viagraonlinemy.com/
172.67.189.161302 Moved Temporarily 0 B IP 172.67.189.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: viagraonlinemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 19:44:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://www.viagraes.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjSz89LdJidjZhDfbv9B0WG5Z2YZtd5vkDfKxEVKuWfMnMeOUGXwtE3xYc%2B53QhIwu9065u7yX5TzSfVNmCrwKCJSFJPa1Wi%2BdEEWt3bvXM0TRekJKK%2BU0JYW3R6AgTFdJ%2BzmGg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750641eb08811c02-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10564
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 19:44:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 19:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PObszytI4Qmt0_75J4j2cR6tSVqArWXHa6Y0QgB5SkgcIuOWvqU0ew==
Age: 1792
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OFNx6A-ZxAHGJQwwLAOEhT0KdYxNgK6fm9NTlNmrm4LzIewnuvXtgg==
age: 54584
X-Firefox-Spdy: h2
www.viagraes.com/
104.21.29.39301 Moved Permanently 0 B IP 104.21.29.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 19:44:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Sep 2022 20:44:58 GMT
Location: https://www.viagraes.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjtiEyxety3pOND1FatrP4yyKhB2kEAvTsm4A9Pj91vH%2FWCx%2BvNpB36f09NPDRvmLnKkxRPATMBgvvBO%2F1OR8FRhp1I%2BYs0KI5M04NMEoYqzPF9QaRO2Y8YIHWqhP2nbQ3dx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750641ecde0ab509-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:44:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 72f05c7052bd4598d4909b24a5ed71b4
522fda3fee23298a4a16f932cfd4135f40ce88d3
d4606c8f4c90695db17ca776284601fad7815202cc6db72c3b2105cbcba3ada7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:44:58 GMT
Server: ECS (amb/6B71)
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 19:04:17 GMT
Expires: Sun, 25 Sep 2022 19:18:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m0hW_pwdDeJo_hLHJ_KtkULevkznCcR2fsdruhL_rHhmBT7flonsMA==
Age: 2441
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5838
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:44:59 GMT
Last-Modified: Sun, 25 Sep 2022 18:07:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vWbHFff3cI34sm89GGI0oA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rZ0OsDF11oomRGArFZEWlY1OFEo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2851
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:45:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2851
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:45:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2851
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:45:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2851
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 19:45:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 78478
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 52847
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 79648
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 79674
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N1964asC-XTl9uXwzmgOj5dqDU1mJPKyDl-ZTqhg6wFcDcZFG5ncNQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 17:44:48 GMT
age: 7212
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 78224
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 72f05c7052bd4598d4909b24a5ed71b4
522fda3fee23298a4a16f932cfd4135f40ce88d3
d4606c8f4c90695db17ca776284601fad7815202cc6db72c3b2105cbcba3ada7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:01 GMT
Last-Modified: Sun, 25 Sep 2022 19:44:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
www.viagraes.com/wp-content/uploads/2022/09/Taraftarium24-I%CC%87le-Kaliteli-Mac%CC%A7-Yayinlarini-Kac%CC%A7irmayacaksiniz-246x165.jpeg
172.67.148.85200 OK 16 kB URL HTTP/2 www.viagraes.com/wp-content/uploads/2022/09/Taraftarium24-I%CC%87le-Kaliteli-Mac%CC%A7-Yayinlarini-Kac%CC%A7irmayacaksiniz-246x165.jpeg
IP 172.67.148.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 246x165, components 3\012- data
Hash ad0b7c9e0a87b6ae3ba55eafc4095f30
aedbdf92cb69c64982615dac02cf20c3ade645c6
76eacf2168e5bcc3b1be3f34364265cc00f0c607bdad8cf230ebe6dc4f49fc83
GET /wp-content/uploads/2022/09/Taraftarium24-I%CC%87le-Kaliteli-Mac%CC%A7-Yayinlarini-Kac%CC%A7irmayacaksiniz-246x165.jpeg HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/jpeg
content-length: 15560
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 00:10:04 GMT
cache-control: public, max-age=10368000
expires: Sat, 21 Jan 2023 17:06:18 GMT
cf-cache-status: HIT
age: 182324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb3JdMJnHKccUZcLSxyQ8sncNs78OkVWfSvQGX8Q0%2BBYw6gHgEfWreEn0BtuqbUMQ1H2yxz71dfDz1MtzLhDid2dQkGkjuYu89YvmpEhsCTzYCCTlpA%2BE2qXZqnv7NpV3wwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642038fe10b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Sun, 25 Sep 2022 19:45:02 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
git.sportframe.org/imgs/728onwin.webp
104.21.46.41302 Moved Temporarily 0 B URL HTTP/1.1 git.sportframe.org/imgs/728onwin.webp
IP 104.21.46.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imgs/728onwin.webp HTTP/1.1
Host: git.sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 19:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://4e9s.cc/futbolcafewp/imgs/728onwin.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0KowIspCdE6VR%2Bfzq6yZI8REMFPJnvbCbSCFtnqqRBfitm8txMwqkryYxvIIakCXZzMrrmL6X%2B5bSiT0vfbzxPMsfLtKQ0dDPM71fnikvoJ8YTSIusZRHyaQMjjV0OrMdgqTYU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75064204783d1bfe-OSL
alt-svc: h2=":443"; ma=60
git.sportframe.org/imgs/728saha.webp
104.21.46.41302 Moved Temporarily 0 B URL HTTP/1.1 git.sportframe.org/imgs/728saha.webp
IP 104.21.46.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imgs/728saha.webp HTTP/1.1
