Report - 94ero.com/videos/5105

Report Overview

URL

94ero.com/videos/5105
IP

104.21.16.154

ASN

#13335 CLOUDFLARENET
Submitted

2023-06-04T14:48:11Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

1
Threat Detection Systems

17

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com (3)	75	2013-05-22 04:07:37	2023-06-03 18:13:20	1286	211117	142.250.74.72
restroomcalf.com (1)	unknown	2022-11-11 11:46:35	2023-06-02 07:26:36	431	514	173.233.137.52
social-plugins.line.me (1)	37575	2017-10-20 09:55:08	2023-06-02 21:27:58	788	1106	2.18.172.37
zz.bdstatic.com (1)	27702	2017-01-30 08:45:48	2023-06-03 13:52:27	406	769	58.254.150.48
img.94ero.com (4)	unknown	2022-07-21 20:03:48	2023-06-02 05:08:01	1698	0	0.0.0.0
94ero.com (13)	unknown	2017-11-19 03:49:33	2023-06-02 13:22:14	5820	393597	104.21.16.154
ajax.googleapis.com (1)	12905	2013-08-16 11:51:31	2023-06-03 19:04:37	426	31290	142.250.74.106
fonts.gstatic.com (3)	unknown	2014-09-09 02:40:21	2023-06-03 19:05:37	1617	87199	216.58.207.227
a.bestcontentfood.top (2)	54526	2019-10-07 08:12:20	2023-06-03 20:47:27	825	19400	172.64.175.26
poweredby.jads.co (5)	30525	2019-12-04 11:34:12	2023-06-03 19:03:08	2246	9079	185.94.237.64
i.jads.co (2)	46788	2019-12-04 09:50:06	2023-06-03 18:07:49	1335	679725	69.16.175.42
www.google.com (1)	7	2015-05-10 13:11:19	2023-06-02 22:22:18	401	1053	142.250.74.132
d.line-scdn.net (1)	9918	2017-01-30 14:34:10	2023-06-03 11:21:00	433	2171	23.38.201.100
cdnjs.cloudflare.com (8)	235	2015-04-17 22:46:33	2023-06-03 18:14:22	3483	140890	104.17.24.14
a.medfoodsafety.com (4)	unknown	2022-09-08 22:27:23	2023-06-04 06:53:19	2858	4296	172.64.138.21
static-clst.avgle.com (2)	289085	2018-05-23 08:17:04	2023-06-02 05:08:01	891	19015	45.133.44.9
fonts.googleapis.com (3)	8877	2013-06-10 22:14:26	2023-06-03 18:44:59	1295	115990	142.250.74.106
avgle.com (26)	126596	2017-02-28 18:26:13	2023-06-02 17:00:13	12237	1063936	188.114.96.1
www.gstatic.com (1)	unknown	2016-07-26 11:37:06	2023-06-03 18:31:41	470	167053	142.250.74.67
cdn3.medfoodsafety.com (2)	unknown	2022-04-05 05:19:12	2023-06-03 21:52:10	916	225995	172.64.138.21
sp0.baidu.com (1)	18423	2014-12-06 00:12:12	2023-06-03 13:52:27	471	116	104.193.88.77

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-04T14:47:51Z	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com
2023-06-04	medium	94ero.com

ThreatFox

No alerts detected

HTTP Transactions (85)

URL IP Response Size

94ero.com/banner/94_pc_banner.jpg

104.21.16.154

200 OK

114400

URL GET HTTP/3

94ero.com/banner/94_pc_banner.jpg
IP

104.21.16.154:443
ASN

#13335 CLOUDFLARENET

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject94ero.com

Fingerprint44:05:0E:27:19:F9:FA:1A:0A:9A:6C:92:A5:A2:2E:F7:05:75:6E:43

ValiditySat, 06 May 2023 10:23:43 GMT - Fri, 04 Aug 2023 10:23:42 GMT

Magic

JPEG image data, progressive, precision 8, 1200x350, components 3\012- data

Size

114400
Hash

cc5827eb5ad4cf26e3297646ebe68812

265dae6c01143327275f8e89b74a0cd65d871df4

379397f9efcfa8287e590f00d497ca504e915a2a46a74de87d4447562201fa80

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /banner/94_pc_banner.jpg HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/videos/5105
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:51 GMT
content-type: image/jpeg
content-length: 114400
last-modified: Sun, 07 Aug 2022 08:46:09 GMT
etag: "62ef7bd1-1bee0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-cache-status: HIT
age: 2378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azLCT7O3PNnFrsioCVXNDygRAAabPtQp6itz7o3aZ3CPa2Fkw4Xlx14LiRcD8usMJ%2B%2FnwzJmTUB31xzUwpClMXlLI0chwwL%2BTdTWAoOgavcdTq6uc1ecCpcidUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d20f9337eefb521-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.106

