exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 17:13:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 18:13:56 GMT
Location: https://exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7ERUkfrGgUcVOnqZEmY8HIA38au9iyR1P019lUkYrE7cletdCstPb0k5e5w7XvRkWk0rskuWmpb1S6FgcbyHjf1ITSz84SNqSUlu8IQ3wImwxFGcGmyn6c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79348f6d3935b4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14169
Expires: Thu, 02 Feb 2023 21:10:05 GMT
Date: Thu, 02 Feb 2023 17:13:56 GMT
Connection: keep-alive
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10181
Expires: Thu, 02 Feb 2023 20:03:37 GMT
Date: Thu, 02 Feb 2023 17:13:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 16:43:31 GMT
content-type: application/json
age: 1825
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10709
Expires: Thu, 02 Feb 2023 20:12:25 GMT
Date: Thu, 02 Feb 2023 17:13:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WeWKEANOG28uH9Fyd6TWdNo2B/1vFHzdn3qp621QZzart9qqw6ct2PW2WyG2lE5ofSbR4/BZNFw=
x-amz-request-id: GR8YVJYNNVD4ARQP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 16:52:03 GMT
age: 1313
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 99f3dafe08879e053c1a291092afb1c8
2ebffa3b6441aff1e2698d52b3c0b51bf80c36f0
f7a02c342c7d704a07f379226f58038d0467ab2574f655bd646711a6eb4dd48a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3406
Cache-Control: max-age=103425
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:56 GMT
Etag: "63dad307-117"
Expires: Fri, 03 Feb 2023 21:57:41 GMT
Last-Modified: Wed, 01 Feb 2023 21:00:55 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:13:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 99f3dafe08879e053c1a291092afb1c8
2ebffa3b6441aff1e2698d52b3c0b51bf80c36f0
f7a02c342c7d704a07f379226f58038d0467ab2574f655bd646711a6eb4dd48a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3406
Cache-Control: max-age=103425
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:56 GMT
Etag: "63dad307-117"
Expires: Fri, 03 Feb 2023 21:57:41 GMT
Last-Modified: Wed, 01 Feb 2023 21:00:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:07:19 GMT
age: 397
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 22f29e6d5f2d6b948358db19d0d238bb
dcefd0ba89ebd21477f692f23e90f883c1bfa60a
8eea15fbae15c5f4e17d23791b9f356e9dcba201b59d6a23d80315a632b8776f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5940
Cache-Control: max-age=136930
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Etag: "63db4c03-118"
Expires: Sat, 04 Feb 2023 07:16:07 GMT
Last-Modified: Thu, 02 Feb 2023 05:37:07 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14863
Expires: Thu, 02 Feb 2023 21:21:40 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 99f3dafe08879e053c1a291092afb1c8
2ebffa3b6441aff1e2698d52b3c0b51bf80c36f0
f7a02c342c7d704a07f379226f58038d0467ab2574f655bd646711a6eb4dd48a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3407
Cache-Control: max-age=103425
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Etag: "63dad307-117"
Expires: Fri, 03 Feb 2023 21:57:42 GMT
Last-Modified: Wed, 01 Feb 2023 21:00:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
exe.io/img/logo_sm.png
188.114.97.1200 OK 11 kB IP 188.114.97.1:0
File type PNG image data, 262 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash babf1df3467cca81bd9fdd5540a70b3d
ab768d826851da1b84b22e14f4facfda137500f4
c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534
GET /img/logo_sm.png HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: image/png
content-length: 10989
x-frame-options: SAMEORIGIN
last-modified: Sun, 28 Mar 2021 18:01:57 GMT
cache-control: max-age=31536000
expires: Thu, 25 Jan 2024 22:31:11 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 672166
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdndcceW6z%2BiJL8xHR6v2a7Cov%2B7Hg3hLPBf2mc7CxuYT5ETEHREFpr9y15AM5kg8bS2nIQLfpcK1WljkuZ2f3bDyjAFtEwOiEFEXm4XF%2FMnZqp6IGs3Wls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f74ef26b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exeo.app/css/continue.css
104.26.8.233200 OK 42 kB URL HTTP/2 exeo.app/css/continue.css
IP 104.26.8.233:0
File type ASCII text, with very long lines (65079)
Hash dcff0365f91ece91cba2c5476e968f06
d8c1413fe07f141072691c509969aab55687a8dd
73877a3a78a83ced17d0fd3cb689dffd925767d3ce0ca6d8cd496381358e2286
GET /css/continue.css HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/VPk5e
Cookie: AppSession=201f82f91ad38b10ef68ec0809ec6ec7; csrfToken=39ee8769d8454598acf8ce79d2640b9e9023c19e23a5ada5385e985fcd4c21eb232df68bae37c679617bc6ac0173a2de932bcc249a3d75fa8385404fa8b44866
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=211688
expires: Fri, 10 Feb 2023 22:59:15 GMT
last-modified: Mon, 12 Dec 2022 17:28:40 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1880082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZPo6iwTyqxULV%2F%2F5OR1ET1RBY7G03H0w3GxM1ZZYe6BB62SJtvLbYI5WvvyVlrBXNVdDtNrDPx3IAQ9fYd%2Fko7ztu2kzf3n3Fnh5aAQjMR2pJgahwJ4wkbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f74ba1cfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bda3d713baaaa0779dd2c269b6c07acd
d71c6cdc46db77b9843356369a599eceb32ebfca
74081dde1f5df4a1859246e794b0727a011540271fb869ab8ada6512b5d77588
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4379
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Last-Modified: Thu, 02 Feb 2023 16:00:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-135952122-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash d4c5496232eadff03fa7d08160b73a8f