Host: git.sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 19:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://4e9s.cc/futbolcafewp/imgs/728saha.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc39o1RXX%2BayL6fu%2F4vGICs43pSnBYJFdhgKnZVLBaEi6FYRdPxz8JjvJhwJdq%2F1%2FKQVy3vjA0UcsGcevnCQkgkSeU0cOmdQXmf5HD3fJ9%2B9B7MSyPb9xJWhMujdSrlyEBWs%2F6g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506420478ed0b61-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44ac668d5c490e1fa23ecfb29e95b8a3
20cbc7f49c54dea3fb3ca259f9213ab2ff277046
6e57982a9a1d243ecfe6b6a62e63bd19692b07214ae2d09d5514c092e30db18e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6E57982A9A1D243ECFE6B6A62E63BD19692B07214AE2D09D5514C092E30DB18E"
Last-Modified: Fri, 23 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Sun, 25 Sep 2022 22:47:10 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e82d90a890e8cc8119c8600df6a88c8f
c2c7487b58907f918306712d846bdc17c7e688ad
0187909eb6a9f21fd6499f25dce816fd633a2460f031185ec37f0ae0b79c0cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0187909EB6A9F21FD6499F25DCE816FD633A2460F031185EC37F0AE0B79C0CD7"
Last-Modified: Fri, 23 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17472
Expires: Mon, 26 Sep 2022 00:36:14 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e82d90a890e8cc8119c8600df6a88c8f
c2c7487b58907f918306712d846bdc17c7e688ad
0187909eb6a9f21fd6499f25dce816fd633a2460f031185ec37f0ae0b79c0cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0187909EB6A9F21FD6499F25DCE816FD633A2460F031185EC37F0AE0B79C0CD7"
Last-Modified: Fri, 23 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17500
Expires: Mon, 26 Sep 2022 00:36:42 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44ac668d5c490e1fa23ecfb29e95b8a3
20cbc7f49c54dea3fb3ca259f9213ab2ff277046
6e57982a9a1d243ecfe6b6a62e63bd19692b07214ae2d09d5514c092e30db18e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6E57982A9A1D243ECFE6B6A62E63BD19692B07214AE2D09D5514C092E30DB18E"
Last-Modified: Fri, 23 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10863
Expires: Sun, 25 Sep 2022 22:46:05 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
git.sportframe.org/imgs/728tipo.webp
104.21.46.41302 Moved Temporarily 0 B URL HTTP/1.1 git.sportframe.org/imgs/728tipo.webp
IP 104.21.46.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imgs/728tipo.webp HTTP/1.1
Host: git.sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 19:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://4e9s.cc/futbolcafewp/imgs/728tipo.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foo%2F1oJYzNMIo%2BBnodKoQ%2BiaRmS0IRM5ltqfFxZdoIQuFG3EqYW1yf0HULbTQm86QlHdbu5WyNW3aPmLmFnTiZH3X58HtvLJynACoWgmGot5pjzWfMQ9R7TtyZ8u2ZEAp1KcVs4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750642047cf1b50c-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e82d90a890e8cc8119c8600df6a88c8f
c2c7487b58907f918306712d846bdc17c7e688ad
0187909eb6a9f21fd6499f25dce816fd633a2460f031185ec37f0ae0b79c0cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0187909EB6A9F21FD6499F25DCE816FD633A2460F031185EC37F0AE0B79C0CD7"
Last-Modified: Fri, 23 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17536
Expires: Mon, 26 Sep 2022 00:37:18 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
sportframe.org/imgs/728kral.webp
172.67.223.155302 Found 137 kB URL HTTP/2 sportframe.org/imgs/728kral.webp
IP 172.67.223.155:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 137 kB (137042 bytes)
Hash 322d64f201b89b0d691821ad204c8ded
523937753cd6994e49804a257543ecdb6de7efa6
4c7d4df5dec2982b7d14ba8f9a05bb8ec5b6c5f6b7bdc0588959d12b627a3b99
GET /imgs/728kral.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/728kral.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq7gFOSt%2Bqjl%2FlaIox%2FtSABnJTWI4eJ3y01vWjBJ%2FNnEslj3%2BQDe%2FGpEN8RBDeD98rwLbF5Omq4MPB7wTP2YjtVR33huw3Ft61I8RUPaTrteDxvVtpIvECRo1tlfI9xP3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc23b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/728matador.webp
172.67.222.131200 OK 138 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/728matador.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 138 kB (137848 bytes)
Hash e04818e3e9fd0d8e48a0f60fa48179c2
c6e2d4f8f1d7964e53aef5122dfdd907b0610a89
883574dfcd5c28ebdc246b2ba55a286f5a3bfe1b786405ae556c9a56991c5dc3
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/728matador.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.viagraes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 137848
last-modified: Thu, 22 Sep 2022 18:34:01 GMT
etag: "632caa99-21a78"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THo6nbR4kGVqCeob%2Bi5BxTijWymm6tXzwpzRw%2F69yYdGHtwRXylxuCs6fb4QVKztfFlu6pV8NNpfg24SoK%2FcRl0z5IvxN4o%2Bww%2Fv6cHjAWd6WPbtFIgyh8G9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064204bd610b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.viagraes.com/wp-includes/js/jquery/jquery-migrate.min.js
172.67.148.85200 OK 552 kB URL HTTP/2 www.viagraes.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 172.67.148.85:0
File type ASCII text, with very long lines (11126)
Size 552 kB (552295 bytes)
Hash 9ed80786f1974f78adadf645ab33b891
fcad7e5eeeb4d351c28a34a162869f009a84f165
ef8343a336dfc314c3a5e5718c05a8fbcc47f36ab58d4421ce257e4723a3d434
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 17:06:17 GMT
cf-cache-status: HIT
age: 182324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpJA3MUL0YePyvy%2B7fND9%2B%2FiQPqQs2G%2FbYFLCVJmsQDMASIkY%2FLeZJN3ucAfbIgr5WAvOrivkE2TL6SL%2FQU3JGCJFXowg8SE996HzfTXfaSeaVc6fA47%2FTeE98q1BxVGLcfr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642036fbd0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/1000kral.webp
172.67.223.155302 Found 277 kB URL HTTP/2 sportframe.org/imgs/1000kral.webp
IP 172.67.223.155:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 277 kB (276648 bytes)
Hash 099517ecce48592f7274d5fc34a95794
cdddd7f2cbe6fea04b8d4a4b48566e0ebcc3c06c
bf4750647b1706027761ca65196be799ca66ccd6ace69bb424da4c4edbe758a1
GET /imgs/1000kral.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/1000kral.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L5YG8U%2BTWUVu8fBH0mPLHzEEXrNpo3C5LlKpG8RCxCMIPesSsuTzb7vXRCXUeeg1VYc8asXi%2BsJPccvWq5kvwWT0Rvbc1QNl1VIXkdkKGWAHVXphzsgQpi08tSaUdi6ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc22b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.viagraes.com/wp-includes/css/dist/block-library/style.min.css