200 OK

30306

URL GET HTTP/2

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

ASCII text, with very long lines (32058)

Size

30306
Hash

c9f5aeeca3ad37bf2aa006139b935f0a

1055018c28ab41087ef9ccefe411606893dabea2

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

                                        GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 06:56:45 GMT
expires: Wed, 29 May 2024 06:56:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 460266
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

142.250.74.132

200 OK

555

URL GET HTTP/2

www.google.com/recaptcha/api.js
IP

142.250.74.132:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subjectwww.google.com

FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E

ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT

Magic

ASCII text, with very long lines (850), with no line terminators

Size

555
Hash

fbd5eeb900897249ff19788c9934795f

a70760a26cbef3e5cfb627a7d76c9c135382a80f

8d407cd28e2db7a40917117ec99a996194878d452f589860cb45083e6d7208f1

HTTP Headers

                                        GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
expires: Sun, 04 Jun 2023 14:47:51 GMT
date: Sun, 04 Jun 2023 14:47:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-53263334-5

142.250.74.72

200 OK

48347

URL GET HTTP/2

www.googletagmanager.com/gtag/js?id=UA-53263334-5
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C

ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

Magic

ASCII text, with very long lines (2271)

Size

48347
Hash

bdee7ec953a1b3bb7c9719c15ed15371

802bf295a4dd63af71a13435169751fcf68d8a5d

df89e23f0e067300b67bac8bf8582d10e8849a6532a4fed640c2af1816eee2b0

HTTP Headers

                                        GET /gtag/js?id=UA-53263334-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Jun 2023 14:47:51 GMT
expires: Sun, 04 Jun 2023 14:47:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC

142.250.74.72

200 OK

80484

URL GET HTTP/2

www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C

ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

Magic

ASCII text, with very long lines (3288)

Size

80484
Hash

6e8f008b90912a45b1667c75792818a6

9c7290ef3b6f86d4d1db819bb383bcd756c2939f

e0643a2104f4967924738da9d25e48e1547f197a30be75030dd68fb174811912

HTTP Headers

                                        GET /gtag/js?id=G-ZLN9EGDKDC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Jun 2023 14:47:51 GMT
expires: Sun, 04 Jun 2023 14:47:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC&l=dataLayer&cx=c

142.250.74.72

200 OK

80503

URL GET HTTP/3

www.googletagmanager.com/gtag/js?id=G-ZLN9EGDKDC&l=dataLayer&cx=c
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C

ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

Magic

ASCII text, with very long lines (3288)

Size

80503
Hash

a21f2043b852d6a4ffaaad8f8824eb45

b99d45c829c9f060abdd944e59435cdb41a4be81

162c4b6288619980feb0edc6f9df6063df4b83956a822f24d1c0a4d50d3700de

HTTP Headers

                                        GET /gtag/js?id=G-ZLN9EGDKDC&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Jun 2023 14:47:52 GMT
expires: Sun, 04 Jun 2023 14:47:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js

23.38.201.100

200 OK

1558

URL GET HTTP/2

d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
IP

23.38.201.100:443
ASN

#16625 AKAMAI-AS

Requested by

https://94ero.com/videos/5105
Certificate

IssuerDigiCert Inc

Subjectline-apps.com

Fingerprint90:52:FA:A5:B0:FA:DC:D7:B9:C9:FF:24:36:83:F5:F9:36:C6:14:09

ValidityWed, 11 Jan 2023 00:00:00 GMT - Thu, 11 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (4730), with no line terminators

