www.file-upload.com/wt5wpht3gpbf
188.114.97.1200 OK 5.6 kB URL HTTP/1.1 www.file-upload.com/wt5wpht3gpbf
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (842)
Hash 11f2f093026d919dd1a64746286a4c40
434043c2fea0c00803d0c5e573cd8d1b0689e77b
615f0c09ac465e9a3382b46e513936bf4f61f3452aa17199c6b57745b2aca460
GET /wt5wpht3gpbf HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0;includeSubDomains;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Fri, 02 Dec 2022 09:25:17 GMT
Set-Cookie: lang=english; domain=.file-upload.com; path=/
aff=531477; domain=.file-upload.com; path=/; expires=Sat, 17-Dec-2022 09:25:17 GMT
X-Cache: HIT from Backend
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIMa4KWYLorDvEXzz64BWlcKKDvHiy7b2zaITW8hChU4i1eFL3LdRe9CYDDNyPfoSUlvK3g%2B8kipC5eFXas%2BYXL05Rr7kEMYkYmqYNVRLyGuIVQyTK2RwUb7M0L5%2F5TYXpn%2F7q0s"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773b4112bb700b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7326
Expires: Sat, 03 Dec 2022 11:27:24 GMT
Date: Sat, 03 Dec 2022 09:25:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 197
Cache-Control: max-age=90554
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:34:32 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 09:18:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 423
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2912
Expires: Sat, 03 Dec 2022 10:13:50 GMT
Date: Sat, 03 Dec 2022 09:25:18 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aXLOJBxjhhF56a2BjzemT6Y/Dbslili1ewntRsn7WNtjViAdC0z9wMExu7Rx+q75jU5xj6CzQxM=
x-amz-request-id: DPQ93JW8Y6PTVCBT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 08:47:03 GMT
age: 2295
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
188.114.97.1200 OK 3.9 kB URL HTTP/1.1 www.file-upload.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/wt5wpht3gpbf
Cookie: lang=english; aff=531477
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:31:41 GMT
ETag: W/"6387a18d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24A6ZzwUiBINJr7yJcfJtzgzEInNYVxl63t1OkdIkjcFmAqGG%2FNIk2xz6fo6xkhNFf4xo%2FjCLqFWWOjVnoAz57owm%2B8tWkMu6jbR0yjDNGxHMlQiwRKDWHLyxKSt4qsovSYe15U6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773b41162e570b39-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 05 Dec 2022 09:25:18 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 057f21ba520f0fec0a9130a72e7af174
80f0bca6454e84e996ec75cbe56bfe91b700c8a8
99ed6ddb48e59a4ec8ad6c85543c6c8dc8e7faef713854be28403a0a5b3d81ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 96
Cache-Control: max-age=153051
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Etag: "638ac879-117"
Expires: Mon, 05 Dec 2022 03:56:09 GMT
Last-Modified: Sat, 03 Dec 2022 03:54:33 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 057f21ba520f0fec0a9130a72e7af174
80f0bca6454e84e996ec75cbe56bfe91b700c8a8
99ed6ddb48e59a4ec8ad6c85543c6c8dc8e7faef713854be28403a0a5b3d81ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1084
Cache-Control: max-age=154039
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Etag: "638ac879-117"
Expires: Mon, 05 Dec 2022 04:12:37 GMT
Last-Modified: Sat, 03 Dec 2022 03:54:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 057f21ba520f0fec0a9130a72e7af174
80f0bca6454e84e996ec75cbe56bfe91b700c8a8
99ed6ddb48e59a4ec8ad6c85543c6c8dc8e7faef713854be28403a0a5b3d81ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3137
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Last-Modified: Sat, 03 Dec 2022 08:33:01 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 057f21ba520f0fec0a9130a72e7af174
80f0bca6454e84e996ec75cbe56bfe91b700c8a8
99ed6ddb48e59a4ec8ad6c85543c6c8dc8e7faef713854be28403a0a5b3d81ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5729
Cache-Control: max-age=158684
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Etag: "638ac879-117"
Expires: Mon, 05 Dec 2022 05:30:02 GMT
Last-Modified: Sat, 03 Dec 2022 03:54:33 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 279
www.file-upload.com/mngez/images/anti2.png
188.114.97.1200 OK 641 B URL HTTP/2 www.file-upload.com/mngez/images/anti2.png
IP 188.114.97.1:0
File type PNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 722859ca75e68c14f4d803e76f846b92
0a00fa9439d602f40e3acd72dfb08b2f89c3fa2f
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
GET /mngez/images/anti2.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: image/png
content-length: 641
cache-control: max-age=315360000
cf-bgj: csam-hash
etag: "5c26aa0b-281"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 28 Dec 2018 22:56:11 GMT
cf-cache-status: HIT
age: 49812210