172.67.148.85200 OK 255 kB URL HTTP/2 www.viagraes.com/wp-includes/css/dist/block-library/style.min.css
IP 172.67.148.85:0
File type ASCII text, with very long lines (43771)
Size 255 kB (255374 bytes)
Hash 8b05ea3c24c21ff3f68db8c2769356db
434a6453e93615c1768468010036432834589dc7
7897d7625ca3f86b455d4f3b61f7fdd642795191837e383cb3eadf0b435b4dad
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 03 Aug 2022 19:06:22 GMT
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 17:06:17 GMT
cf-cache-status: HIT
age: 182324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am675to4iCzugV70hwmemUf7yTz61mJhaqNrKbJjenGwCMhQm2fyS6qngJeMsuP5vjHmy%2Fonx4yHQ0%2FCUUAZgk7sENgumHtahpwnD6tE3iarMKz5b11U02YDprklkwv0FGzd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642036fae0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/728betpas.webp
172.67.222.131200 OK 545 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/728betpas.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 545 kB (544888 bytes)
Hash 5ef3d018280a97cffe0b30d3acaa8d83
b659d996f7044a65b35572f515b67974cefa88d5
f4581c96b13a68a99ee4378478c5040c19354d224248e723e9e3e357685fc44c
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/728betpas.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.viagraes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 544888
last-modified: Thu, 22 Sep 2022 18:35:05 GMT
etag: "632caad9-85078"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4010
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2YeBHb5JNfn5B%2BX%2BQk3r2fLKSthEsLYT5j%2BZb3%2FG1bDKPl%2B1FB6TBqoOM94yb929CtGbDIPSFRg%2Fcicp%2FzrSCFuR2AsT1vuu8Yc8gxJQ2tmbjw459stYcCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064204bd660b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4e9s.cc/futbolcafewp/imgs/728tipo.webp
172.67.222.131200 OK 629 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/728tipo.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 629 kB (629288 bytes)
Hash 385af1417786be7f81d6f14f0e9b6144
4085ac6075b487b4a32ed91259857dcab823dd1a
d6bae1908c2f6731cd659d3f91a1cc96df4549a9c132d68bdd7aee1899ca5813
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/728tipo.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.viagraes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 629288
last-modified: Thu, 22 Sep 2022 18:35:15 GMT
etag: "632caae3-99a28"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5l3eeHNvVtHvJuSuAyX0MaBqnZWIXoscA%2F4tuCBn1KdMVUTEU14qB7eDNXTCraiQre6b8yKvc2rZhjsgMKToKa3UToqjkcDt0iLWPNrpB8KfH7Zlmmn6Gqs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064204cd6f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.viagraes.com/wp-content/themes/sahifa/style.css
172.67.148.85200 OK 2.1 MB URL HTTP/2 www.viagraes.com/wp-content/themes/sahifa/style.css
IP 172.67.148.85:0
File type ASCII text, with very long lines (28229)
Size 2.1 MB (2114840 bytes)
Hash cd33f36ea44d8e2256e8c4ecd490d616
6713bd177054719548b2539eee8682e2c29c275e
6d8db92c87c61dba6a107b8bd7b16b54fad8908bbb98b9ad112dc225d438bb69
GET /wp-content/themes/sahifa/style.css HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 22:16:07 GMT
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 17:06:17 GMT
cf-cache-status: HIT
age: 182324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy9xI3ZLjXwLKSxW1Xvzfh9fYOXG3uf799v9jYXqcaN9CrLcFWUJlxn8WmGyVV83gnoRTHBYTxXooPUd3tLR9ZKGLbV82dt8b1cYIPU0kUu2f%2BrUi%2BhExxU7h7JPmXiEOE80"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642036fb10b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/120tipo.webp
172.67.222.131200 OK 776 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/120tipo.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 776 kB (775650 bytes)
Hash 166b5300cd05c61536180306f8ea1283
5c4d59aa3ac20407b2015b03ef6863ec5982bd59
d324c4a6df08ccc25b8f9c416bdd2028aac45358d6e74258c173860e9e90534d
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/120tipo.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.viagraes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 775650
last-modified: Thu, 22 Sep 2022 18:35:10 GMT
etag: "632caade-bd5e2"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CYRM5k0XRlptcjTEb%2BTbnHp9h4Hm2jrYf%2BiZ96lmRo1jf8%2BugRDNGAm8YjmQtecgv%2ByvfdEP3OEBhW%2Bbm7nnApdML3xIuPSM5VkR6IcgGGNzi2Os5uoVaZJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642058e370b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/728onwin.webp
172.67.222.131200 OK 718 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/728onwin.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 718 kB (717590 bytes)
Hash 68ed34b9d570f72a95e581fd9d8cf41f
3e48bb1723bdef79da41209b5dca2f4239079334
2ad455c098e39ffdb6dc6d9cf722f063488597fc1162d04453754ca4af8fda03
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/728onwin.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 717590
last-modified: Thu, 22 Sep 2022 18:34:30 GMT
etag: "632caab6-af316"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5885
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDE87jyYxvZZ5%2BQe5JqOXmXQWYJekCjJTivqPZ4wQVZ7W%2Bo3YevAPkAdcfDVmDDpPfqvlJny3D%2BIz8RbCwuCgnkvbI%2B6vEbedQgX1kLJ8qaZ7pXqq57F6nz%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064205ee980b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 25 Sep 2022 19:45:02 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/728saha.webp
172.67.222.131200 OK 1.4 MB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/728saha.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 1.4 MB (1391566 bytes)
Hash ad705283045a1e969d002a787170b59e
1e67b8f21bd6ab3572a916966d02eb0531101ba9
e7172a78f98402a6c131aa15638e9f6630238073b396ed893899a6abdb6beae8
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/728saha.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 1391566
last-modified: Thu, 22 Sep 2022 18:35:03 GMT