Size

1558
Hash

8e50c4d0b7f2c69fe4b07b078876770b

2651708e3d58f1aa0a0ef09e368273804667db2e

9f4fff267e575509a2fab753d83a325fdf8bd3d24eb7c21674a588191ec0599e

HTTP Headers

                                        GET /r/web/social-plugin/js/thirdparty/loader.min.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Tue, 14 Mar 2023 04:54:18 GMT
x-rgw-object-type: Normal
etag: "8e50c4d0b7f2c69fe4b07b078876770b"
x-amz-meta-s3cmd-attrs: md5:8e50c4d0b7f2c69fe4b07b078876770b
x-amz-storage-class: STANDARD
x-amz-request-id: tx00000e171b544daa42cae-00641269b6-122f6ad9-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=202324
expires: Tue, 06 Jun 2023 22:59:56 GMT
date: Sun, 04 Jun 2023 14:47:52 GMT
content-length: 1558
X-Firefox-Spdy: h2

94ero.com/fonts/glyphicons-halflings-regular.woff2

104.21.16.154

200 OK

18028

URL GET HTTP/3

94ero.com/fonts/glyphicons-halflings-regular.woff2
IP

104.21.16.154:443
ASN

#13335 CLOUDFLARENET

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject94ero.com

Fingerprint44:05:0E:27:19:F9:FA:1A:0A:9A:6C:92:A5:A2:2E:F7:05:75:6E:43

ValiditySat, 06 May 2023 10:23:43 GMT - Fri, 04 Aug 2023 10:23:42 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data

Size

18028
Hash

448c34a56d699c29117adc64c43affeb

ca35b697d99cae4d1b60f2d60fcd37771987eb07

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/octet-stream
content-length: 18028
last-modified: Fri, 15 Dec 2017 10:05:19 GMT
etag: "5a339e5f-466c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-cache-status: HIT
age: 2378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEd2fQnGgGWEi8bjZ%2FRjLEgIKtFxMTS9qVbcMax7ejE%2BztrNaD4Ca1zWZg1WlpvuTvRNbjRz7uyxsdrmac1JvRA%2FtkukDp6l7HyP9KfkWkPaou0ECTTsEh6HsS4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d20f9370b67b521-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

23580

URL GET HTTP/2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

Size

23580
Hash

e1b3b5908c9cf23dfb2b9c52b9a023ab

fcd4136085f2a03481d9958cc6793a5ed98e714c

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

                                        GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 04:04:41 GMT
expires: Fri, 31 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 297791
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

216.58.207.227

200 OK

12708

URL GET HTTP/2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data

Size

12708
Hash

b4a68b1e743ee317eaaf0bbadd131571

f24f7823d4e3830c7cfa5bcb33733d2897c00f13

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

HTTP Headers

                                        GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://94ero.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:39 GMT
expires: Fri, 31 May 2024 11:49:39 GMT
cache-control: public, max-age=31536000
age: 269893
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js

104.17.24.14

200 OK

2977

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (8830)

Size

2977
Hash

e5a5b331cf54c474203628eb9398470e

6d2e5b6a22edb7d95e0ac7523d74f5f7013cb344

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

HTTP Headers

                                        GET /ajax/libs/js-sha256/0.9.0/sha256.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2977
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-2339"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6287129
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lavPJkcN7KCjjVmHMFiLBJ14TuW1VEUe%2FShiFF0CfJ31GdP0NTTnOOyvyaZ4kbAR0Nl0tr%2BGQrszvnAQO8iwUIAWo2KoigFbx%2FzLskRoJXPYamSKykm%2FoN%2B3DJJtjc7rLtyiBLdN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f939c889b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js

104.17.24.14

200 OK

10459

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/peerjs/0.3.14/peer.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (32125)

Size

10459
Hash

2fed9b9b444dc84fd04655375d18f7f3

1d5c87c8416531d99f4a6bd9cf55f2f5e663d86d

3a365efcbe0c2038faa00fb4582e01b2aef7e4aea363e3a02093f3c9cbf20294

HTTP Headers

                                        GET /ajax/libs/peerjs/0.3.14/peer.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 10459
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f88-a497"
last-modified: Mon, 04 May 2020 16:15:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 11202174
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh3Arh7dCTwYrLKa3DIVXd7aeQK1DO4hpKHQhhAClOLYRepj%2FgaJg40JBXdVn9Yx5F3NK03%2BalXYo3L7kNxbA1JWA4eOZqyWRWszuBGcVKATmZ5omZho27bwzmjvAsLj5GHixHVw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f939c88bb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.bestcontentfood.top/warp/4788325?r=7235

