, 30 Nov 2022 00:26:43 GMT
Date: Tue, 29 Nov 2022 23:03:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
142.250.74.98200 OK 146 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP 142.250.74.98:0
Size 146 kB (145749 bytes)
Hash 687b2b1cc7df0f38cd0e7d92d613e7d6
04cf9bb2e6bc835fa87602f495e9651724065e99
eef42b8917ed2fcf721f02c31ba2f2a721a4de4598b9859cfdb5148709b5b199
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:04:29 GMT
expires: Tue, 29 Nov 2022 23:04:29 GMT
cache-control: public, max-age=3600
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
age: 3526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
integrityprinciplesthorough.com/sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=92a1792a-85e3-43e2-8387-fac79980e445%3A2%3A1
192.243.59.12200 OK 4.2 kB URL HTTP/1.1 integrityprinciplesthorough.com/sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=92a1792a-85e3-43e2-8387-fac79980e445%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5877), with no line terminators
Hash c3ab8f7d41d7129c07fbb07139309c0d
df8ddb09af32a7afeb2a10e202b6e8c2c9119e40
69703f7c1c63bb63eccfb763e5f765b69083b7596ebc5a0748d8db1c743b8dc1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=f585f65c6c65123b95dd09be324de3bb&uuid=92a1792a-85e3-43e2-8387-fac79980e445%3A2%3A1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://exee.app
Access-Control-Allow-Origin: https://exee.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17869332; expires=Wed, 30 Nov 2022 23:03:15 GMT; secure; SameSite=None
uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; expires=Tue, 06 Dec 2022 23:03:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 30 Nov 2022 23:03:15 GMT; secure; SameSite=None
uncs=1; expires=Wed, 30 Nov 2022 23:03:15 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 30 Nov 2022 23:03:15 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 30 Nov 2022 23:03:15 GMT; secure; SameSite=None
slecf585f65c6c65123b95dd09be324de3bb=[3760951]; expires=Tue, 29 Nov 2022 23:03:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 490d4b1b982e19df222c7435c3a14fab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d408a6e1bbc3d35236536361f0e5c37e
fb4e99c55de2136b51e5654643f3433bd8a8f447
dd303c1822ae32f81831821f791684475237232549851a6b27a67e2e76b42e64
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 23:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 18:23:42 GMT
Expires: Wed, 30 Nov 2022 18:23:42 GMT
ETag: "fb4e99c55de2136b51e5654643f3433bd8a8f447"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d408a6e1bbc3d35236536361f0e5c37e
fb4e99c55de2136b51e5654643f3433bd8a8f447
dd303c1822ae32f81831821f791684475237232549851a6b27a67e2e76b42e64
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 23:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 18:23:42 GMT
Expires: Wed, 30 Nov 2022 18:23:42 GMT
ETag: "fb4e99c55de2136b51e5654643f3433bd8a8f447"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d408a6e1bbc3d35236536361f0e5c37e
fb4e99c55de2136b51e5654643f3433bd8a8f447
dd303c1822ae32f81831821f791684475237232549851a6b27a67e2e76b42e64
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 23:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 18:23:42 GMT
Expires: Wed, 30 Nov 2022 18:23:42 GMT
ETag: "fb4e99c55de2136b51e5654643f3433bd8a8f447"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