etag: "632caad7-153bce"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5885
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRwLJnw%2BXTDbcznnt4YR1JIpV4GYuYuwpqnvXQP%2B%2FYr0QKMplfkWR9D4gOZMskE1A5dKydXyP3yBf8jCHvf3Ax1RdZ%2FzylaE%2FUdupMqL83s%2Brc9e6sOu9%2BOZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642063ee60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/imgs/468taraf.webp
172.67.222.131200 OK 6.9 kB URL HTTP/2 4e9s.cc/futbolcafewp/imgs/468taraf.webp
IP 172.67.222.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 468x60, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52082d281095497774b1cebb2c12f729
1e210913456361b816cc81598fbb9e3556dfab47
1f8e4b5e03f9579abb1df21f5d90a6f90254d8f8384ac5f6f3377dd46cf93b1f
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/imgs/468taraf.webp HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/webp
content-length: 6904
last-modified: Thu, 22 Sep 2022 18:34:26 GMT
etag: "632caab2-1af8"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4566
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRi6q5Y2j3Dzwjzp7Q2Gphf7bPwl1LqCJsDITmkkUH0yrTR1XPwcX6APQ0l6Pd%2F4ruFJylvbLtgTbLO1V%2FTkx141xmze4VhVhKHVSPSqoW9ZrmSykqASbR66"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642066f1b0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e82d90a890e8cc8119c8600df6a88c8f
c2c7487b58907f918306712d846bdc17c7e688ad
0187909eb6a9f21fd6499f25dce816fd633a2460f031185ec37f0ae0b79c0cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0187909EB6A9F21FD6499F25DCE816FD633A2460F031185EC37F0AE0B79C0CD7"
Last-Modified: Fri, 23 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17536
Expires: Mon, 26 Sep 2022 00:37:18 GMT
Date: Sun, 25 Sep 2022 19:45:02 GMT
Connection: keep-alive
4e9s.cc/futbolcafewp/izle/player/pushrcdn.min.js
172.67.222.131200 OK 97 kB URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/pushrcdn.min.js
IP 172.67.222.131:0
File type ASCII text, with very long lines (40824)
Hash 2bba13d30654258fa2e63c616645adaf
439b56efd93202c7e276408d68e9c527c2f5070b
76732c7cd2e3893103bfdae80dfe654eb9f4b18f420b0f9586657e93515c576e
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/pushrcdn.min.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:40:59 GMT
etag: W/"632cac3b-68d7e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOEsU8Npr4ek6x2XRpUL4V0WGqL%2F2NM241b93NfHH2PeNXphZVdWYf2aW6xgk%2BRi4izwV2uzbdtjXwSyqCmcLgbyLvSkinLtKA6Z4JiBQFXIgNclgLGxbTFx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642065eff0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/izle/player/player_config.css
172.67.222.131200 OK 884 B URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/player_config.css
IP 172.67.222.131:0
Hash 2139255922d8b9b9a88f0034a5284363
1346e95b73b54bef724147f214664fad6035b559
24a067bcb9ab7afef6378c9a52d33cab86296c1676bd5d868c2757052a8e6b5d
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/player_config.css HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 18:41:00 GMT
etag: W/"632cac3c-38e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxTBX59Rlyi8AtqP%2F%2F6ctmEqn8TP%2BDVrZ8L2O3fRQhzhQEwkKERrXILrZW6HoJnZGBcdDDEEZhie0mk8%2F%2F927dUR6bFXlQpy74k0PDscizdJv9GKhwuLg1Ew"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642066f1a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.viagraes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 23:13:25 GMT
expires: Wed, 20 Sep 2023 23:13:25 GMT
cache-control: public, max-age=31536000
age: 419497
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jwpsrv.com/library/SakQCEfSEeOHhRIxOQfUww.js
143.204.50.28200 OK 45 kB URL HTTP/1.1 jwpsrv.com/library/SakQCEfSEeOHhRIxOQfUww.js
IP 143.204.50.28:0
File type Unicode text, UTF-8 text, with very long lines (65143)
Hash 8e40905335e6f84d0969759b130739b9
cca662a723b9e214e5f129ef3b15fe25d213c014
49ff530835d96d6f28683560cf2af3e59592741ed23db2677eb25796a110627f
GET /library/SakQCEfSEeOHhRIxOQfUww.js HTTP/1.1
Host: jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 45415
Connection: keep-alive
access-control-allow-origin: *
Cache-Control: max-age=180
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 19:43:51 GMT
Server: openresty
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GjVSModFQPyxo1pt93frV1xxQdNcLniRPNZCBIlGxR1jceUCwAU1Ow==
Age: 71
s.w.org/images/core/emoji/14.0.0/svg/2b07.svg
192.0.77.48200 OK 240 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2b07.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 31abf4145cf7c27ea0e1a2e4328283fd
31b41df44c3940427468f22c4191afab15d393a2
f534b7b1961a07619a8e1466ee3ac41144e416a276b521ba453ed7b5416ca53e
GET /images/core/emoji/14.0.0/svg/2b07.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: image/svg+xml
content-length: 240
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.viagraes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 14:52:25 GMT
expires: Mon, 25 Sep 2023 14:52:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
age: 17557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 42 x 42\012- data
Hash d146589452746fe06acd656a761a0127
9342b39f9080c50ec8f729fdf8dde497fb3bbb20
95cd38d20b81bfd7c70c30aaff5b268cdac4b9b800dc5408d547b9845815cc42
GET /-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="close.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2495
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:47:14 GMT
expires: Wed, 17 Nov 2021 06:44:26 GMT
cache-control: public, max-age=86400, no-transform
age: 14268
etag: "v1266"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
151.101.85.229200 OK 141 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141142 bytes)
Hash 7e7fdfacdb1943ea810449001d165a53
fc230e8b4a933497a2da4a783574a5b07b889a7e
d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 19:45:02 GMT
age: 28083
x-served-by: cache-fra19125-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4e9s.cc/futbolcafewp/izle/player/hls.js
172.67.222.131200 OK 71 kB URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/hls.js
IP 172.67.222.131:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash a2c1bc5c333ca78813470bbde400061c