172.64.175.26

200 OK

13822

URL GET HTTP/2

a.bestcontentfood.top/warp/4788325?r=7235
IP

172.64.175.26:443
ASN

#13335 CLOUDFLARENET

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subjectbestcontentfood.top

Fingerprint05:92:DD:1D:C7:55:AF:31:51:3C:D1:A5:AA:95:6F:2A:79:47:3E:38

ValidityWed, 26 Apr 2023 23:31:51 GMT - Tue, 25 Jul 2023 23:31:50 GMT

Magic

ASCII text, with very long lines (4179), with no line terminators

Size

13822
Hash

b1ce09549e24215f80c52ba3b3cc2e22

7315ee4b0dc6cf14cfc78fc2141a735587c3c21b

ebd3e36d4d1bf1e5ffd33bbda2fe9ea5db0b8550141ab0485da1cdd3696c946a

HTTP Headers

                                        GET /warp/4788325?r=7235 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXM6CdDn2i6s%2FRl%2FSaZiQp4HKB3Dx7I0tSizU07%2FGOhYXX79KI3K62WZltpbbBlBEE%2BH3DO4oOzXej5CSvs2fUSRQouXY9cG2HpJgZDQVBJ4LlfmoiGUzcafqyRmUXoqgvuBIzB8i%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d20f9377dfd418e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

104.17.24.14

200 OK

1339

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (3730)

Size

1339
Hash

b24893215933dafef9a250b4a46a602d

9e95b3d2fad05cd68bbe721bd9fe79e524c47e71

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

HTTP Headers

                                        GET /ajax/libs/blueimp-md5/2.10.0/js/md5.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8b-eb6"
last-modified: Mon, 04 May 2020 16:06:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 28933552
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKYTSAU%2FzhDCAWg0LQZ96iEVK7cvhqrkzp4jrQVVnqAWTuTgnnvKJsWmDwNfCFdck%2B7UxJP93ia8xljy3S4hDaJs%2Bu%2FnJcWQfqpVjBI%2BC4obZOko%2FRfZtD0XbNIP2XPH%2B9AHaV1p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f93a5984b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.24.14

200 OK

30360

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (32077)

Size

30360
Hash

4f252523d4af0b478c810c2547a63e19

5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

                                        GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1609033
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51fcO375jD6rDp6NxDD9ViAxLrJUdbp6F2cHXDLkim7MHsdfNBIM3N6btyfp0lfgoSQj5N5VpasMd0%2B4r5blqSc5vFKHTFPGkLwbI3qAMZiKJIVg6myEGhc8%2FQmjVY2yo5kuvsY9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f93a598eb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js

104.17.24.14

200 OK

2503

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (542)

Size

2503
Hash

0541a99b03ee94c76058b1cd6c513dd6

5d452a217471e82f5dd5e6458a4213adb449570e

2695782169edff0e1140a90841dd0d391b2bab2ee69f2750143d2242328473f6

HTTP Headers

                                        GET /ajax/libs/jStorage/0.4.12/jstorage.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2503
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ebe-1e97"
last-modified: Mon, 04 May 2020 16:11:42 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14832951
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YZbgVChAW%2Fjlswq5YeltUKrp%2FhVmnuHyj5wmlmCwbhaGnN55kK2%2FmFPfh2CPNCpni9oyOZS1oi3VpYllkJ1NEqQjp0J%2FuCyJHS8hAkhTiWl10%2FG7aPHyD3wPAnIqWCmYtrOVM82"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f93a6991b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js

104.17.24.14

200 OK

44324

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/video.js/5.20.3/video.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (31992)

Size

44324
Hash

f00be214a18463aa5a0170a86d91c053

0f0d3f3e1f5b7eea663b3136cfcf008a10ff16b9

9a5ec16844f854598c750b8fcc04c512598bbe7f5e8d3dbff3bc0a72ffdd3b7b

HTTP Headers

                                        GET /ajax/libs/video.js/5.20.3/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 44324
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401e-3d5fb"
last-modified: Mon, 04 May 2020 16:17:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 28232304
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FnRqhfx5Q8At2epOQQmYcbYkqPFSEnjSH2z74HuEMELv4dk9f6qwLC7Jpg1mnA59TY%2FGqN0nKLqfTzcqK2CNEOxmHk4Lg9FDp0h2%2BpWNLoytqKc2bGxp2LRbicqpLUPuvVE59rv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f93a699cb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js

104.17.24.14

200 OK

1235

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js
IP

104.17.24.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (3133)