51.79.81.36204 No Content 0 B URL HTTP/1.1 h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
IP 51.79.81.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8 HTTP/1.1
Host: h5.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.16.1
Date: Tue, 29 Nov 2022 23:03:15 GMT
Connection: keep-alive
Expires: Wed, 29 Nov 2023 23:03:15 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cae426fd894ba486fb2619d94649a46f
de7f4ebbbe968741405e71b4be8f4cce60026eba
a24e420ec18cee30e78ecd5cb7c4e29be049ea2f4e8b0c4a7c797f6a7a0d2992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5527
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Last-Modified: Tue, 29 Nov 2022 21:31:08 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRi9L40b3ah040IZRETBTN7PvMw8KwTTWin9pa10ff9ecs2ddx%2F3vjdvGhCChVJQcERQV%2FJyJm2wFrG6rspEhBIQOy4kCwOuXIgoiN24kUkGgt%2Fift%2B95yy%2Bc869vlHuER8l3b1w1qwprel83PQbL1xRmTCVa5y73Aj8pn%2BscUVlC61jjf7ksL2XAz9u%2Bi82Xpd81cyHfuD7gR80TiorU9Of30eh8jtJ0Ez8ZitsBnELffv%2Fuys9OOpB9PbIk1Bi%2FMjK%2FbtQfISs%2B8UJ6VYLk7%2F0WrfUtDAWPbH1RraamSpD93BMrYc025qyYdyYkI9nYLKtqQKY3uZEAZgaE%2B%2FnACzbmq4J1rt5sCnTkBmYeAxVbwSpR1B0BG6uQYkHBOAC584j6946Z2xFrx6gdIKOyezDv6GqMZn95Siy7udLWvUbl4wuC2Uyh35aQ%2FVHUMsj5OU2ijUPqtoGL96GEj%2BQ%2BYdnkHU3zzttoMTuc0lIg3YS0rlOLKO5ViTDuU7Uac%2BllLeTpOPLVivet0ipEVQ6gpYDUDeD0nkolYcy9VDmHrpit0HjJPX9dsrSKOq0OOdRxHncWRCxiFqd1EfJJxoGKPIBuB6A23Xkdh2ragBbfgu3UsMJD64g6IkalSSoHEFFCSpFUBUEVa%2B%2BKbQLXX1LaFeyYNrDaY%2FqoSmWN%2BhNUyzLjGzke%2BSJiXHe47ePYlXuNtK4E6cLMV%2FgC3EQRiyJhfATJqOwJWTEGJyqodwMqPOwpsbkyFu%2FI1djMrM0D0a34fQ2uHoWtHwatBq2Qx90Zdjq%2BFjLbsm%2BbCoDYWrkxSyKq96G3iNP7UeX8DYk31n849%2Ff9DvHPwS3NXJb4031HcGyvjG8aCqyedFUjtw9nxeqq9boJNZLBS3k7O3T8mplrDh1wg0%2BfZVPgMl457J0xRmaCZUtO%2FLZkhJC2pPGcknunXJXJLtQupWl0mZlfubC8ZOnurmVzimTjUDVg%2FYH4GpMHj27vv9hn3n3PpQdwZY1uuUOmRaU2QbP1%2BHyncVf26e%2F3%2FrzEzhDYPUhh%2BUeqrIe2pAdPmo1JtHz%2F0DLncUvP%2Fpx9d7Xr4CyGk4e2sDkzjd%2FHfA33A0sWw%2B0uIasW6Nna%2FR0DaoHcOWRYZHbncWfov0C096QaettMm31%2Bwf2OrXbkHHqp9IPJUsTlrapL5K0lTCaBLLNYhqgcGN%2B%2Fb2v%2FgMAAP%2F%2FAQAA%2F%2F%2FcL6msjAQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRi9L40b3ah040IZRETBTN7PvMw8KwTTWin9pa10ff9ecs2ddx%2F3vjdvGhCChVJQcERQV%2FJyJm2wFrG6rspEhBIQOy4kCwOuXIgoiN24kUkGgt%2Fift%2B95yy%2Bc869vlHuER8l3b1w1qwprel83PQbL1xRmTCVa5y73Aj8pn%2BscUVlC61jjf7ksL2XAz9u%2Bi82Xpd81cyHfuD7gR80TiorU9Of30eh8jtJ0Ez8ZitsBnELffv%2Fuys9OOpB9PbIk1Bi%2FMjK%2FbtQfISs%2B8UJ6VYLk7%2F0WrfUtDAWPbH1RraamSpD93BMrYc025qyYdyYkI9nYLKtqQKY3uZEAZgaE%2B%2FnACzbmq4J1rt5sCnTkBmYeAxVbwSpR1B0BG6uQYkHBOAC584j6946Z2xFrx6gdIKOyezDv6GqMZn95Siy7udLWvUbl4wuC2Uyh35aQ%2FVHUMsj5OU2ijUPqtoGL96GEj%2BQ%2BYdnkHU3zzttoMTuc0lIg3YS0rlOLKO5ViTDuU7Uac%2BllLeTpOPLVivet0ipEVQ6gpYDUDeD0nkolYcy9VDmHrpit0HjJPX9dsrSKOq0OOdRxHncWRCxiFqd1EfJJxoGKPIBuB6A23Xkdh2ragBbfgu3UsMJD64g6IkalSSoHEFFCSpFUBUEVa%2B%2BKbQLXX1LaFeyYNrDaY%2FqoSmWN%2BhNUyzLjGzke%2BSJiXHe47ePYlXuNtK4E6cLMV%2FgC3EQRiyJhfATJqOwJWTEGJyqodwMqPOwpsbkyFu%2FI1djMrM0D0a34fQ2uHoWtHwatBq2Qx90Zdjq%2BFjLbsm%2BbCoDYWrkxSyKq96G3iNP7UeX8DYk31n849%2Ff9DvHPwS3NXJb4031HcGyvjG8aCqyedFUjtw9nxeqq9boJNZLBS3k7O3T8mplrDh1wg0%2BfZVPgMl457J0xRmaCZUtO%2FLZkhJC2pPGcknunXJXJLtQupWl0mZlfubC8ZOnurmVzimTjUDVg%2FYH4GpMHj27vv9hn3n3PpQdwZY1uuUOmRaU2QbP1%2BHyncVf26e%2F3%2FrzEzhDYPUhh%2BUeqrIe2pAdPmo1JtHz%2F0DLncUvP%2Fpx9d7Xr4CyGk4e2sDkzjd%2FHfA33A0sWw%2B0uIasW6Nna%2FR0DaoHcOWRYZHbncWfov0C096QaettMm31%2Bwf2OrXbkHHqp9IPJUsTlrapL5K0lTCaBLLNYhqgcGN%2B%2Fb2v%2FgMAAP%2F%2FAQAA%2F%2F%2FcL6msjAQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRi9L40b3ah040IZRETBTN7PvMw8KwTTWin9pa10ff9ecs2ddx%2F3vjdvGhCChVJQcERQV%2FJyJm2wFrG6rspEhBIQOy4kCwOuXIgoiN24kUkGgt%2Fift%2B95yy%2Bc869vlHuER8l3b1w1qwprel83PQbL1xRmTCVa5y73Aj8pn%2BscUVlC61jjf7ksL2XAz9u%2Bi82Xpd81cyHfuD7gR80TiorU9Of30eh8jtJ0Ez8ZitsBnELffv%2Fuys9OOpB9PbIk1Bi%2FMjK%2FbtQfISs%2B8UJ6VYLk7%2F0WrfUtDAWPbH1RraamSpD93BMrYc025qyYdyYkI9nYLKtqQKY3uZEAZgaE%2B%2FnACzbmq4J1rt5sCnTkBmYeAxVbwSpR1B0BG6uQYkHBOAC584j6946Z2xFrx6gdIKOyezDv6GqMZn95Siy7udLWvUbl4wuC2Uyh35aQ%2FVHUMsj5OU2ijUPqtoGL96GEj%2BQ%2BYdnkHU3zzttoMTuc0lIg3YS0rlOLKO5ViTDuU7Uac%2BllLeTpOPLVivet0ipEVQ6gpYDUDeD0nkolYcy9VDmHrpit0HjJPX9dsrSKOq0OOdRxHncWRCxiFqd1EfJJxoGKPIBuB6A23Xkdh2ragBbfgu3UsMJD64g6IkalSSoHEFFCSpFUBUEVa%2B%2BKbQLXX1LaFeyYNrDaY%2FqoSmWN%2BhNUyzLjGzke%2BSJiXHe47ePYlXuNtK4E6cLMV%2FgC3EQRiyJhfATJqOwJWTEGJyqodwMqPOwpsbkyFu%2FI1djMrM0D0a34fQ2uHoWtHwatBq2Qx90Zdjq%2BFjLbsm%2BbCoDYWrkxSyKq96G3iNP7UeX8DYk31n849%2Ff9DvHPwS3NXJb4031HcGyvjG8aCqyedFUjtw9nxeqq9boJNZLBS3k7O3T8mplrDh1wg0%2BfZVPgMl457J0xRmaCZUtO%2FLZkhJC2pPGcknunXJXJLtQupWl0mZlfubC8ZOnurmVzimTjUDVg%2FYH4GpMHj27vv9hn3n3PpQdwZY1uuUOmRaU2QbP1%2BHyncVf26e%2F3%2FrzEzhDYPUhh%2BUeqrIe2pAdPmo1JtHz%2F0DLncUvP%2Fpx9d7Xr4CyGk4e2sDkzjd%2FHfA33A0sWw%2B0uIasW6Nna%2FR0DaoHcOWRYZHbncWfov0C096QaettMm31%2Bwf2OrXbkHHqp9IPJUsTlrapL5K0lTCaBLLNYhqgcGN%2B%2Fb2v%2FgMAAP%2F%2FAQAA%2F%2F%2FcL6msjAQAAA%3D%3D HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fac6204c8e11275a4e26646412b730b
Strict-Transport-Security: max-age=0; includeSubdomains
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
51.79.81.36200 OK 7.7 kB URL HTTP/1.1 h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8
IP 51.79.81.36:0
Hash 928d1e1d2c8615e123add5e629634f60
222ab4d2b2ea090da583b3dc356f0979f4d6801c
9be36bbf2e0af17b45c5347c4917a457db6165f11070bf0d9410961268a6ae23
GET /media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.m3u8 HTTP/1.1
Host: h5.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
vdoai: true
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62e47d3b-bf8c"
Expires: Wed, 29 Nov 2023 23:03:15 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
h5.vdo.ai/media_file/v-exee-app/source/uploads/thumbnails/16494291789562504aba5f866.png
51.79.81.36200 OK 69 kB URL HTTP/1.1 h5.vdo.ai/media_file/v-exee-app/source/uploads/thumbnails/16494291789562504aba5f866.png
IP 51.79.81.36:0
File type PNG image data, 320 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash b49d6e91482e1db917958f2a32a0b1bc
38c5ad2beec3f2cd782da2ee1a9f300a57a5115e
4ef36c7fb595d9e325c5d15b8143c03774407dc5da6c9a77ff9160580136a46d
GET /media_file/v-exee-app/source/uploads/thumbnails/16494291789562504aba5f866.png HTTP/1.1
Host: h5.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Type: image/png
Content-Length: 69290
Last-Modified: Fri, 08 Apr 2022 14:46:21 GMT
Connection: keep-alive
ETag: "62504abd-10eaa"
Expires: Wed, 29 Nov 2023 23:03:15 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
104.26.6.19200 OK 534 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
IP 104.26.6.19:0
File type HTML document text\012- HTML document, ASCII text
Hash 56a9e692a075709dd859083bdee1e5d6
f4eaf39f1e9acba0a3a97154ca35d8335cfa631e
98b5de38ea41d0c58dbbb6380628691c404964a1607ed9c1dc59364b7d3c4468
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 626649