336301f027de104dcc0004f69848a1d97a5dd603
fc98be890b084484bda5c0233b1334cf186502a139a0e1f2f40c5b6e093853be
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/hls.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:40:56 GMT
etag: W/"632cac38-3ce0e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYSDswHR0U1z87wyf53k6Bmdg9357Z96wMj5%2BTtRjKjSNywadKeYFUO4YxtAp96KocxR1NJPO38Or8L4xfKmcC9RCU3Go5SEosOe322D%2Bn987gTTIwvLXHHe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642065f000b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash efbc105b64e9bedb745117b95eff7d95
a9f6b23b36f79f2a86b03ae01f1bcebb82ce8f48
2bbc174ae6feebc8af3d14e1f7b779e4ed25f79fa0d87115a02852fc2ca6eb29
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:45:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EF42EFE875A25F79E48A3B3CE2940FA35071787B"
Expires: Mon, 26 Sep 2022 06:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3017
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75064207fd50b509-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.addthis.com/live/red_lojson/300lo.json?si=6330afbce78685a4&bkl=0&bl=1&pdt=3912&sid=6330afbce78685a4&pub=ra-5fb048e5f90b71d1&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=www.viagraes.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Justin%20tv%20izle%2CCanl%C4%B1%20Ma%C3%A7%20izle%2CMa%C3%A7%20Yay%C4%B1nlar%C4%B1%2CTaraftarium24%20izle%2CMa%C3%A7%20izle%20Bedava%2CJustintv%20Ma%C3%A7%20izle%2Ctaraftarium%2Cnetspor%2Cwebspor&colc=1664135100819&jsl=1&uvs=6330afbc5c820b4c000&skipb=1&callback=addthis.cbs.jsonp__76754819456411460
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6330afbce78685a4&bkl=0&bl=1&pdt=3912&sid=6330afbce78685a4&pub=ra-5fb048e5f90b71d1&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=www.viagraes.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Justin%20tv%20izle%2CCanl%C4%B1%20Ma%C3%A7%20izle%2CMa%C3%A7%20Yay%C4%B1nlar%C4%B1%2CTaraftarium24%20izle%2CMa%C3%A7%20izle%20Bedava%2CJustintv%20Ma%C3%A7%20izle%2Ctaraftarium%2Cnetspor%2Cwebspor&colc=1664135100819&jsl=1&uvs=6330afbc5c820b4c000&skipb=1&callback=addthis.cbs.jsonp__76754819456411460
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash ce8f546e67c4f87251447aa42bf8ccaf
41f5eab714e3d22433abf266ee3a41c1f5a30f6c
602225c6b9e31d175523d3192c3919644dc16a59ad1fed44e1a3fd0d1a2b0fd9
GET /live/red_lojson/300lo.json?si=6330afbce78685a4&bkl=0&bl=1&pdt=3912&sid=6330afbce78685a4&pub=ra-5fb048e5f90b71d1&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=www.viagraes.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Justin%20tv%20izle%2CCanl%C4%B1%20Ma%C3%A7%20izle%2CMa%C3%A7%20Yay%C4%B1nlar%C4%B1%2CTaraftarium24%20izle%2CMa%C3%A7%20izle%20Bedava%2CJustintv%20Ma%C3%A7%20izle%2Ctaraftarium%2Cnetspor%2Cwebspor&colc=1664135100819&jsl=1&uvs=6330afbc5c820b4c000&skipb=1&callback=addthis.cbs.jsonp__76754819456411460 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 25 Sep 2022 19:45:02 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 11c0d2db67d47c20bd15e5a8ad9bbc5d
2a530d4a26e10612ddad51847559b503ef7e01f8
905a8f38e198722cffbf49dec936a7d3308048a4dcf941b3b210227ec84ab0b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:02 GMT
Last-Modified: Sun, 25 Sep 2022 19:18:45 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
v1.addthisedge.com/live/boost/ra-5fb048e5f90b71d1/_ate.track.config_resp
23.38.200.123200 OK 819 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5fb048e5f90b71d1/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3139), with no line terminators
Hash 481b42234133b480c7a169d1ff7a6743
35bab547cf2bd25c1fda7c74c2b2da9701f8041a
4d8a016e5257c3b29780ad554a189f1d1fb95482a19a438ad392ae8f986dcb6e
GET /live/boost/ra-5fb048e5f90b71d1/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 819
etag: -166397613--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Sun, 25 Sep 2022 19:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 25 Sep 2022 19:45:02 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/14.2dfb61b890959f78272d.js
23.38.200.123200 OK 304 B URL HTTP/2 s7.addthis.com/static/14.2dfb61b890959f78272d.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (397), with no line terminators
Hash ca0f404238de96a7e72a7412a43229ba
4f73f2828bffb15fe09660886210e4ec40eeaa8b
d44d9599170c634d819deecceaa0e7964c0eab00f2e424e882c2840b1363dd36
GET /static/14.2dfb61b890959f78272d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-18d"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 304
date: Sun, 25 Sep 2022 19:45:03 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 929 B IP 104.18.32.68:0
File type gzip compressed data, max compression\012- data
Hash 22b9af80f2dfcf0068384075b63221b6
8d025b56e4cd07c94bf2a38aa8dbe8adf6ee2771
0a6769fe1ccdeb66d136eac5e19f9d89626ebb07b4faf7f17e15f8af1f334d2d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:29:12 GMT
Expires: Sat, 01 Oct 2022 05:29:11 GMT
Etag: "b5843b4a0150cf071c318d773993c3007b952e7c"
Cache-Control: max-age=466447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7506420abf7db523-OSL
www.googletagmanager.com/gtag/js?id=UA-74068698-18
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-74068698-18
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash e2f8e8e7f7d859710588cebe73b1facc
3b601bfddeaa6c8f48299f96392253eb46945d68
80be9b2ebbd5069edd904ffd4e30f0e3d8c347b09a636cf1db91e7c925cf5d01
GET /gtag/js?id=UA-74068698-18 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 19:45:03 GMT
expires: Sun, 25 Sep 2022 19:45:03 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 19:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e6cc8d18632fa35acd3fd25dbfd9e947
b7bf2efc706dfbbb1c09923600b0e4bd4e768d4b
9e08b27e4fca30c3c4ef7bcb4e2cf509cd44d18f80687317f55659ff55cad152
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 05:56:49 GMT
Expires: Sun, 02 Oct 2022 05:56:48 GMT
Etag: "b7bf2efc706dfbbb1c09923600b0e4bd4e768d4b"
Cache-Control: max-age=554504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7506420b287fb523-OSL
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.viagraes.com%2F