2a60939a05deb19577ab816972866f8952920477
d5750ff3d6d234d84b53412ad301a91ab09838c92b7d5c97237ba6234a286a68
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 17:13:57 GMT
expires: Thu, 02 Feb 2023 17:13:57 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 16:57:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash a40d9ef33c53ffac627d022d6f86e4d1
3d503f543f87ca35785e83a4a691c3449af8a11c
dcd2b4df8e1d7cb27de234b084033e691581d968bdf4d56274008e64c5d2ed73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: max-age=92969
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Etag: "63daa4b2-115"
Expires: Fri, 03 Feb 2023 19:03:26 GMT
Last-Modified: Wed, 01 Feb 2023 17:43:14 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 277
push.services.mozilla.com/
35.155.161.242101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.161.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DQ11Qa89aT5hdCI5xBJ8Ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 36jAnIiS+ZWfSHpCPPlZnStQoWQ=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash a40d9ef33c53ffac627d022d6f86e4d1
3d503f543f87ca35785e83a4a691c3449af8a11c
dcd2b4df8e1d7cb27de234b084033e691581d968bdf4d56274008e64c5d2ed73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: max-age=92969
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Etag: "63daa4b2-115"
Expires: Fri, 03 Feb 2023 19:03:26 GMT
Last-Modified: Wed, 01 Feb 2023 17:43:14 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 277
e1.o.lencr.org/
184.51.252.197200 OK 346 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17066
Expires: Thu, 02 Feb 2023 21:58:23 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
e1.o.lencr.org/
184.51.252.197200 OK 345 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12187
Expires: Thu, 02 Feb 2023 20:37:04 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
e1.o.lencr.org/
184.51.252.197200 OK 346 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17066
Expires: Thu, 02 Feb 2023 21:58:23 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
e1.o.lencr.org/
184.51.252.197200 OK 345 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12187
Expires: Thu, 02 Feb 2023 20:37:04 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash fb90ba2e5c9b091b1f8e5961116e27bc
9673d4df03150e77e8a9055af908b1f497a540d3
0b98dc66b33c35a49bc50f8ca5b376dea60fe7e1da9923d0a8190317e144b9f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B98DC66B33C35A49BC50F8CA5B376DEA60FE7E1DA9923D0A8190317E144B9F3"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18254
Expires: Thu, 02 Feb 2023 22:18:11 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.67200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exeo.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 253276
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
racterdeet.com/ekV5cG8bJxodUBt4G1YaCClEVV08YEs2Cw4zTAMEH3dISAlOcVcTAxUwHRYdFSsNXgEfMVxCKTUQPzJcIBA0Cj8CLj0WLCtwPEEHTSQ+HCsiDR1CIB0UMjw8ODEwQSo4HBEbXTkWSVVdOAISEyE5Mh1CLgJ9FxI4OBc6IyZfdzs+XwoBMxpbABYVIgM3ESgmODIhSzouGQ4yN18VAigxHjEGHiEsPjYeFAgzAB8aX193PzQ+DTMpNCkpEw4mAxwuHTEMLQdNMS4NMTc0VzsDFCoGIwcSIjUXDx4iAywxIDg5Pw9LKgYjBDg9Iy0fEiUDIwcdJyUyDSEmBB4QVCEBICgzFy0oCxQpFzwCLyg1X3c7KSlPBBonLkkAHikAKnYvNiZJAx4pOh4TGh0tEhAVFBU0LxI2LjkQXEIpMQMzKC0tAx4hBA4/HRk5MRM4VgUJKhcAUi5xO0ImOykXHiVKLTEn
54.192.99.24200 OK 1.2 kB URL HTTP/2 racterdeet.com/ekV5cG8bJxodUBt4G1YaCClEVV08YEs2Cw4zTAMEH3dISAlOcVcTAxUwHRYdFSsNXgEfMVxCKTUQPzJcIBA0Cj8CLj0WLCtwPEEHTSQ+HCsiDR1CIB0UMjw8ODEwQSo4HBEbXTkWSVVdOAISEyE5Mh1CLgJ9FxI4OBc6IyZfdzs+XwoBMxpbABYVIgM3ESgmODIhSzouGQ4yN18VAigxHjEGHiEsPjYeFAgzAB8aX193PzQ+DTMpNCkpEw4mAxwuHTEMLQdNMS4NMTc0VzsDFCoGIwcSIjUXDx4iAywxIDg5Pw9LKgYjBDg9Iy0fEiUDIwcdJyUyDSEmBB4QVCEBICgzFy0oCxQpFzwCLyg1X3c7KSlPBBonLkkAHikAKnYvNiZJAx4pOh4TGh0tEhAVFBU0LxI2LjkQXEIpMQMzKC0tAx4hBA4/HRk5MRM4VgUJKhcAUi5xO0ImOykXHiVKLTEn
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3046), with no line terminators
Hash ea3fc6441219fbcb3a460ad83ff68913
dae16f0090c8601cb84c482d15fef04923b2b80c
82e3dd04f7fb7fe1473711d670ec0cf49a9eb795d559e19e568f37a7ff75b762
GET /ekV5cG8bJxodUBt4G1YaCClEVV08YEs2Cw4zTAMEH3dISAlOcVcTAxUwHRYdFSsNXgEfMVxCKTUQPzJcIBA0Cj8CLj0WLCtwPEEHTSQ+HCsiDR1CIB0UMjw8ODEwQSo4HBEbXTkWSVVdOAISEyE5Mh1CLgJ9FxI4OBc6IyZfdzs+XwoBMxpbABYVIgM3ESgmODIhSzouGQ4yN18VAigxHjEGHiEsPjYeFAgzAB8aX193PzQ+DTMpNCkpEw4mAxwuHTEMLQdNMS4NMTc0VzsDFCoGIwcSIjUXDx4iAywxIDg5Pw9LKgYjBDg9Iy0fEiUDIwcdJyUyDSEmBB4QVCEBICgzFy0oCxQpFzwCLyg1X3c7KSlPBBonLkkAHikAKnYvNiZJAx4pOh4TGh0tEhAVFBU0LxI2LjkQXEIpMQMzKC0tAx4hBA4/HRk5MRM4VgUJKhcAUi5xO0ImOykXHiVKLTEn HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Thu, 02 Feb 2023 17:13:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: _malT1kRYZjCTU5f9LhZaJvfhO2xmRIl39BWuoaGiwK_ky8qsK8tbQ==
X-Firefox-Spdy: h2
racterdeet.com/utx?cb=t1gt9Kbp4uST&top=exeo.app&tid=822524
54.192.99.24204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=t1gt9Kbp4uST&top=exeo.app&tid=822524
IP 54.192.99.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=t1gt9Kbp4uST&top=exeo.app&tid=822524 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:13:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 17:14:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: jn2o5D6RZx52ZnNPoMrzGQ5zawW06eV6VRqrZqXXl1O7dBmRaGCqYA==
X-Firefox-Spdy: h2
racterdeet.com/eTR4Y1MYVhsObBgJGkUmC1hFRmE/EUolNw1CTRA4HAZJWzVNAFYAPxZBHAUhFloMTT0cQF1RFRdQLykbLwQ1NBcqXwAFEjx4MVEjTmZJISojbBw3ED1lTC8CL1IoNx4OZR9bARtTSSESAAERLwIvcTUaYxdnPik7Nk0xAREhRAApOwp2HQ4JFXI5Oj8YWhw3FRNXTCgWHlUzNxoIcCoMNDZeCyUBPX1KBTseeig3Zw9zKS06I2UuIgcxUAEABi9/NSdnDXEpUyQzcyIrBhBfEjk4HWccDjcNZi0HYz9jIisGE3VdURE1YTY0ChRlOjYVOwc0UAU7ZktOAi9uEwcAN2c+DgEQeko5YCNWLQ5mAFctNhUwXikMFBJQSSYLP3ItUDcXVxM1ByBZLhkWDkdJLjosVT8OGRV2LTEAGloUGQYBUE45NF9eCww9CQkCByBOWS5aHU1VEVY9CQ