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebxEveS9lMmSWKnqNmfVHvXxcZRUeXIMSVJ4XhP5iN6idvwlU78Zp5vKPfH6sTqvTA47vbNrEp8UEWisKotlGRrlKMOSLBVmludfuBmgkvEsjezSwS9JzWN4ycNR3k6KR9JyFnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9c2d9ebb52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/instream/video/client.js
142.250.74.70200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Tue, 29 Nov 2022 23:03:15 GMT
expires: Tue, 29 Nov 2022 23:03:15 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 1.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19866eed5cfa1ded32910d56ebbb67eb
30d50e22b374ceae1756976b7af4ddddfb4404c7
e6fe738d40e9981bfca2755bf62c1cef1edc8cd7b4ddcdbe767ad8f0c58b65e4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D8B439484D97223421026FBF662741696BB6E573273BFD2CFF066B1C1E08E871"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6643
Expires: Wed, 30 Nov 2022 00:53:58 GMT
Date: Tue, 29 Nov 2022 23:03:15 GMT
Connection: keep-alive
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
51.79.81.36204 No Content 0 B URL HTTP/1.1 h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
IP 51.79.81.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts HTTP/1.1
Host: h5.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.16.1
Date: Tue, 29 Nov 2022 23:03:15 GMT
Connection: keep-alive
Expires: Wed, 29 Nov 2023 23:03:15 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=76
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=76
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=76 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png
172.64.109.13200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png
IP 172.64.109.13:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/software/multi/browsers/ff/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 08 Sep 2022 07:49:57 GMT
etag: "63199ea5-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5706
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovMZM%2Be0BMQwcQ4WDXKeDxVL9LZEKLFtNEHLHcTmVGHuadyxP8U%2B%2Fudr19ClAQbcoXDox6F47g6AR6nA6k2NGAieX3Ow%2FXRvhyCkJYflcKPB11zkV0lzQNArS433nAMUsDCztOJ6BweG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9c4ca9e741f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9023f7c58094afb6679b8203371347f2
e4e0913494d8ef22785d0ac1ea37a6ccd07e7814
d8b439484d97223421026fbf662741696bb6e573273bfd2cff066b1c1e08e871
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D8B439484D97223421026FBF662741696BB6E573273BFD2CFF066B1C1E08E871"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6642
Expires: Wed, 30 Nov 2022 00:53:58 GMT
Date: Tue, 29 Nov 2022 23:03:16 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png
172.64.109.13200 OK 175 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png
IP 172.64.109.13:0
File type PNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data
Size 175 kB (174730 bytes)
Hash 85bc2f8a287afa33ac84c90178055d00
c98e7ebd06397a77a20607f55fe4ebf1b57ca334
85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30
GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJa9KIdfeNg5XfKEUAGHkdn8yQlos73jDnpXucy%2FvdZaVGLFizM0RXCipJ5XARShWWIKrclmHoITxRx8WUDaEpJmnBh9n65%2F7o4aOXgj1oI2qSvVH7crnMG3dpHyem85WC8nuaNqqAdi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9c4caa3741f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=103