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.viagraes.com%2F
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.viagraes.com
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.viagraes.com/
last-modified: Sun, 25 Sep 2022 18:00:00 GMT
access-control-allow-origin: https://www.viagraes.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 25 Sep 2022 19:45:03 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_fmc00
23.38.200.123200 OK 55 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_fmc00
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash a32813706f57aca8a7f0faf44e55fc7e
cfbfd81e65abb3d9454aa334e6b4f9d049a4b292
a5bae33f153ed8d211191755c5f817b63e9e7b38950a2b70875057b83d661125
GET /url/shares.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_fmc00 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.viagraes.com/
last-modified: Sun, 25 Sep 2022 19:45:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 55
date: Sun, 25 Sep 2022 19:45:03 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&j=https%3A%2F%2Fwww.viagraes.com%2F
158.69.139.229200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&j=https%3A%2F%2Fwww.viagraes.com%2F
IP 158.69.139.229:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&j=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl3
Set-Cookie: m=1; Domain=dtscout.com; Expires=Sun, 25-Sep-2022 21:08:23 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
b=1; Domain=dtscout.com; Expires=Mon, 26-Sep-2022 00:45:03 GMT; Max-Age=18000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sun, 25-Sep-2022 23:45:03 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1664135103; Domain=dtscout.com; Expires=Tue, 03-Jan-2023 19:45:03 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.59
Expires: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: no-cache
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 18:41:09 GMT
expires: Sun, 25 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 3834
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_5gb30
23.38.200.123200 OK 55 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_5gb30
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 0fc86f1e8ba11165f225d93a7c6cef11
20725be12df92ca44a202d5852351a4d32a4882d
2beb42210aaa679681751fd70a4e0683bbaba54e33c40ccedeafdfe1b3dec871
GET /url/shares.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=_ate.cbs.rcb_5gb30 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.viagraes.com/
last-modified: Sun, 25 Sep 2022 19:45:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 55
date: Sun, 25 Sep 2022 19:45:03 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 11:33:41 GMT
Expires: Sun, 02 Oct 2022 11:33:40 GMT
Etag: "42230e136a99d87c331c83b02daf34464d5378df"
Cache-Control: max-age=574716,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7506420c9b1bb523-OSL
t.dtscout.com/i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fsayac.html&j=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fizle%2Fch13.html
158.69.139.229200 OK 2.5 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fsayac.html&j=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fizle%2Fch13.html
IP 158.69.139.229:0
Hash 99711904b79a29da9046c40bbdcabaa9
12abe6627e3d1dfeeea17ef0176e60cb2d82c20c
1d29bcb435750535a95bb8b6b7a61e1713317d4c2c3cfaee1292e5122c9458c6
GET /i/?l=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fsayac.html&j=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fizle%2Fch13.html HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl3
Set-Cookie: m=1; Domain=dtscout.com; Expires=Sun, 25-Sep-2022 21:08:23 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
b=1; Domain=dtscout.com; Expires=Mon, 26-Sep-2022 00:45:03 GMT; Max-Age=18000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sun, 25-Sep-2022 23:45:03 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1664135103; Domain=dtscout.com; Expires=Tue, 03-Jan-2023 19:45:03 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.645
Expires: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: no-cache
t.dtscout.com/pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=50zu&_cb=_dtspv.c
158.69.139.229200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=50zu&_cb=_dtspv.c
IP 158.69.139.229:0
File type ASCII text, with no line terminators
Hash e7a8450ca1f79f61049d48b23217c0d5
ca933c331edbe16a5d6cf18319cbb6a99d564f66
8d622d9fca47a5168f7b5fc84988f610dedda62d27f1f6dd0ad97080ada2aebe
GET /pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=50zu&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: m=1; b=1; oa=1; df=1664135103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.181
X-C: 0
Expires: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: no-cache
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=ligtvmax1&t=justintv-onlinemac&c=c&x=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&y=https%3A%2F%2Fwww.viagraes.com%2F&a=0&d=0.597&v=27&r=5667
104.22.75.171200 OK 99 B URL HTTP/2 whos.amung.us/pingjs/?k=ligtvmax1&t=justintv-onlinemac&c=c&x=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&y=https%3A%2F%2Fwww.viagraes.com%2F&a=0&d=0.597&v=27&r=5667
IP 104.22.75.171:0
File type ASCII text, with no line terminators
Hash 302d5fc795197990f2b704f505fa0cad
33a15bb5958c951548bf4c5b96d4fd87d26ee1bd
0b48082add204ce2f85ca3d36963030282ae77db987f6c25bcb49e15089919f5
GET /pingjs/?k=ligtvmax1&t=justintv-onlinemac&c=c&x=https%3A%2F%2F4e9s.cc%2Ffutbolcafewp%2Fonlinemac.html&y=https%3A%2F%2Fwww.viagraes.com%2F&a=0&d=0.597&v=27&r=5667 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:03 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7506420b2e569909-ARN
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=2&_ls=0&_cc=no&_pl=d&_cbid=1pk3&_cb=_dtspv.c
158.69.139.229200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=2&_ls=0&_cc=no&_pl=d&_cbid=1pk3&_cb=_dtspv.c
IP 158.69.139.229:0
File type ASCII text, with no line terminators
Hash 46a736014160cdb306d90f24ad6df819
ae81f345005cc554b32c7adc9f5ffd9f82bcccf8