54.192.99.24200 OK 1.2 kB URL HTTP/2 racterdeet.com/eTR4Y1MYVhsObBgJGkUmC1hFRmE/EUolNw1CTRA4HAZJWzVNAFYAPxZBHAUhFloMTT0cQF1RFRdQLykbLwQ1NBcqXwAFEjx4MVEjTmZJISojbBw3ED1lTC8CL1IoNx4OZR9bARtTSSESAAERLwIvcTUaYxdnPik7Nk0xAREhRAApOwp2HQ4JFXI5Oj8YWhw3FRNXTCgWHlUzNxoIcCoMNDZeCyUBPX1KBTseeig3Zw9zKS06I2UuIgcxUAEABi9/NSdnDXEpUyQzcyIrBhBfEjk4HWccDjcNZi0HYz9jIisGE3VdURE1YTY0ChRlOjYVOwc0UAU7ZktOAi9uEwcAN2c+DgEQeko5YCNWLQ5mAFctNhUwXikMFBJQSSYLP3ItUDcXVxM1ByBZLhkWDkdJLjosVT8OGRV2LTEAGloUGQYBUE45NF9eCww9CQkCByBOWS5aHU1VEVY9CQ
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3046), with no line terminators
Hash 6f53a524fd978b447d870e5825964ed5
2eb2ba41b8dc5a3b9534687bc39bf1ca5fb92632
f691c7cfbacf9dd99991a4a7bb8adc4656cab5176ac3bfd07eb806122c575b32
GET /eTR4Y1MYVhsObBgJGkUmC1hFRmE/EUolNw1CTRA4HAZJWzVNAFYAPxZBHAUhFloMTT0cQF1RFRdQLykbLwQ1NBcqXwAFEjx4MVEjTmZJISojbBw3ED1lTC8CL1IoNx4OZR9bARtTSSESAAERLwIvcTUaYxdnPik7Nk0xAREhRAApOwp2HQ4JFXI5Oj8YWhw3FRNXTCgWHlUzNxoIcCoMNDZeCyUBPX1KBTseeig3Zw9zKS06I2UuIgcxUAEABi9/NSdnDXEpUyQzcyIrBhBfEjk4HWccDjcNZi0HYz9jIisGE3VdURE1YTY0ChRlOjYVOwc0UAU7ZktOAi9uEwcAN2c+DgEQeko5YCNWLQ5mAFctNhUwXikMFBJQSSYLP3ItUDcXVxM1ByBZLhkWDkdJLjosVT8OGRV2LTEAGloUGQYBUE45NF9eCww9CQkCByBOWS5aHU1VEVY9CQ HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Thu, 02 Feb 2023 17:13:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: TOy-wJK9QrLysZfuKVCgMKht6KQQmQcPQR3he6q7AZGgdR3DnnwINg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bda3d713baaaa0779dd2c269b6c07acd
d71c6cdc46db77b9843356369a599eceb32ebfca
74081dde1f5df4a1859246e794b0727a011540271fb869ab8ada6512b5d77588
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Last-Modified: Thu, 02 Feb 2023 15:35:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
exeo.app/VPk5e
104.26.8.233200 OK 153 kB IP 104.26.8.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59486)
Size 153 kB (152868 bytes)
Hash 14e286b28a328838195d7732e0e535b8
9a00f29300e4df43d056f814a047a6e834621b1b
733ed2ca5d990bd8309c8bdaaef17fe0f6b6dccec5fa371cc1544752292bf47e
GET /VPk5e HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=201f82f91ad38b10ef68ec0809ec6ec7; path=/; HttpOnly
csrfToken=39ee8769d8454598acf8ce79d2640b9e9023c19e23a5ada5385e985fcd4c21eb232df68bae37c679617bc6ac0173a2de932bcc249a3d75fa8385404fa8b44866; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiFUI5mT1oCXS2UyI9vGDjhYQzHirpfLVu%2FvieWbK3182mU2p%2F3pIH9d8zND0T1QoCxoMoYw%2FYjLl2Ube2b79yc9QVadKJ9qPrTDSmGrVEyaEirgdifGP1Mm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f73992ffac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
racterdeet.com/b2RuV08OBg06cA5ZDHE6HQhTcn0pQVwRKxsSWyQkClZfbylbUEA0IwARCjE9AAoaeSEKEEtlCS4GAz8kOzMnGQ0YCxwPHQAmLx8NDjMCIxgKVSAeDgcHBxMNWjIsIHsCLF9nGyk3HTYbByVdFSMhPT8+CislL24VDhMNFgxeCFYFDlcpLDkNODcsZwkMJVYVCghUBhMoVio4MDs3NSg/DQlVJBAHGFQEFSgqAihlJz48CQ4eDiIsMhg5NgQCJBsGJDonPjwGbwEmVTw2GzkHPgV+Fz0mHzs4N18kIg4iLDIIBy4BAhxWPjgfJyI8BRENCVUnHQs+SQ06CzoQDx4hVjc2Zic6AigdKTsyNG4NLgcPFhwcKig8fjgnXxkqNzEebh0tEDgBHkkOHTghH1kNFAseURkPBhs
54.192.99.24200 OK 1.2 kB URL HTTP/2 racterdeet.com/b2RuV08OBg06cA5ZDHE6HQhTcn0pQVwRKxsSWyQkClZfbylbUEA0IwARCjE9AAoaeSEKEEtlCS4GAz8kOzMnGQ0YCxwPHQAmLx8NDjMCIxgKVSAeDgcHBxMNWjIsIHsCLF9nGyk3HTYbByVdFSMhPT8+CislL24VDhMNFgxeCFYFDlcpLDkNODcsZwkMJVYVCghUBhMoVio4MDs3NSg/DQlVJBAHGFQEFSgqAihlJz48CQ4eDiIsMhg5NgQCJBsGJDonPjwGbwEmVTw2GzkHPgV+Fz0mHzs4N18kIg4iLDIIBy4BAhxWPjgfJyI8BRENCVUnHQs+SQ06CzoQDx4hVjc2Zic6AigdKTsyNG4NLgcPFhwcKig8fjgnXxkqNzEebh0tEDgBHkkOHTghH1kNFAseURkPBhs
IP 54.192.99.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash 44bf3fc747262269217b820f283ce60a
9d665c11c38b5573f0b85bb370c0763a1dab718c
dbefd1073074fdce449e8c53d997ae54f75a0c77b3c020cea05bee9dde6a0eaf
GET /b2RuV08OBg06cA5ZDHE6HQhTcn0pQVwRKxsSWyQkClZfbylbUEA0IwARCjE9AAoaeSEKEEtlCS4GAz8kOzMnGQ0YCxwPHQAmLx8NDjMCIxgKVSAeDgcHBxMNWjIsIHsCLF9nGyk3HTYbByVdFSMhPT8+CislL24VDhMNFgxeCFYFDlcpLDkNODcsZwkMJVYVCghUBhMoVio4MDs3NSg/DQlVJBAHGFQEFSgqAihlJz48CQ4eDiIsMhg5NgQCJBsGJDonPjwGbwEmVTw2GzkHPgV+Fz0mHzs4N18kIg4iLDIIBy4BAhxWPjgfJyI8BRENCVUnHQs+SQ06CzoQDx4hVjc2Zic6AigdKTsyNG4NLgcPFhwcKig8fjgnXxkqNzEebh0tEDgBHkkOHTghH1kNFAseURkPBhs HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1166
date: Thu, 02 Feb 2023 17:13:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Ak14_9siSgNXzmD4bkNunrBHuBI6lFzegdCpiJbSTND7qgPxafC8yg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pyoungstersofto.xyz/R2pqaDVoVQkbCB4GJDhQEgY7MltyKAw+bysMWgBCEQcwX2QPGUwcXCNXUloHclheTkUuDldZEzQeCxxANFdbTlwpDAVVEzFXW0YGc0RZWRt1TB9VBGEeGglSeltMGEEzBldZA3BfWV0Nd1xeXAB2
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/R2pqaDVoVQkbCB4GJDhQEgY7MltyKAw+bysMWgBCEQcwX2QPGUwcXCNXUloHclheTkUuDldZEzQeCxxANFdbTlwpDAVVEzFXW0YGc0RZWRt1TB9VBGEeGglSeltMGEEzBldZA3BfWV0Nd1xeXAB2
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /R2pqaDVoVQkbCB4GJDhQEgY7MltyKAw+bysMWgBCEQcwX2QPGUwcXCNXUloHclheTkUuDldZEzQeCxxANFdbTlwpDAVVEzFXW0YGc0RZWRt1TB9VBGEeGglSeltMGEEzBldZA3BfWV0Nd1xeXAB2 HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:13:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJWlVE7vWM3z2ldj4smh7r3yxUsAZiYkxErYCfEsf0QPjRxkvTjh81XBUtoCcDMND%2BdiwUPA8ZRKMlM9k%2BNVzd%2BhAYcKjzXVCvgWWCAwHvG6jyA%2Fb%2BkGum78UypFg4dAYWgSN4W9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f76af8eb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