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=103
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=103 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=29
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=29
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fjs%2Fscript.js&l=8814&fd=29 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=116
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=116
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=116 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
analytics.vdo.ai/logger
172.64.105.3200 OK 46 kB IP 172.64.105.3:0
Hash fb82bec594c82a0514e90af0994449be
d5d3618280c51cb6f9be8a3de719ef807f6c7d6e
6c39e03fa82fc38ae425a9e7333c6d71f31cdbd88886d61970e609863cf6004e
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 178
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOiKttmcxMyA3CUCwO77Dfpx8LOLs6r%2B7ssfBGPDMWzXurmvppMZroXHCw%2BVKyhquhg35YKJYLG4FQcF9Xrx8pfEW6bfGza13HqERyUVe%2BxzUHj9%2BWug%2FCXvYq%2B8mzQ5hIC4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9c1a98e71ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exee.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 530941
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
51.79.81.36206 Partial Content 391 kB URL HTTP/1.1 h5.vdo.ai/media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts
IP 51.79.81.36:0
Size 391 kB (391040 bytes)
Hash 1b12fa9a67b15135ee51bd1adfdd5831
6803487aeb9c8614bcb7d5173fd5c8e8d99e8cbd
6c90bfc07e47febe7dd92eb1bc86b7f67d54a6cbad30577c9efe629eeeb24a22
GET /media_file/v-exee-app/source/uploads/videos/16494291789562504aba5f866.ts HTTP/1.1
Host: h5.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-391039
vdoai: true
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.16.1
Date: Tue, 29 Nov 2022 23:03:15 GMT
Content-Type: video/mp2t
Content-Length: 391040
Last-Modified: Sat, 30 Jul 2022 00:37:15 GMT
Connection: keep-alive
ETag: "62e47d3b-113cda88"
Expires: Wed, 29 Nov 2023 23:03:15 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Range: bytes 0-391039/289200776
integrityprinciplesthorough.com/pixel/sbs?c=1
192.243.59.12200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwXvajk4kEZRETBne3fnW4jLG5iJOSXJJJzdVX1brk1XU1V9%2FRkQVgMhICCI4J6kt43myzGIEbPUZkVISyIGQ%2ByBxc8eRBREHPxIrM7sPgd6vuq3jt87726vlHtERcV3b1wVq9Jpeh81HZbL1yROde1bZ273PLctnusdUXmC%2BGxVn9ymN7Lnhu13Rdbrwu2qud913Ndz%2FVaJ6URme7P76OQxZ3EayduO%2FTbXhSib%2F5%2Ft5UDSx3w3h55EpKPH1m5fxeSjZB3vzgh7Gqpi5de61aKltqgx7feyFdzXefoHo6ZcZDlW1M2tB0T8vEMdL41VQDd25woQCrHxPnZQ5pvTddE2rt5sGmqIHKk%2FDHUvRGEGkHSEZi%2BBskfEIBxnDuPvHvrnDY1vXqA0gk6JrMP%2F4asx2T2l6PIu58vKdlvXdKqKqXOLfpZA9kfQS6PUFTbKNccyHobrHwbkv9A5h%2BeQd7dPG%2BVhuS7zyU%2B9TqJT%2BfiSARzYSD8uTiIO3MZZZ0kiV0RhtG%2BRVKOILMRlBiA2hlU1kElHVSZg6pw0OW7LRolmet2sjQLgjhkjAUBY1G8wCMehHHmomITDQOUxQBMDcDMOgqzjlU5gKm%2BhV1pYLkDWxL0eINaENSWoKYEtSSoS4K619zkyvq2ucWVrVJv2v1pD5qhLpc36E1dLoucbBR75ImJcc7jt49iVey2siiOsoWILbCFyPODNIk4d5NUBH7IRZCmsLKBtDOg1sGaHJMjb%2F2OQo7JzNI8UroNq7bB5LOg1dOg9bDju6ArwzB2sZbfEn3RlhpcNyjKWZRXnQ21R57ajy5hHQi2s%2FjHv7%2Bpd45%2FCGYaFKbBm%2FI7gmV1Y3hR12Tzoq4tuXu%2BKGVXrtFJrJdKWorZ26fF1VobfuqEHXz6KpsAk%2FHOZWHLMzTnMl%2B25LMlybkwJ7Vhgtw7Za%2BI9EJlV5Yqk1fFmQvHT57qFkZYK3U%2BApUPOh%2BAyTF59Oz6%2Fod95t37kGYEUzXoVjtkWpB6G6xYhy12Fn%2FtnP5%2B689PYDWBUYectHBQV83Q%2BOnho5JjEjz%2FD5TYWfzyox9X7339CmjawIpDG1Kx881fB%2FwNewPLxgEtryHvNuiZBj3VgKoBbHVkWBZmZ%2FGnYL%2BQKmeYKuNspsqo9w%2FstXK3FXmhiNO4wzhPBeNexw%2FiwHV9zsNOIrwEpR2z6%2B999R8AAAD%2F%2FwEAAP%2F%2FyCcnSowEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwXvajk4kEZRETBne3fnW4jLG5iJOSXJJJzdVX1brk1XU1V9%2FRkQVgMhICCI4J6kt43myzGIEbPUZkVISyIGQ%2ByBxc8eRBREHPxIrM7sPgd6vuq3jt87726vlHtERcV3b1wVq9Jpeh81HZbL1yROde1bZ273PLctnusdUXmC%2BGxVn9ymN7Lnhu13Rdbrwu2qud913Ndz%2FVaJ6URme7P76OQxZ3EayduO%2FTbXhSib%2F5%2Ft5UDSx3w3h55EpKPH1m5fxeSjZB3vzgh7Gqpi5de61aKltqgx7feyFdzXefoHo6ZcZDlW1M2tB0T8vEMdL41VQDd25woQCrHxPnZQ5pvTddE2rt5sGmqIHKk%2FDHUvRGEGkHSEZi%2BBskfEIBxnDuPvHvrnDY1vXqA0gk6JrMP%2F4asx2T2l6PIu58vKdlvXdKqKqXOLfpZA9kfQS6PUFTbKNccyHobrHwbkv9A5h%2BeQd7dPG%2BVhuS7zyU%2B9TqJT%2BfiSARzYSD8uTiIO3MZZZ0kiV0RhtG%2BRVKOILMRlBiA2hlU1kElHVSZg6pw0OW7LRolmet2sjQLgjhkjAUBY1G8wCMehHHmomITDQOUxQBMDcDMOgqzjlU5gKm%2BhV1pYLkDWxL0eINaENSWoKYEtSSoS4K619zkyvq2ucWVrVJv2v1pD5qhLpc36E1dLoucbBR75ImJcc7jt49iVey2siiOsoWILbCFyPODNIk4d5NUBH7IRZCmsLKBtDOg1sGaHJMjb%2F2OQo7JzNI8UroNq7bB5LOg1dOg9bDju6ArwzB2sZbfEn3RlhpcNyjKWZRXnQ21R57ajy5hHQi2s%2FjHv7%2Bpd45%2FCGYaFKbBm%2FI7gmV1Y3hR12Tzoq4tuXu%2BKGVXrtFJrJdKWorZ26fF1VobfuqEHXz6KpsAk%2FHOZWHLMzTnMl%2B25LMlybkwJ7Vhgtw7Za%2BI9EJlV5Yqk1fFmQvHT57qFkZYK3U%2BApUPOh%2BAyTF59Oz6%2Fod95t37kGYEUzXoVjtkWpB6G6xYhy12Fn%2FtnP5%2B689PYDWBUYectHBQV83Q%2BOnho5JjEjz%2FD5TYWfzyox9X7339CmjawIpDG1Kx881fB%2FwNewPLxgEtryHvNuiZBj3VgKoBbHVkWBZmZ%2FGnYL%2BQKmeYKuNspsqo9w%2FstXK3FXmhiNO4wzhPBeNexw%2FiwHV9zsNOIrwEpR2z6%2B999R8AAAD%2F%2FwEAAP%2F%2FyCcnSowEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwXvajk4kEZRETBne3fnW4jLG5iJOSXJJJzdVX1brk1XU1V9%2FRkQVgMhICCI4J6kt43myzGIEbPUZkVISyIGQ%2ByBxc8eRBREHPxIrM7sPgd6vuq3jt87726vlHtERcV3b1wVq9Jpeh81HZbL1yROde1bZ273PLctnusdUXmC%2BGxVn9ymN7Lnhu13Rdbrwu2qud913Ndz%2FVaJ6URme7P76OQxZ3EayduO%2FTbXhSib%2F5%2Ft5UDSx3w3h55EpKPH1m5fxeSjZB3vzgh7Gqpi5de61aKltqgx7feyFdzXefoHo6ZcZDlW1M2tB0T8vEMdL41VQDd25woQCrHxPnZQ5pvTddE2rt5sGmqIHKk%2FDHUvRGEGkHSEZi%2BBskfEIBxnDuPvHvrnDY1vXqA0gk6JrMP%2F4asx2T2l6PIu58vKdlvXdKqKqXOLfpZA9kfQS6PUFTbKNccyHobrHwbkv9A5h%2BeQd7dPG%2BVhuS7zyU%2B9TqJT%2BfiSARzYSD8uTiIO3MZZZ0kiV0RhtG%2BRVKOILMRlBiA2hlU1kElHVSZg6pw0OW7LRolmet2sjQLgjhkjAUBY1G8wCMehHHmomITDQOUxQBMDcDMOgqzjlU5gKm%2BhV1pYLkDWxL0eINaENSWoKYEtSSoS4K619zkyvq2ucWVrVJv2v1pD5qhLpc36E1dLoucbBR75ImJcc7jt49iVey2siiOsoWILbCFyPODNIk4d5NUBH7IRZCmsLKBtDOg1sGaHJMjb%2F2OQo7JzNI8UroNq7bB5LOg1dOg9bDju6ArwzB2sZbfEn3RlhpcNyjKWZRXnQ21R57ajy5hHQi2s%2FjHv7%2Bpd45%2FCGYaFKbBm%2FI7gmV1Y3hR12Tzoq4tuXu%2BKGVXrtFJrJdKWorZ26fF1VobfuqEHXz6KpsAk%2FHOZWHLMzTnMl%2B25LMlybkwJ7Vhgtw7Za%2BI9EJlV5Yqk1fFmQvHT57qFkZYK3U%2BApUPOh%2BAyTF59Oz6%2Fod95t37kGYEUzXoVjtkWpB6G6xYhy12Fn%2FtnP5%2B689PYDWBUYectHBQV83Q%2BOnho5JjEjz%2FD5TYWfzyox9X7339CmjawIpDG1Kx881fB%2FwNewPLxgEtryHvNuiZBj3VgKoBbHVkWBZmZ%2FGnYL%2BQKmeYKuNspsqo9w%2FstXK3FXmhiNO4wzhPBeNexw%2FiwHV9zsNOIrwEpR2z6%2B999R8AAAD%2F%2FwEAAP%2F%2FyCcnSowEAAA%3D HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Cookie: u_pl=17869332; uid_id2=92a1792a-85e3-43e2-8387-fac79980e445:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf585f65c6c65123b95dd09be324de3bb=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 23:03:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d750c09d6b375e4cf4dceecce8d999c
Strict-Transport-Security: max-age=0; includeSubdomains
adservice.google.com/adsid/integrator.js?domain=exee.app
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=exee.app