2bba2526424f5b096e96355a53a2beb1d5c104d9eb0169493dd4b5ae85a5531d
GET /pv/?_a=v&_h=4e9s.cc&_ss=52lylp2643&_pv=2&_ls=0&_cc=no&_pl=d&_cbid=1pk3&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Cookie: m=1; b=1; oa=1; df=1664135103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 25 Sep 2022 19:45:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.142
X-C: 0
Expires: Sun, 25 Sep 2022 19:45:02 GMT
Cache-Control: no-cache
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac
67.202.105.32204 No Content 3.7 kB URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac
IP 67.202.105.32:0
Hash a36ec31faf75b4b8d821c9e7ff4a5dfc
6c140cc1f228636cad0136e1a465f193b1830871
0c79e6bdf49df7fdbf88d23baa86f678118ea9b626d0eebde5771d309d4f2509
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 26 Sep 2022 19:45:04 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Sun, 25 Sep 2022 19:45:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 26 Sep 2022 19:45:04 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Sun, 25 Sep 2022 19:45:04 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=4e9s.cc HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F&t=justintv-onlinemac HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1&r=https%3A%2F%2Fwww.viagraes.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1664135102122&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1664135101976&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 25 Sep 2022 19:45:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
sportframe.org/imgs/1000betpas.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/1000betpas.webp
IP 172.67.223.155:0
GET /imgs/1000betpas.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/1000betpas.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww3Z5jQ9I8wgyHwcsrpy2RIYW6GTeoto212j8tPB%2FyLzwEYSvKhouVfdxkvybehWkO7TW24lF7MOokitQfmFrJ3VtxjHgi0K6idsHFfSKi8jjJOnesMTK91SQOSq%2BVtUBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc24b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/trgolreyiz.js
172.67.222.131200 OK 0 B URL HTTP/2 4e9s.cc/futbolcafewp/trgolreyiz.js
IP 172.67.222.131:0
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/trgolreyiz.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:32:23 GMT
etag: W/"632caa37-7a5"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm0un52Dn5URnW4okWBAS%2FKhdYH40maWtRACpqxHUELqFILCaU5Lj8j0HwDcfGpoajW6Zg2Yea7ESLGg443o1iOLfM1%2FIl8NP4kawbfgUMB7SmVsuknrG%2FPT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642068f350b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/1000matador.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/1000matador.webp
IP 172.67.223.155:0
GET /imgs/1000matador.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/1000matador.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyFCP86LNJe2l7amKWZpIKAC4sTeZcfnz8Rs6YgmpZg%2BphvMsOYS%2FnL6HE3xY5M2kwbFpBJtqdELXZ%2BUqUt0cZQVuU%2F1AV3bxT5j0LhwJEwF6afRmwZ5tHyb8Xs7iELRVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc25b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/728betpas.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/728betpas.webp
IP 172.67.223.155:0
GET /imgs/728betpas.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/728betpas.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zapQvosNW8bYj7eE%2Bt3L3a8CQnJLbaWHlwq9bUpCyJvKUFJnGYPVPQ78sBvN2tkYMkkIEKH4t2vq749KKfpTlZ6YoUmYr07R%2BExx3V5BbbelkNmWnKWaVreu5Kl%2BKoLF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203ec2cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.amung.us/classic.js
104.22.75.171200 OK 0 B URL HTTP/2 widgets.amung.us/classic.js
IP 104.22.75.171:0
GET /classic.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:03 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:33 GMT
etag: W/"630d0191-329b"
expires: Mon, 26 Sep 2022 19:12:37 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 1946
vary: Accept-Encoding
server: cloudflare
cf-ray: 7506420b4ec99909-ARN
X-Firefox-Spdy: h2
www.viagraes.com/
172.67.148.85200 OK 0 B IP 172.67.148.85:0
GET / HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:01 GMT
content-type: text/html; charset=UTF-8
link: <https://www.viagraes.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cache-control: max-age=2073600
expires: Sun, 25 Sep 2022 19:45:01 GMT
cf-cache-status: EXPIRED
last-modified: Sun, 25 Sep 2022 19:37:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxYagTmQBWghImtDLoaipkPGTRFF6WTO1StEMU5gsNmN4s%2FXzC6f8XYkg4k5w1fmvS0Phxy7PCTSoy7kdTWKCCIVy%2Fd0B0cO3gtjYhRIndJ4uilQE9u7lv%2FdRmEqz6EgJR%2Bb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750641eeac1b0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.viagraes.com/wp-content/themes/sahifa/js/tie-scripts.js
172.67.148.85200 OK 0 B URL HTTP/2 www.viagraes.com/wp-content/themes/sahifa/js/tie-scripts.js
IP 172.67.148.85:0
GET /wp-content/themes/sahifa/js/tie-scripts.js HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 21:35:55 GMT
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 17:06:17 GMT
cf-cache-status: HIT
age: 182325
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDQhn3X4GnqIsc9KbExhMppJNcK%2Bk3CSzN5bTudDQIMeAmD1%2Bu7tqxyhdZQO0DEn2Ep5brc5rNnAd3VmtB35phd9DSc%2B86GL%2FR96EKlxuGpWwTWNPPsjFnzT2u4vSVG74Kkd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642038fec0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/izle/player/p2p-media-loader-hlsjs.min.js
172.67.222.131200 OK 0 B URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/p2p-media-loader-hlsjs.min.js
IP 172.67.222.131:0
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/p2p-media-loader-hlsjs.min.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:41:00 GMT
etag: W/"632cac3c-68bf"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OGRBE9%2B22PYS2Nhn9NWotXtdMr5MX64C5%2FliulDW%2FVQMpet90RfLWCmoqAR4Z4nqjDbCExXb981mor2wdEI887wMjs1L3nmCExygJUzs%2Fqea5r9kJdy3DiJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642065f040b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_9gwi0
151.101.84.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_9gwi0