184.51.252.197200 OK 346 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash b1a7b37ab41ab2c241ca4b4a3bb3319a
daf83e4a20f0849dc16777ed18d21806f978c555
4b423ec7676253213ed3bab15af479edcfa43ee8bd23da39b5ee34589020e033
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B423EC7676253213ED3BAB15AF479EDCFA43EE8BD23DA39B5EE34589020E033"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17066
Expires: Thu, 02 Feb 2023 21:58:23 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
racterdeet.com/utx?cb=2KGOxPAV7djf&top=exeo.app&tid=889494
54.192.99.24204 No Content 0 B URL HTTP/2 racterdeet.com/utx?cb=2KGOxPAV7djf&top=exeo.app&tid=889494
IP 54.192.99.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=2KGOxPAV7djf&top=exeo.app&tid=889494 HTTP/1.1
Host: racterdeet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:13:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 02 Feb 2023 17:14:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: tOYD12z1qt1fZMVp0_dJDX4LqY7DdoO4kEJl4jU041Vc7LXdNKqH3g==
X-Firefox-Spdy: h2
pyoungstersofto.xyz/amVuc2xFWg0AUTNWIAIOBz8MIl0SPzslHCEyOBcKPzA4EDoGKEgHBQ5YVkdfWFNfVRwDAVNCVEwWGhIYHxZTQkoDCwgcUUwTU0JCWktcXV5MEFNCSh4VDxRRW0MeBxgGWF9FW19WW0tcXFFbQV4
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/amVuc2xFWg0AUTNWIAIOBz8MIl0SPzslHCEyOBcKPzA4EDoGKEgHBQ5YVkdfWFNfVRwDAVNCVEwWGhIYHxZTQkoDCwgcUUwTU0JCWktcXV5MEFNCSh4VDxRRW0MeBxgGWF9FW19WW0tcXFFbQV4
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amVuc2xFWg0AUTNWIAIOBz8MIl0SPzslHCEyOBcKPzA4EDoGKEgHBQ5YVkdfWFNfVRwDAVNCVEwWGhIYHxZTQkoDCwgcUUwTU0JCWktcXV5MEFNCSh4VDxRRW0MeBxgGWF9FW19WW0tcXFFbQV4 HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:13:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MidmevAhycilIrYDqhMvC8Yx59%2FH0m30HNqAtEdbDoulSE0tz5vCBf34Ebw1hbMUo1uRN4slyhNkLYpfXn%2FcDyBq9YNcW8rhlJhQrggSNPBFmvWYXw5X9DzMRdUiu9xKquLYFciX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f76bfb6b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyoungstersofto.xyz/Z3g1R2xIR1Y0UTQVBAQhHRwQdSowFngBLglNYyQtLjdTK1kfOlISShMRUXpUX0EBflhBCFwjUVZeRjMNEw1Gel1BEVshA1peQ3pdSUsBaV9WVgdhGVpJEzMcBh8IdkoXDEErUVZOAnJfUkAFcVhSSAE
172.67.207.205204 No Content 0 B URL HTTP/2 pyoungstersofto.xyz/Z3g1R2xIR1Y0UTQVBAQhHRwQdSowFngBLglNYyQtLjdTK1kfOlISShMRUXpUX0EBflhBCFwjUVZeRjMNEw1Gel1BEVshA1peQ3pdSUsBaV9WVgdhGVpJEzMcBh8IdkoXDEErUVZOAnJfUkAFcVhSSAE
IP 172.67.207.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z3g1R2xIR1Y0UTQVBAQhHRwQdSowFngBLglNYyQtLjdTK1kfOlISShMRUXpUX0EBflhBCFwjUVZeRjMNEw1Gel1BEVshA1peQ3pdSUsBaV9WVgdhGVpJEzMcBh8IdkoXDEErUVZOAnJfUkAFcVhSSAE HTTP/1.1
Host: pyoungstersofto.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:13:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ9tJFS0Sznl7%2FzXr21dLAXIkmZl6%2B8OssXcBHzmIcKt7SM6UE8IIv8YynxY9c7kiqf6h%2FMAPas%2FqJB1wZ6JhjQevX4ckQOK3iOXZPIHyiV9AsItL7%2BAUNgpjn%2BcQLmXUSbM2Kfp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f76cfc4b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
184.51.252.197200 OK 345 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 68a3606a3e151f5316fd8df4c1ce29ae
9eaacb0da3b1ba0797a6507249a63848ef153966
2b499079f996fc4d73001bf1bad09005310385205dedd4aec3f4cffc74a838e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2B499079F996FC4D73001BF1BAD09005310385205DEDD4AEC3F4CFFC74A838E9"
Last-Modified: Wed, 01 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12187
Expires: Thu, 02 Feb 2023 20:37:04 GMT
Date: Thu, 02 Feb 2023 17:13:57 GMT
Connection: keep-alive
live.demand.supply/e/e.js?e=ll&d=240&cs=c&dsReferer=ZXhlby5hcHAvVlBrNWU=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=240&cs=c&dsReferer=ZXhlby5hcHAvVlBrNWU=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=240&cs=c&dsReferer=ZXhlby5hcHAvVlBrNWU= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GPGADBNXCHVSK51WK5YVFSDJ
cf-cache-status: HIT
age: 1878163
accept-ranges: bytes
set-cookie: __cf_bm=iccQo.UweK98SsBVE_3HhLP1_fo63EJAVN3u2DsIPPY-1675358037-0-AZqdNbAdBlndvCEI3iLtu3TDy/kI9+wUqXQcS+ILxjMeqCkNQf7HP4moFfYW3/BcTGgMwD/ULzxgO4iknWihUh8=; path=/; expires=Thu, 02-Feb-23 17:43:57 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79348f774d3db4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dtv5ske218f44.cloudfront.net/OUFB3ZUMzPxkDfCQ5E1h7aGlDXHd2OgQKLSBtI1EBYhk2CS0+GkcNCwd2Ax8nbWBRCSI+N0pDJj4zSlRlMTQVWHd2JAcKKG0oGQAqKCgQCDsgdgIEfj0/DQwvPDFSVwVlfkdAcWB4AAwtND8AFmZiYBkRZmJgRlVtYHVEJ2ZiYAAMLWZkUlYBdWJHHXVkdU-QnZmJgBRNmYxFGVXZ+YF5AcWA3EgYoP3VFI3FgYUdVcmBhUldzNjkFACU/KFJXBWFgQktzdiVKVA
54.230.245.43200 OK 598 B URL HTTP/2 dtv5ske218f44.cloudfront.net/OUFB3ZUMzPxkDfCQ5E1h7aGlDXHd2OgQKLSBtI1EBYhk2CS0+GkcNCwd2Ax8nbWBRCSI+N0pDJj4zSlRlMTQVWHd2JAcKKG0oGQAqKCgQCDsgdgIEfj0/DQwvPDFSVwVlfkdAcWB4AAwtND8AFmZiYBkRZmJgRlVtYHVEJ2ZiYAAMLWZkUlYBdWJHHXVkdU-QnZmJgBRNmYxFGVXZ+YF5AcWA3EgYoP3VFI3FgYUdVcmBhUldzNjkFACU/KFJXBWFgQktzdiVKVA
IP 54.230.245.43:0
File type ASCII text, with very long lines (862), with no line terminators
Hash 182fe93007fa3911b7098d22a7489cba
7bde40049c4dc7edaeb1d50a6e2c778beb161020
4791fa3326091e8c775e6a249f5d8cf5525239300da80aa2b0ce1c57cb0d3ed7
GET /OUFB3ZUMzPxkDfCQ5E1h7aGlDXHd2OgQKLSBtI1EBYhk2CS0+GkcNCwd2Ax8nbWBRCSI+N0pDJj4zSlRlMTQVWHd2JAcKKG0oGQAqKCgQCDsgdgIEfj0/DQwvPDFSVwVlfkdAcWB4AAwtND8AFmZiYBkRZmJgRlVtYHVEJ2ZiYAAMLWZkUlYBdWJHHXVkdU-QnZmJgBRNmYxFGVXZ+YF5AcWA3EgYoP3VFI3FgYUdVcmBhUldzNjkFACU/KFJXBWFgQktzdiVKVA HTTP/1.1
Host: dtv5ske218f44.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racterdeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 598
date: Thu, 02 Feb 2023 17:13:57 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -_exm3wZnyAQGRvi66Jbgs6VwPaFhwQ-9eSFv8CiKl7Oc4RSvO3ssQ==