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=exee.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 29 Nov 2022 23:03:16 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.vdo.ai/logger
172.64.105.3200 OK 114 B IP 172.64.105.3:0
Hash 3f6fd3ce246ad04aa9b81c6cb4e5c957
67555e6f51171f364f9bfb9fab206039b59f61fc
7e2761b31a700220c76ddf812cbaaf33be218f258d8442465a0131dae177d922
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 180
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkkB43Z1QVbtEskpsIlwAkbRyugEuTcDLdXLrwHh0P6QXyvkye%2FqLf5lEHqTJ86xhzTc6vDeKAks0DFnsC8IJXMpp7U0fSncm9lS1ISwkVWcFThbz09tteHMBBs4jE8byfNs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9c1b9c071ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd71cb59bfd5e31191d61da63fec244a
998886e4743fc393838dbee7a6632d392e268e73
54672c525e2462ddbb2e84b80945daede2e13469b8817d636dc12d5bb0b3bc47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54672C525E2462DDBB2E84B80945DAEDE2E13469B8817D636DC12D5BB0B3BC47"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6051
Expires: Wed, 30 Nov 2022 00:44:08 GMT
Date: Tue, 29 Nov 2022 23:03:17 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=92a1792a-85e3-43e2-8387-fac79980e445&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=92a1792a-85e3-43e2-8387-fac79980e445&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=92a1792a-85e3-43e2-8387-fac79980e445&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f585f65c6c65123b95dd09be324de3bb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 23:03:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a5ebda83709105859dda19f5163fa37
Strict-Transport-Security: max-age=0; includeSubdomains
analytics.vdo.ai/logger
172.64.105.3200 OK 0 B IP 172.64.105.3:0
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 177
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:14 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro3P3q52JgprcVFiK0D8mRrp4zo8O1vPFBcrYQoowNthrns0DNLjpwdC6MHXwarqfJzKjAZ3IQipSXWZAq%2Buaepb12lYbPzm%2BR6ceMjx92lWFjKFoGuR%2BhpIW%2FVQQd9FtTMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9bcb9d571ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.vdo.ai/logger
172.64.105.3200 OK 0 B IP 172.64.105.3:0
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 186
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weK8mToz2u8HiV3%2F8mkFxFh%2BCH9vjCshbgUdzaEzJJGyPbf2W5VEm6NX%2BAZOdUFckR22E4vc%2FNGPm2Kv6rPPTwievFOlunkq4He%2B1jMZ51Qqd12PNVfuX8E3WH7TfYFcE0Lu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9c1a9af71ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 172.217.21.174:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 29 Nov 2022 23:03:15 GMT
date: Tue, 29 Nov 2022 23:03:15 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=RR-MaDV6GkU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=GTfyzvz18aI; Domain=.youtube.com; Expires=Sun, 28-May-2023 23:03:15 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+127; expires=Thu, 28-Nov-2024 23:03:15 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
IP 172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6pKBPxhoADjLATxO0PRbVZ4KqNYLeetMhrT%2BtVGR4NWb%2Bcv3gPXaMGYfT3gEAZv%2B%2Bup48gzV3%2BITz%2FKMrlA%2BQ5J8vVl2CgxqRgq%2BEWx5EGamT8xh9IJ72ptj6uamugELurKiP2OEe8Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9c48a09741f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