Size

1235
Hash

17f3b64e625c59c9ca14eb30b54129ab

103a9dee054ca03cbc07b313036a8f73aff4dbb0

16cc395fd6549e525bdf4da2ae41bca4a091c1eac67f1480ac0c36dae1bf4244

HTTP Headers

                                        GET /ajax/libs/json2/20160511/json2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1235
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec8-c63"
last-modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1099821
expires: Fri, 24 May 2024 14:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEOdKYr6mFzl1OlXG5V19t2yOlHVucSQBOpar8cgYCXV7hAK30IoBmyy%2BDnzupveLwHJuwI447gChmQbwHt5jjeHpxsNYAj48kyP0biDXU0YojZtr7upAWmK7MOqHODA6lbzeb2w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d20f93a69a7b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads.js

185.94.237.64

301 Moved Permanently

178

URL GET HTTP/1.1

poweredby.jads.co/js/jads.js
IP

185.94.237.64:443
ASN

#42567 Mojohost B.v.

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerSectigo Limited

Subject*.jads.co

Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB

ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

178
Hash

cd2e0e43980a00fb6a2742d3afd803b8

81ffbd1712afe8cdf138b570c0fc9934742c33c1

bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

                                        GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Jun 2023 14:47:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48412

URL GET HTTP/2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data

Size

48412
Hash

31a8297826cdcea344698ff952694a7f

4fa1ee4c471d1c05e9141855eec5ee09b898d594

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

                                        GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avgle.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 269898
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads2.js

185.94.237.64

200 OK

1719

URL GET HTTP/1.1

poweredby.jads.co/js/jads2.js
IP

185.94.237.64:443
ASN

#42567 Mojohost B.v.

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerSectigo Limited

Subject*.jads.co

Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB

ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (3758), with no line terminators

Size

1719
Hash

bc8141c4650030c41f6a98026b12ce80

af5618f7e467a207d4c64627be580283ab5640cd

5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

HTTP Headers

                                        GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avgle.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Jun 2023 14:47:53 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Apr 2023 20:12:17 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"6442ee21-eae"
Content-Encoding: gzip

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.106

200 OK

851

URL GET HTTP/3

fonts.googleapis.com/css?family=Open+Sans:400,700
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

gzip compressed data, max compression\012- data

Size

851
Hash

428203c232d1eb2a19f74721e70fc713

95363b856934e070619eefc57299e06247c88c45

527e63f39bdb5b7022758821b0e38a10e479c68f4fbbe32a6991647f7ae4a69b

HTTP Headers

                                        GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 14:47:52 GMT
date: Sun, 04 Jun 2023 14:47:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

restroomcalf.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js

173.233.137.52

403 Forbidden

URL GET HTTP/1.1

restroomcalf.com/67/1d/ba/671dbadbf37814e321f252eac8aa2500.js
IP

173.233.137.52:443
ASN

#7979 SERVERS-COM

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerLet's Encrypt

Subjectrestroomcalf.com

FingerprintA4:E5:0D:D9:A5:B2:C6:2E:4B:90:CA:9A:C1:83:9C:7B:35:9C:2C:E7

ValidityThu, 11 May 2023 06:37:30 GMT - Wed, 09 Aug 2023 06:37:29 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /67/1d/ba/671dbadbf37814e321f252eac8aa2500.js HTTP/1.1
Host: restroomcalf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sun, 04 Jun 2023 14:47:53 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

avgle.com/templates/frontend/videojs-sublime.css

188.114.96.1

200 OK

49642

URL GET HTTP/3

avgle.com/templates/frontend/videojs-sublime.css
IP

188.114.96.1:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintCE:07:3A:72:AF:6A:F1:D6:86:8C:8E:1E:E3:DA:9C:31:EC:40:FA:15

ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (5246), with no line terminators

Size

49642
Hash

22a5120e65c7521c24dfd7fae55e119b

e6c555398c44dce647600fe6462fa2cbb88237fb

21bef7ffdc525dca19ece56397168946b141d181339885f4d38fe1117886a108

HTTP Headers

                                        GET /templates/frontend/videojs-sublime.css HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/embed/d0de89b38ff408f49f39
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:52 GMT
content-type: text/css
cache-control: max-age=5184000
cf-bgj: minify
cf-polished: origSize=7966
etag: W/"5efef354-1f1e"
expires: Sat, 27 May 2023 22:22:32 GMT
last-modified: Fri, 03 Jul 2020 08:59:00 GMT
servedby: n1
cf-cache-status: HIT
age: 4118274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJshxs6QkxkG3e2FMCQhZ5ssbiV2%2Bwu61NPbNjy2zqadz90h8zZYTc9csF4zdIyXpWYc1PT3GVGMfFJB3m1xmMKR6giuIXmjt9Mbpj0301sFC5hBI6uzVL%2BETL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d20f9393aebb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

avgle.com/templates/frontend/bright-blue/fonts/glyphicons-halflings-regular.woff

188.114.96.1

200 OK

23320

URL GET HTTP/3

avgle.com/templates/frontend/bright-blue/fonts/glyphicons-halflings-regular.woff
IP