X-Firefox-Spdy: h2
dtv5ske218f44.cloudfront.net/AbmhkTWINBworXRoBAHBaWltWe1NIAhciDB5VBw4mH10TFSsaThA3BlNYQiEDAA9ZawcAC1l8RA8MBnBWSB0FcA8BEg0hDg9NVgtXQFhBf1JGHw0jBgEfF2hQXgYQaFBeWVRjUktbJmhQXh8NI1RaTVcPR1xYHHtWS1smaFBeGhJoUS9ZVHhMXkFBf1IJDQ-cmDUtaIn9SX1hUfFJfTVZ9BAcaASsNFk1WC1NeXUp9RBtVVQ
54.230.245.43200 OK 181 B URL HTTP/2 dtv5ske218f44.cloudfront.net/AbmhkTWINBworXRoBAHBaWltWe1NIAhciDB5VBw4mH10TFSsaThA3BlNYQiEDAA9ZawcAC1l8RA8MBnBWSB0FcA8BEg0hDg9NVgtXQFhBf1JGHw0jBgEfF2hQXgYQaFBeWVRjUktbJmhQXh8NI1RaTVcPR1xYHHtWS1smaFBeGhJoUS9ZVHhMXkFBf1IJDQ-cmDUtaIn9SX1hUfFJfTVZ9BAcaASsNFk1WC1NeXUp9RBtVVQ
IP 54.230.245.43:0
File type ASCII text, with no line terminators
Hash adb3e135ebfd162e064cd3b24293a3ef
486fcb2da58cc4e24fdcbea38b13ca2d98c34f60
b7be503d84e467dda99c5949f77a1a9e36550828fd070552fa6c80c7b9967ddf
GET /AbmhkTWINBworXRoBAHBaWltWe1NIAhciDB5VBw4mH10TFSsaThA3BlNYQiEDAA9ZawcAC1l8RA8MBnBWSB0FcA8BEg0hDg9NVgtXQFhBf1JGHw0jBgEfF2hQXgYQaFBeWVRjUktbJmhQXh8NI1RaTVcPR1xYHHtWS1smaFBeGhJoUS9ZVHhMXkFBf1IJDQ-cmDUtaIn9SX1hUfFJfTVZ9BAcaASsNFk1WC1NeXUp9RBtVVQ HTTP/1.1
Host: dtv5ske218f44.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racterdeet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 181
date: Thu, 02 Feb 2023 17:13:57 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VwWsctlFhQAdg2bLlvG41n-dy7T8rIJnjrGN8nctZ8Ss6K-czXkT9Q==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 103 kB IP 172.64.133.29:0
Size 103 kB (103076 bytes)
Hash a335449d9ccc54bd9320053b5ccb21e2
2dd11ddcfe2145743a739a0ed28b47002ce98f2e
f28dd98242f58f5addd6c1a494adbdc425dbed1ec51ca3658fe72c2d1c72d53c
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7180
last-modified: Thu, 02 Feb 2023 15:14:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TFN0M7s258pq54OrR19Q0sG63ZuNLrLKqSqCPoBz0d552WtEZdxRrCdRQDaUKcsIT1dFEaGw8pr0xBK1K9AqNv3hzGFN2DLMOYiRqd%2FU88yGVWDUMs0JTbDQynir10x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79348f76ae084066-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4147
Cache-Control: max-age=171841
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 16:57:59 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 15:45:20 GMT
expires: Thu, 02 Feb 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 5318
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d5aa8840f812da83fc823da528a74c1a
9e7bad3462506164bd4bdb87a761352ef8131ba9
abaa07021a967e89f7786ac14efa3ce48f24e4c032376a36421cca12f5ecaeeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8d777e9406316814b36e3c580cccd4c8
7653df86c61ff7c801e35da9eeca3ecc70c7d7e8
2c4bb952aa3359712306a7c20b845627ee26689aacdb2560a61fc175e7c0c731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=1760786106&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2FVPk5e&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1541637489&gjid=1332633231&cid=784172124.1675358065&tid=UA-135952122-1&_gid=84331875.1675358065&_r=1&_slc=1>m=2ou1u0&z=1500821064
142.250.74.14200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1760786106&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2FVPk5e&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1541637489&gjid=1332633231&cid=784172124.1675358065&tid=UA-135952122-1&_gid=84331875.1675358065&_r=1&_slc=1>m=2ou1u0&z=1500821064
IP 142.250.74.14:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1760786106&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2FVPk5e&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1541637489&gjid=1332633231&cid=784172124.1675358065&tid=UA-135952122-1&_gid=84331875.1675358065&_r=1&_slc=1>m=2ou1u0&z=1500821064 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://exeo.app
date: Thu, 02 Feb 2023 17:13:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 128436ad5ea76b839533bbb4b746be6e
591a25becc90c090ea366bbb5d31a452949868bb
e9ed2adc8c24cdbf60d7fd2d375ca6336de19e6dc0de8ded2db6c0113e7969d1
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 17:13:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-335248021%3A1675358038047821&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdCMH5sbO9lvkjTwkDABALiLqWElYlbkMpb0Wvpe4Wv60FF9-X1exmD0jZo4SBdk15vBmi2
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-twcxC_XkvoXXD0_eaf0JnQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:FWikroxQWlyUmH1dOA9U_EH5nEIU8g:7XRd1VINLO_UuBeP;Path=/;Expires=Sat, 01-Feb-2025 17:13:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39525)
Hash 27c8b16ac683e12c693f5e6fb29d120e
88cbe5f5e1f1a25ba6baf0a3cb50e5c5585032aa
6319e2ef4ce41d47f78b51b320ff33ded3ece68212d48d40c856fa0eec05c5b5
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27271
date: Thu, 02 Feb 2023 17:13:58 GMT
expires: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1470 / 356 of 1000 / last-modified: 1675339640"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 71c8111ac9d63deac2a414c0a64fcc9b
855b767fc93c000b338e25e6342d93611447d677
9eb3105d541665d69b5a23b32ed483f71616fd390d47a44f32eb20cb8ba1f7a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:13:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 14:07:11 GMT
Expires: Thu, 09 Feb 2023 14:07:10 GMT
Etag: "855b767fc93c000b338e25e6342d93611447d677"
Cache-Control: max-age=592991,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79348f78ddadfab8-OSL
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 2615a032c6c174e02fee913e912e58cc
9637e3c1e8ddb40647c9050af68d3ebd1e4681a1
ecd00847cee45ef51f0b040b08ceab42cfe4247133b148ae64e1358983b6be9e