IP 172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:16 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRSOXevrk2XZr2g6tJOuJV0TbO9X6W8rjLYZFwkXluompmXBiHg%2FVx%2Bv%2B7jAxQvJ5L%2FzSQRecFC%2BEPKhB4nO3EYLV3sKfIjGkzYbb1i365bRI2Jf0QcOh0bg7%2BQTM908UXpojAE81naP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9c55b69741f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exe.io/p6VLL
104.26.2.103302 Found 0 B IP 104.26.2.103:0
GET /p6VLL HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 29 Nov 2022 23:03:12 GMT
content-type: text/html; charset=UTF-8
location: https://exee.app/p6VLL
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=a7116d239bbf1765f2b2dd74ec529953; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TnHWQEKqsl%2BLyqvxl4J4FaQJ1LscxQxYHOYXMkY2g81y4S2KFXEKwvEkmQOw4MmB9Tzm%2F0SJQCmfeCQWzDmi1NAjF6NkJ0TRsms9XRCes3GKWW23NJ90A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9af7cf50b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.203.23200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:14 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 674903893a1d97389755a672a5057338
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 29 Nov 2022 23:03:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNPEXcKhU4Su3WwB14brI%2FJ%2Bk1aqk4fdHElC8FNlBKVvE%2BFcLbftlHvBuucuxc%2BT104oaKNgLi%2FdWX%2BQLWv3dm7NFtrN1IRkvceqneZ683WBoCatxJ0XIzE8VQWr2OfBY6RZ4jQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9b9ee50004a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: m522kAiKUbOnUWOzApPWEm9fnDJiq7zXWa/3FqL+ixYd2Vk37Zqf9g8PvKNQgeQyWta5EjYLUhUUFFeuofcVOQ==
date: Tue, 29 Nov 2022 23:03:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 23:03:13 GMT
date: Tue, 29 Nov 2022 23:03:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
104.21.29.183200 OK 0 B URL HTTP/2 cdntechone.com/stattag.js
IP 104.21.29.183:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2705
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izXoOY3YacvgHhgjzYEgopJQaQkRyPgLHSTdCFh6Ni4MDZwFpqIBSPi%2BKhHNv6jkLNPTb0pVDv61mR2jwr1iDK4M6hMgS3qBHLDCcdB7ZFIRRrhxrYtPFwsF4l5gsABzZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9b38ca3fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exee.app/
Origin: https://exee.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exee.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3650
last-modified: Tue, 29 Nov 2022 22:02:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3F4fNEDp8%2BhAG4jat8zEp6Ci2jCB%2F3RkJiBIKoDEffexvCPf70d8HP70Wf9e1aOnsKeeLHr%2FW%2F2Ey7ay2tx6yqrrmwJl2Tm%2B92sneaaa1AY0dBhWXjkUHc1DaWaYmCJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771ef9b478f7745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.vdo.ai/logger
172.64.105.3200 OK 0 B IP 172.64.105.3:0
POST /logger HTTP/1.1
Host: analytics.vdo.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 179
Origin: https://exee.app
Connection: keep-alive
Referer: https://exee.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:03:15 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maB9sEiYMIvNmehNKDyiIYaq2TIvzXZnrla%2FG%2BRJdaJUnhgz6pi33wZIU4irUgXZ%2FT8gurcaNFBWuBBio%2Fj8KrCpx08IoQqbdyHLfGqhzBEC2y%2Fv7Hz0d8Enm5LRWqowZRT8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771ef9c1b9cb71ec-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2