IP 151.101.84.84:0
GET /v1/urls/count.json?url=http%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_9gwi0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 25 Sep 2022 19:58:05 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 7649126638012097
date: Sun, 25 Sep 2022 19:45:03 GMT
age: 118
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_g18j0
151.101.84.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_g18j0
IP 151.101.84.84:0
GET /v1/urls/count.json?url=https%3A%2F%2Fwww.viagraes.com%2F&callback=window._ate.cbs.rcb_g18j0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 25 Sep 2022 19:58:05 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6907772200363779
date: Sun, 25 Sep 2022 19:45:03 GMT
age: 118
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
sportframe.org/imgs/120tipo.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/120tipo.webp
IP 172.67.223.155:0
GET /imgs/120tipo.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/120tipo.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY3fzd4IRo0cP0oMfUytUTlckzNYSi%2Fdu46lOwOFFq53dDZcGNbMcr%2B5WaNBxx9EsvZc9yMl8sEZWxfWn6tjBZ2gQX%2BI7AlrtJ7h51Wxv7EtvEpeTt8NfKpgf2Z3qnEkHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc20b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/300betebet.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/300betebet.webp
IP 172.67.223.155:0
GET /imgs/300betebet.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/300betebet.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfxBe52y5azFeUKfPpUjBKX49ULFnL8dKUQRUoaaioo701o6ITV64cSqYJixTrPKK5V6AdZDOI151VSTpEgHEbJpECWNDyqbT%2FmnA3NEOvytSEwyKyACHQYsitgPfLQlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203dc21b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/728tipo.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/728tipo.webp
IP 172.67.223.155:0
GET /imgs/728tipo.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/728tipo.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s5igkIu7H62se%2BvsPr7ti7PhBiWLPoFJ%2FVEPuV6a5eh3TdZW3OMpZCURCPSX6KHyiaREfXqjhAVT79ffxd2nWf1JK3WjRRhwjdYrKfH9SlHQYalx%2Fb1vlbifHQIbKpVeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203ec2eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/izle/player/player_config.js
172.67.222.131200 OK 0 B URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/player_config.js
IP 172.67.222.131:0
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/player_config.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:40:45 GMT
etag: W/"632cac2d-213f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soPwgmWqBriP%2B%2FDsM%2Bi42VBawTzVZIW0Q6NW26xiT9s%2F%2FieAMC6Jx35C1bKcIBWz5wYgg7qFsyYALf7nUXUMaxinNHkPb%2FPaOoUQyOE1zCAKlP5LmvQQb1xS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642068f370b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.viagraes.com/wp-content/themes/sahifa/css/ilightbox/light-skin/skin.css
172.67.148.85200 OK 0 B URL HTTP/2 www.viagraes.com/wp-content/themes/sahifa/css/ilightbox/light-skin/skin.css
IP 172.67.148.85:0
GET /wp-content/themes/sahifa/css/ilightbox/light-skin/skin.css HTTP/1.1
Host: www.viagraes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 21:35:55 GMT
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 17:06:17 GMT
cf-cache-status: HIT
age: 182324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMIu20EgNA4iNL6ApIUpKMaNYTDWXkszz%2FenFsUbENzpXWp2mcs3xDtZB%2FMNzOYAoBP1dl6MFc7Ihn7J9i7tSSEfANfTQoYLKZMhCDhbZkJj%2FuV9GBe6LMw%2BLe2vy2jHD1hj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750642036fb40b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/izle/player/p2p-media-loader-core.min.js
172.67.222.131200 OK 0 B URL HTTP/2 4e9s.cc/futbolcafewp/izle/player/p2p-media-loader-core.min.js
IP 172.67.222.131:0
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/player/p2p-media-loader-core.min.js HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4e9s.cc/futbolcafewp/izle/ch13.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 18:40:57 GMT
etag: W/"632cac39-23187"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Niz2Yn5ukHDPmAVUufLJy0etZkMTwWCJ9mWFlTjU1Zr76232CmUBdCVQq6hhGrZWUBL%2FEM92%2FEP0ugU8eXH3tatthwYIbK3CUMBox16U%2FM8rBJSmSE%2FbD0py"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750642065f020b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe.org/imgs/728matador.webp
172.67.223.155302 Found 0 B URL HTTP/2 sportframe.org/imgs/728matador.webp
IP 172.67.223.155:0
GET /imgs/728matador.webp HTTP/1.1
Host: sportframe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.viagraes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 25 Sep 2022 19:45:02 GMT
location: https://4e9s.cc/futbolcafewp/imgs/728matador.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I%2BENDKHLpKGbA4Z6Jaj6eOYR%2F1GzMBqty0tdc%2BsMGS5FYLXpQ%2FlQv3cmf1LRGX3oWJOpDlJ2631NR%2FOfJkKq2yDQ37jSVgJDB5qzxR28e7xNgFxMsqpZpT3BoFpeMiQQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064203ec31b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
172.64.151.83200 OK 0 B IP 172.64.151.83:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:03 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 15952
expires: Wed, 28 Sep 2022 19:45:03 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7506420cedb8b52d-OSL
X-Firefox-Spdy: h2
4e9s.cc/futbolcafewp/izle/ch13.html
172.67.222.131200 OK 0 B URL HTTP/2 4e9s.cc/futbolcafewp/izle/ch13.html
IP 172.67.222.131:0
Analyzer Verdict Alert quad9 Sinkholed
GET /futbolcafewp/izle/ch13.html HTTP/1.1
Host: 4e9s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.viagraes.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 19:45:02 GMT
content-type: text/html
last-modified: Thu, 22 Sep 2022 18:38:52 GMT
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUxTwRqppPG%2B%2B%2FCgTOvjDk9ywMXjrvqBdk2NY3f5bW9RhC%2FKyaJKfYD8OVER5D4R9SxpCeilosGxb4dkiI0PLGXwn%2B97cYyn6scBZWKSIlXyp5htVSEbV%2Bzb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75064204cd700b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2