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Feb 2023 17:13:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S352819166%3A1675358038103565&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHf38CYQDP8xTEmqmBRn01n06fpTgmLvMlJNI8Thwtmqjw8i1yBAZRYFW20E1e2NSkttSo4E
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-67KbfjGt7A6smtrlqh8efQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:-I889c-marxPIQecjLqDJvr8OFv6zw:tguTzOZwG80Agvp0;Path=/;Expires=Sat, 01-Feb-2025 17:13:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 915
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 02 Feb 2023 17:13:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://exeo.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4147
Cache-Control: max-age=171841
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 16:57:59 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=exeo.app
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=exeo.app
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=exeo.app HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=exeo.app
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=exeo.app
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=exeo.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 2.1 kB IP 216.58.211.3:0
Hash c2b937a504a2837c0c18a904628567d9
91ea9249d11082347e759cd633f20672689f3290
295fdaee0efd7d70d550212ee307dd404931c8b968f05138d44f932a50b7ef6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (14917), with no line terminators
Hash 012d6b6a90d3e8257fdecb43977e30f9
b8f8093a914c58c5496b895317a05f76c8ef2764
11a6839fc9fbc3a4036e0446341045fcdefceb32bd05e15123dc32f1e714f47e
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 11259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 02 Feb 2023 17:13:58 GMT
expires: Fri, 02 Feb 2024 17:13:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 02 Feb 2023 17:13:58 GMT
expires: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 832775a408c718892e82db29cfd714ee
4b05adbde482a9d0e8290326273c8cc52b051123
2e24e9ddbdb9326d57ee324b8b8280d7fb51266af3109226a95f866149090062
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash f77734bf632927ced40239fbd3f86419
32f3ebdba1d3464fec12bccb1bddab6a09bfe367
0f9b91b666fd47e87e2c59f62cc26a1bd1bf2e701a53b02b276cad423a6c2389
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 02 Feb 2023 17:13:58 GMT
date: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-zhwn9JO_yEauLK1oKKZDBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Thu, 02 Feb 2023 19:41:44 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Thu, 02 Feb 2023 19:41:44 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Thu, 02 Feb 2023 19:41:44 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 67727
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 69260
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Thu, 02 Feb 2023 19:41:44 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 766a39d8b5917705d394fea57ddee3c6
ff7efab8ef404ad383f949ff995a55fb7a3dc746
db3da672f13eb07560d641c332ec585985064b4d7490899660acbaa771e79740
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:58 GMT
Last-Modified: Thu, 02 Feb 2023 16:33:35 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 68511
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Thu, 02 Feb 2023 19:41:44 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 70052
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 35121
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 68103
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYzbna3QEwAQ&v=APEucNXFOEqfDpip0v_7ShMaOmNayoAXAtOUl9zseyPI_P2nP5soM5AW8iXTNkJ23pRktaZ4R59inEhcHmH83JFW3tuI8Pk1CzEZmVzStMmYsOPBrY0y3apjlky884X9vpL67UNIBQ2XZ8ylyxXyTTDKh2qob47-g1-r3HYCCjAqqkbIVMyrrrOnqdx0JFFvS7GmMH8mSb1rvd8wG7jAwl_rs5Bv4-WDuQ
216.58.207.194200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYzbna3QEwAQ&v=APEucNXFOEqfDpip0v_7ShMaOmNayoAXAtOUl9zseyPI_P2nP5soM5AW8iXTNkJ23pRktaZ4R59inEhcHmH83JFW3tuI8Pk1CzEZmVzStMmYsOPBrY0y3apjlky884X9vpL67UNIBQ2XZ8ylyxXyTTDKh2qob47-g1-r3HYCCjAqqkbIVMyrrrOnqdx0JFFvS7GmMH8mSb1rvd8wG7jAwl_rs5Bv4-WDuQ
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CPjl5QIQs8-r8AEYzbna3QEwAQ&v=APEucNXFOEqfDpip0v_7ShMaOmNayoAXAtOUl9zseyPI_P2nP5soM5AW8iXTNkJ23pRktaZ4R59inEhcHmH83JFW3tuI8Pk1CzEZmVzStMmYsOPBrY0y3apjlky884X9vpL67UNIBQ2XZ8ylyxXyTTDKh2qob47-g1-r3HYCCjAqqkbIVMyrrrOnqdx0JFFvS7GmMH8mSb1rvd8wG7jAwl_rs5Bv4-WDuQ HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 17:28:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNX43IqvzQ6BIOi4zTKPlHOWxVzn3rhULADw6EaQcwNHi3CVwbdZgg_OGxuVqUzrUnUN_9svkyYbRzA9GRBqtWUaa5yDvNa54fEEKM4CI-u_6pTlUdkb9hTiO6_lstkh38kiXxD0ERgS2G5bEXF9s3nB1-2EhL8frOSDxxlP_ZaM-YwXjsqpYdnfNanh7T7Bcq794pg_u-VxV2RRA-NXOpnd7Guymw
216.58.207.194200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNX43IqvzQ6BIOi4zTKPlHOWxVzn3rhULADw6EaQcwNHi3CVwbdZgg_OGxuVqUzrUnUN_9svkyYbRzA9GRBqtWUaa5yDvNa54fEEKM4CI-u_6pTlUdkb9hTiO6_lstkh38kiXxD0ERgS2G5bEXF9s3nB1-2EhL8frOSDxxlP_ZaM-YwXjsqpYdnfNanh7T7Bcq794pg_u-VxV2RRA-NXOpnd7Guymw
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CO-t7QIQtrWInAQY_6zQ3QEwAQ&v=APEucNX43IqvzQ6BIOi4zTKPlHOWxVzn3rhULADw6EaQcwNHi3CVwbdZgg_OGxuVqUzrUnUN_9svkyYbRzA9GRBqtWUaa5yDvNa54fEEKM4CI-u_6pTlUdkb9hTiO6_lstkh38kiXxD0ERgS2G5bEXF9s3nB1-2EhL8frOSDxxlP_ZaM-YwXjsqpYdnfNanh7T7Bcq794pg_u-VxV2RRA-NXOpnd7Guymw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 17:28:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
184.51.252.197200 OK 503 B IP 184.51.252.197:0
ASN #20940 Akamai International B.V.