188.114.96.1:443
ASN

#13335 CLOUDFLARENET

Requested by

https://avgle.com/embed/d0de89b38ff408f49f39
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintCE:07:3A:72:AF:6A:F1:D6:86:8C:8E:1E:E3:DA:9C:31:EC:40:FA:15

ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT

Magic

Web Open Font Format, TrueType, length 23320, version 1.0\012- data

Size

23320
Hash

68ed1dac06bf0409c18ae7bc62889170

22037a3455914e5662fa51a596677bdb329e2c5c

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

HTTP Headers

                                        GET /templates/frontend/bright-blue/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://avgle.com/templates/frontend/bright-blue/css/bootstrap.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:53 GMT
content-type: application/font-woff
content-length: 23320
last-modified: Fri, 03 Jul 2020 08:59:00 GMT
etag: "5efef354-5b18"
servedby: n3
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2asAG%2BViveWMTsTW8Wuyl9PQSDnPNKiTfv%2BzC%2BtA1S0Q6mYCRx0turOqovkgGQ9MRKzEntDvRXybK4NGRseJX54JkH4X0TSio59oBXwOKHjnundLXvoAgmlVn9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d20f93d5966b50f-OSL
alt-svc: h3=":443"; ma=86400

94ero.com/css/v2.min.css?4

104.21.16.154

200 OK

20009

URL GET HTTP/3

94ero.com/css/v2.min.css?4
IP

104.21.16.154:443
ASN

#13335 CLOUDFLARENET

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject94ero.com

Fingerprint44:05:0E:27:19:F9:FA:1A:0A:9A:6C:92:A5:A2:2E:F7:05:75:6E:43

ValiditySat, 06 May 2023 10:23:43 GMT - Fri, 04 Aug 2023 10:23:42 GMT

Magic

ASCII text, with very long lines (2609), with no line terminators

Size

20009
Hash

42b1884b490aa02c4dcd437e8bd073ff

b8c672458bb5385a4ac08c903ed7eb006e56c444

ffe3b7f007a7584e16169e89a6fc0031bdf52b6eb6029c8fbccec238e719b483

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /css/v2.min.css?4 HTTP/1.1
Host: 94ero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/videos/5105
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:51 GMT
content-type: text/css
last-modified: Fri, 15 Dec 2017 10:05:19 GMT
etag: W/"5a339e5f-a31"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-cache-status: HIT
age: 2378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0uWjk2c2s1qDvBtdF7uc9AKEOfPTi4VuykicppcjdS5tRBJ2Yiy79yeVPwzwYFEgE1Zpvgxtf72A%2FwDG%2BwWSK27%2FKEE%2FXT%2BMyV51IMsj%2BK2Vd7oyg%2BYoBm7AO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d20f9336ee0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js

142.250.74.67

200 OK

166186

URL GET HTTP/2

www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js
IP

142.250.74.67:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

ASCII text, with very long lines (749)

Size

166186
Hash

ee07ba65373413be83ec0d45887c2a44

13646acedb5d781fed2599c46634b4e58b8217db

d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048

HTTP Headers

                                        GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://94ero.com
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 13:34:38 GMT
expires: Fri, 31 May 2024 13:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 263595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.medfoodsafety.com/i?tid=d674d17d-333c-4638-982c-264916560953&cf=afhehi00gb

172.64.138.21

200 OK

URL GET HTTP/3

a.medfoodsafety.com/i?tid=d674d17d-333c-4638-982c-264916560953&cf=afhehi00gb
IP

172.64.138.21:443
ASN

#13335 CLOUDFLARENET

Requested by

https://a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F5105&title=94ERO%20%E9%AC%BC%E9%80%9D%E3%81%8D%20-%20%E5%B0%8F%E7%94%B0%E5%88%87%E3%81%82%E3%82%8A%E3%81%95%20Tokyo-Hot%20n1226-
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint90:FD:DB:96:7B:D5:FA:AA:DA:06:53:8B:D3:A1:8D:E4:05:52:DE:5A

ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT

Magic

ASCII text, with no line terminators

Size

60
Hash

cea81d6017b53c6c7bd076407db21a0a

063acf4f87ec5b0c7f9631779c264ee045945c52

1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154

HTTP Headers

                                        GET /i?tid=d674d17d-333c-4638-982c-264916560953&cf=afhehi00gb HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.medfoodsafety.com/loader?a=4788326&v=2&t=2&s=4778569&p=10777&if=false&url=https%3A%2F%2F94ero.com%2Fvideos%2F5105&title=94ERO%20%E9%AC%BC%E9%80%9D%E3%81%8D%20-%20%E5%B0%8F%E7%94%B0%E5%88%87%E3%81%82%E3%82%8A%E3%81%95%20Tokyo-Hot%20n1226-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sun, 04 Jun 2023 14:47:53 GMT
content-type: image/gif
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPmKSwWZs38VQN3aUzKdQLMj9LUZ2heeNtarsbGgiyLU408v4gHDfiDC6v0hSl2q8wM%2BK4IFHjBidHCP99W3qUZdemxnIRKZo3t%2Bu2zROaxVMiTiczW7qQ%2BIEOc4u2td9Ks4vlBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d20f93d081cbc9d-LHR
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Montserrat

142.250.74.106

200 OK

112550

URL GET HTTP/2

fonts.googleapis.com/css?family=Montserrat
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Requested by

https://94ero.com/videos/5105
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

gzip compressed data, max compression\012- data

Size

112550
Hash

84cdf3a0c55ba9517ac830e4bcebe478

c115bc170d2f0de647fe6891c779aa782bf63917

5bf4f0e5d083b29b5f3e07d970525e02539f4a01c88c98f079c971ce7648fbb4

HTTP Headers

                                        GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94ero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 14:47:51 GMT
date: Sun, 04 Jun 2023 14:47:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn3.medfoodsafety.com/0f/27/55700/00000280308.gif

172.64.138.21

200 OK

114490

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (66)

#1 JS:Script (size: 3758)

#2 JS:Script (size: 37045)

#3 JS:Script (size: 125264)

#4 JS:Script (size: 7621)

#5 JS:Script (size: 47)

#6 JS:Script (size: 147)

#7 JS:Script (size: 5219)

#8 JS:Script (size: 79)

#9 JS:Script (size: 10559)

#10 JS:Script (size: 4691)

#11 JS:Script (size: 3690)

#12 JS:Script (size: 37)

#13 JS:Script (size: 308)

#14 JS:Script (size: 4730)

#15 JS:Script (size: 1684)

#16 JS:Script (size: 2213)

#17 JS:Script (size: 42135)

#18 JS:Script (size: 9017)

#19 JS:Script (size: 99)

#20 JS:Script (size: 41)

#21 JS:Script (size: 159)

#22 JS:Script (size: 15160)

#23 JS:Script (size: 103)

#24 JS:Script (size: 452)

#25 JS:Script (size: 251387)

#26 JS:Script (size: 4196)

#27 JS:Script (size: 1544)

#28 JS:Script (size: 2652)

#29 JS:Script (size: 3314)

#30 JS:Script (size: 9)

#31 JS:Script (size: 153)

#32 JS:Script (size: 254)

#33 JS:Script (size: 1303)

#34 JS:Script (size: 689)

#35 JS:Script (size: 32)

#36 JS:Script (size: 368)

#37 JS:Script (size: 3171)

#38 JS:Script (size: 10638)

#39 JS:Script (size: 451)

#40 JS:Script (size: 416797)

#41 JS:Script (size: 368)

#42 JS:Script (size: 92)

#43 JS:Script (size: 16896)

#44 JS:Script (size: 1022)

#45 JS:Script (size: 97163)

#46 JS:Script (size: 7831)

#47 JS:Script (size: 430)

#48 JS:Script (size: 31819)

#49 JS:Script (size: 352173)

#50 JS:Script (size: 227030)

#51 JS:Script (size: 109)

#52 JS:Script (size: 6)

#53 JS:Script (size: 324)

#54 JS:Script (size: 4179)

#55 JS:Script (size: 0)

#56 JS:Script (size: 145219)