Hash 37c26fb09f8a09fdc910d20b97d6f079
5d7848dc1152b81bf53c10fee9e26e20a01b0f02
740e3d2348357db713554ff75471d18ad9d2a2e810f71b3bab61984b026295fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "740E3D2348357DB713554FF75471D18AD9D2A2E810F71B3BAB61984B026295FD"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17290
Expires: Thu, 02 Feb 2023 22:02:08 GMT
Date: Thu, 02 Feb 2023 17:13:58 GMT
Connection: keep-alive
googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEY7qL12wEwAQ&v=APEucNVs4778M4ryBq7v2Qge2HiMwD7tpGyAKMLEOXL8WKLnu_GsmHPE_b7YU3sMp1GyY7uUfUF77apXf6dbxE-0eGxCBvKvraA7D9pBht12nYOG3xMA8EmOFVrSYtc_X0G9Y-PFMkUHYwIRMW6DCULNb9qwO1IqyjPdBdXvy4Ww5cheprXb1OFX1SMdoNSPX5lrZOsWcf8KaSvCps_KDXiiZr6ck1JJCw
216.58.207.194200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEY7qL12wEwAQ&v=APEucNVs4778M4ryBq7v2Qge2HiMwD7tpGyAKMLEOXL8WKLnu_GsmHPE_b7YU3sMp1GyY7uUfUF77apXf6dbxE-0eGxCBvKvraA7D9pBht12nYOG3xMA8EmOFVrSYtc_X0G9Y-PFMkUHYwIRMW6DCULNb9qwO1IqyjPdBdXvy4Ww5cheprXb1OFX1SMdoNSPX5lrZOsWcf8KaSvCps_KDXiiZr6ck1JJCw
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CPjl5QIQs8-r8AEY7qL12wEwAQ&v=APEucNVs4778M4ryBq7v2Qge2HiMwD7tpGyAKMLEOXL8WKLnu_GsmHPE_b7YU3sMp1GyY7uUfUF77apXf6dbxE-0eGxCBvKvraA7D9pBht12nYOG3xMA8EmOFVrSYtc_X0G9Y-PFMkUHYwIRMW6DCULNb9qwO1IqyjPdBdXvy4Ww5cheprXb1OFX1SMdoNSPX5lrZOsWcf8KaSvCps_KDXiiZr6ck1JJCw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 17:13:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 17:28:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 17:13:58 GMT
cache-control: private
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.117204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
date: Thu, 02 Feb 2023 17:13:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 18 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
Hash d9c3a62c213a9cd653b5c4e94dccf856
4b625a9ecbf2ad74054f56f3187886eb41cb52cf
6194c3a241689cb01c3450032b9581c521b9fdeec00f05a7f6c30016d2d33c83
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:58 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 733
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 79348f7ece6db4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/6688370792110521056
172.217.21.166200 OK 46 kB URL HTTP/2 s0.2mdn.net/simgad/6688370792110521056
IP 172.217.21.166:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash 71aea02437255c46931433d442256618
d10c9841e63da22c99152fbcbd704a2249293a6d
4246480680f3a3bc82f51e008c0525c8c5e50cf2a383f84d0ee3543163c99251
GET /simgad/6688370792110521056 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 46521
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:49:17 GMT
expires: Thu, 01 Feb 2024 22:49:17 GMT
cache-control: public, max-age=31536000
age: 66282
last-modified: Wed, 04 Jan 2023 14:14:20 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl=
142.250.74.34200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl=
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 17:13:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 17:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 17:13:59 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=238&dett=2&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl=
142.250.74.34200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=238&dett=2&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl=
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvvc1KVDeLIinPU6b_WtvQOEJ1JzCr8rBFTbt7qdYEMNsvgAA8gMfA7WLVSRSa57P4UAlFlKMmnghbgh2_AvOfdG3NMkquqQUNQBdzDAhhYmOMDOOf6AYy8U8WSk6ta6GL7-dz7pLpdeJ6MD5ibdEfD19-jFzBmxMJoCQeBIagSY7A_hiyQV4KSdtNErF2Y1jMsrFX0LyrWDFgxEybbqaFMKVgwbII3nv6m-YmmoBDwEdWvQvzIyjyTa5kFteNqVa2-YrgUchjTCIdP3BUNrIaWL9i8hJ12IhrrzEhBQcHwWPwR9KDPyqDhsnbbd62AEgWoXLgYAjZ8wvOWnA1K8A6BIuMDA1xirdUeiCGKmaPw-0gPv_DSfcfTXVwu_jj6_So9rJXsBovdLlZ9L1NxEEiQAYdijHg45EVzcoEAt87ihOI2uik32piaYW5NquMX6ydaIZNzlTgVXX5hpEIQH_ECaJTU5rQTZxGJMqYyURWyN7x28NA7p4uN-3q6Wyn-AYoJU5rDyILybtW6z-VORvWPoE-yZbUtIQGjvD1plNNZ-I4TDNNfvmklqqnl2aXQfYNB3Gd7ivcHVHQIeYvWB2EYRr2rgKVk-Ogoapg9P-H8ksYoSXjPgsn8e4UddY-BwJbVbItafmV_n3GtI5noDEclMyTC0IP2kLAXxqKYMBJ-l9VUSnf9OiJM_9Sn6a8Ughxa8rkrP1Ztu6XJWDaURpzzzLIh2p89HfIGQQv5-5qDJFWwwlSCkyFkmC3WgK4G_WxegO_DEIUL145IsIWLeXVUJMuwwiqSP4itOMKo1QYJazNMP1wGjRYNFThbbi28jdNoOMXKE7KR-Dw6oMZ9YvH9yK5uQJHhAfQhQ0ug41w0s_U-djwUi1Pp7x0JmgPJdtmxhO99OVJrcWX84tRPRwYfnMy83Zj6BDmwK-6GIxzcQDax_5fzEClgm7TeRH08rO3SSqJGcUMt3v7OjE7RG0PM-rfKdMNe9qqz-vEh5QXiVFYu0TqN68-WZybbqlnZyR25-QSll220H5Kto9M1Yb3YniNRJQp-KzhZJU4RlcNd16aqoOLplLnIx5cH2iwldPSDQFKTeef944vCJv7wKugeRNuHZfEQDdg7EMXYmc6PIdrwcct8c2I5nW-peA&sai=AMfl-YSI2V0pSeIxzfzBBgViZvht6ha6V7_jzq1M5HhbYts6mjakbOuehDp6grdBQp-gJR5GWFVsc_7p2jtpaXHwF67yRABR2Bqi3LuOK5VnGrBIaRXd_IyY1EFjKbMsWf6v5qNGp5qhmSEQFqr6xUjKIcc2ur0_kmW4B7JOKXtT1L9oC4DPvQVpgGoInHgBMPILU22bS8v9_tHSRAkwqbwxINlpLYhRL2N48NiOf3vhsggxORZnbhkc5f_8psQd017THiBFDO3r9lCJ7CFSZ44rApG8DmKFUUmOVP4owoIikbI9Hw&sig=Cg0ArKJSzDsYnLgcnwOtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=238&dett=2&cstd=1&cisv=r20230131.12722&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 17:13:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 17:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 17:13:59 GMT
X-Firefox-Spdy: h2
t.6sc.co/img.gif?event=imp&mcid=84453&cb=1683335539&pid=184934525&cid=29139965
104.85.176.46200 OK 651 B URL HTTP/1.1 t.6sc.co/img.gif?event=imp&mcid=84453&cb=1683335539&pid=184934525&cid=29139965
IP 104.85.176.46:0
File type gzip compressed data, max compression\012- data
Hash da04a3c2eaed69cd46699e6793ea9034
93e50c8ba58d364ff7578be15be966aff82a9bcf
29fbf63c4e9c0009fd303dc5f1ef6384c7193f36cdfebd93563dbc98e204af89
GET /img.gif?event=imp&mcid=84453&cb=1683335539&pid=184934525&cid=29139965 HTTP/1.1
Host: t.6sc.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7bc67f49ea02ddb992893e0cd11ad1ea.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Type: image/gif
ETag: "60bb2e1b-2b"
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Sat, 05 Jun 2021 07:56:11 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Thu, 02 Feb 2023 17:13:59 GMT
Connection: keep-alive
Set-Cookie: 6suuid=980549176041000057efdb63280200002b7c4800; expires=Sat, 01-Feb-2025 17:13:59 GMT; path=/; domain=.6sc.co; SameSite=None; secure
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
exeo.app/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675353600
104.26.8.233200 OK 0 B URL HTTP/2 exeo.app/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675353600
IP 104.26.8.233:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675353600 HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AppSession=201f82f91ad38b10ef68ec0809ec6ec7; csrfToken=39ee8769d8454598acf8ce79d2640b9e9023c19e23a5ada5385e985fcd4c21eb232df68bae37c679617bc6ac0173a2de932bcc249a3d75fa8385404fa8b44866
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vFu87hhH4eI%2FeI5wEB1AQXIzmH%2FE9IyOm2ICGzje6wz6XllgK7hFz8zPd5jsdkA4jrBtQi%2Fri3ck%2FO5dau8WiXAOm1OHPYAcHL1DwE2PT4CJxPg%2Bf1a%2Faj8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f76bb9dfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: text/plain
set-cookie: csu=858711641763531@1@1675358037; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWPtdK%2F6FxiTqLvj%2B8BaAscB6YrFIUPPAom75hSLG3rjmuGCnwM8SWjfBkCTgv0XFkEFEJq26rkVcWQIHXZoDIUKtiqRtiapzcIkawadZFdN3ohQD%2BlNMlE3WvwcnfkW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f76ce214066-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exeo.app/fv.ico
104.26.8.233200 OK 0 B IP 104.26.8.233:0
GET /fv.ico HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/VPk5e
Cookie: AppSession=201f82f91ad38b10ef68ec0809ec6ec7; csrfToken=39ee8769d8454598acf8ce79d2640b9e9023c19e23a5ada5385e985fcd4c21eb232df68bae37c679617bc6ac0173a2de932bcc249a3d75fa8385404fa8b44866
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: image/x-icon
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Aug 2019 06:50:33 GMT
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 22:59:02 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4472095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXi9LpIOmyPSqIfJp1pq4rYyyM1RjRbGa6GPHZQUurDUZS6nke0bOEcvld6pkGRZoB%2FJkmTz4C4VVSVwzXXfvR2iptL7NgY8dGPuff7Ao2qW4pFjfo%2FAkhXb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f794d45fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7180
last-modified: Thu, 02 Feb 2023 15:14:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HatVh%2B5fn0bLoPSRzIl0R8HdKtx5ohn9PsnvpT5e5AnJ8DpF7exnlLguiJqLQCKEzRQzMKWw2OMLz3KQt2S993SRx7BwcPDTFpCn%2Br6aiL2kLzvTg2LLj5eY9xnSFiL1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79348f76de324066-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar
188.114.97.1200 OK 0 B URL HTTP/2 exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar
IP 188.114.97.1:0
GET /st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/1Qz9d/A3M.2023.3.X64.part1.rar HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=0613a13154e3228bad9e966265880d83; path=/; HttpOnly
csrfToken=46c9d66fd1caac7ea71e5c5c2df5c2d5f38d3aabd18c136523d6dae876d264c306245c6a8fe4065e287fe4ef8f2ac3b2f529d0b53aceb2ab31cd64defbf6ca8b; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOP8kBa3i6qLxuu6%2BkgR7gPOwnuTBvLMtjyRvJzgYPhD%2Fq3RrfMgWougs14tMdm0XDoy7jsUjBD7UZFO%2B9DAW5XsAo7mUm4Thd%2FQ%2FYtPwX4wEBNBij0oFcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f6f6952b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: text/plain
set-cookie: csu=1175420063239844@1@1675358037; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KInXpXQB1NBz3D0XiBYTpKmCtJwd%2FIOSlTuK8cSM4xyy67znCxoSZa7Qa2jSTPTEWlMQ9redxAamV3EOmFiZdYvon%2BUYsuOvUL7%2F3Syr%2BuXXkInsePeqonx3IHAu48Er"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79348f777ed64066-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4pHB6VDabJq2HoK/uxRA2XDDC+8QNg4prisms3uAa0PHgtEODFvv8w1aUkdPjggjOV5M39NLSbdB4dZXzXPgAQ==
date: Thu, 02 Feb 2023 17:13:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
188.114.96.1200 OK 0 B URL HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:22 GMT
etag: W/"63adb9d2-331f"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaVwXUdv0jhOA1X1uvQFQ05Tr%2BYc2mY23U8ca7VvgPqVHx6TF5ENJGG5abjD9ru7qUgP948X4zEgy9BxYof2rvcCc%2BhLMtd8R3GsD1HT%2BgohBkFBoifZJ%2BGPVuZ7frsR5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79348f75cdf9b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 0 B IP 104.16.133.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 79348f75ce31b4f9-OSL
age: 1142
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAv>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=608a2e47-1abe-42b1-81ba-b177247e3532; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=zZ91Duwtn7tmdSPHJDNNxtbY5GQsPKcPKuETHEKRmfc-1675358037-0-ARG0iPQbEfQOBrnazswlOWIz9WRnGydG8d45N03tQ+URhG9EMuYGsG05TOYLvlK4ofDi+CmvslLfF6ipilTjR3w=; path=/; expires=Thu, 02-Feb-23 17:43:57 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/ZXhlby5hcHAvVlBrNWU=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/p4/v16-2-0/ZXhlby5hcHAvVlBrNWU=
IP 104.16.133.22:0
GET /p4/v16-2-0/ZXhlby5hcHAvVlBrNWU= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Cookie: demandSupplyTi=608a2e47-1abe-42b1-81ba-b177247e3532; __cf_bm=zZ91Duwtn7tmdSPHJDNNxtbY5GQsPKcPKuETHEKRmfc-1675358037-0-ARG0iPQbEfQOBrnazswlOWIz9WRnGydG8d45N03tQ+URhG9EMuYGsG05TOYLvlK4ofDi+CmvslLfF6ipilTjR3w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 79348f770812b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 17:13:57 GMT
date: Thu, 02 Feb 2023 17:13:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.3.0.js
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/impl.v16.3.0.js
IP 104.16.133.22:0
GET /impl.v16.3.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Cookie: demandSupplyTi=608a2e47-1abe-42b1-81ba-b177247e3532; __cf_bm=zZ91Duwtn7tmdSPHJDNNxtbY5GQsPKcPKuETHEKRmfc-1675358037-0-ARG0iPQbEfQOBrnazswlOWIz9WRnGydG8d45N03tQ+URhG9EMuYGsG05TOYLvlK4ofDi+CmvslLfF6ipilTjR3w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:13:57 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74953
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
cf-cache-status: HIT
age: 1047662
server: cloudflare
cf-ray: 79348f76f807b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2