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPn9XoUlf8Vo1xwbBCZcBwHk0v1j2v6u6%2B57KJWLerDKq2boCJ6YeMX7gxVPT0aPwRs16cEYTwaMv1i7%2BF4vsYe9kNHZNSrnabTNw8FK%2FIeeGBvesIpERMXdzVrW8AeSE9mD4RNW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b4116889c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
151.139.128.10200 OK 4.5 kB URL HTTP/1.1 images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
IP 151.139.128.10:0
File type PNG image data, 135 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash b0e239fa4ddfbcdf08cbcb34a13b2a0f
957fdb58c09d85e41cc6a6ea134a9365adee4ec9
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
GET /Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:18 GMT
Content-Type: image/png
Last-Modified: Thu, 02 Jun 2011 03:26:26 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Cache-Control: public,max-age=31536000
ETag: "0abbdbd420cc1:0"
X-Powered-By: ASP.NET
X-HW: 1670059518.cds253.sk1.h2,1670059518.cds246.sk1.c
Link: <http://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 4535
www.file-upload.com/mngez/css/app.css?v=1
188.114.97.1200 OK 42 kB URL HTTP/2 www.file-upload.com/mngez/css/app.css?v=1
IP 188.114.97.1:0
File type ASCII text, with very long lines (34584)
Hash 8b421dc0e0d32b33ccd7b516018f9a05
d28d13e82ccb6b8a7de8a19c7f1c11cc6c041f7c
c56b14f89960d33bdaae6556c26067180fcd94d8b4afedf2a94a3978053ef591
GET /mngez/css/app.css?v=1 HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=253169
etag: W/"5cd288a6-3dcf1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 08 May 2019 07:43:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49812569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwA06HS94RYZTiGPRknAOFOtJRsdDIc19BEOVZCvk%2FmEe%2BpmwPCeB4PfHuFUbS8Q6jwN9XYwb63D0qHC35K%2BygWXmf5yUOrnGzuT04%2FNRDCZc7K%2FNVpL8o62C%2FbFPhcebIwWr5w6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b411688920b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
54.230.245.209200 OK 50 kB URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/?xrdad=888399
IP 54.230.245.209:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash d99c248a3088604f20a8fcc5ed77568e
6dab666b1674cfbab2cf3b354eb82092710e2512
84b1629287fe16c85ce6dc979feab06865133465aba507f25b730c94ec677231
GET /?xrdad=888399 HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Content-Length: 50256
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kkv1kI81tDMI9LF8fwgdfWnlIEHWRVcqygcMSL_EAEPkKCQHkwVyCw==
www.file-upload.com/mngez/images/anti1.png
188.114.97.1200 OK 27 kB URL HTTP/2 www.file-upload.com/mngez/images/anti1.png
IP 188.114.97.1:0
File type PNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 390c3fb6229ac3eefd2b21021cbce027
44b07fa61a3dbe8b918c2ebce69d82a1abaa00d5
8776e3cd7b0f956efac78858c884e34bc2fa31458ba2ef525a2240aff6d68f3f
GET /mngez/images/anti1.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 28 Dec 2018 22:57:30 GMT
etag: W/"4aae-57e1cfcdbca80"
cache-control: public, max-age=31536000
expires: Mon, 13 Jun 2022 22:59:53 GMT
x-cache: HIT from Backend
cf-cache-status: HIT
age: 15503125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQpp8MEgGuAccw995KBaXs5f0g1PjWn%2FHi%2Ff7jT3c6U560wo9MaST6KTyB%2Bgf0ZQLnPp2Lazm7hbzu1YYSmd3sDNt5fYDl47GqjADyh09v39on8vF%2F%2BbsCrcf7lDymiJBheeLGCo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b411688980b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.file-upload.com/assets/images/logo_new.png
188.114.97.1200 OK 11 kB URL HTTP/2 www.file-upload.com/assets/images/logo_new.png
IP 188.114.97.1:0
File type PNG image data, 388 x 100, 8-bit colormap, non-interlaced\012- data
Hash bd84bc6916156c54b9a690e11c7f4793
38fef44f98efd8f5030588f95371ca041547b498
65c5dbae6fb128c5e8743b457d8b86fb3511400c564a465d5cab8854c04c4222
GET /assets/images/logo_new.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
etag: W/"c8f-57a3a191435c0"
cache-control: public, max-age=31536000
expires: Mon, 13 Jun 2022 22:20:06 GMT
x-cache: HIT from Backend
cf-cache-status: HIT
age: 15505512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEhOqj4h7wWpgAWNHk8m652VIGJfH%2Bm7l6S331YM0PjlDvPE0iei5Z834NpnycqFTnx%2B%2FxeMZTL9CZaJMQ2XVoKd5dwMvzjK93P3b%2BBoWQGRwlTUiYMS41oqLay%2FysfgQ1z%2BuYRV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b411688970b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 980
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
IP 142.250.74.131:0
Hash 6fbd6c392b04f319191b3f1322daa769
c2e946297be984fd55435c23e0a911669601bf12
3718bc0c6b6a3a0f838c104433990c3ca7d3a88dc3b87b34d20ad059afc0533f
POST /s/gts1p5/rwhsVIQts8w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash af6966871274e1a0151e5dcbbb62e9f3
d2e886ca49c3a6b96efa072956315557af932c97
abfb207288ff59d1752748526758c0bdd0060987d9b34f054280b14041d129fa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 19:59:30 GMT
Expires: Fri, 09 Dec 2022 19:59:29 GMT
Etag: "d2e886ca49c3a6b96efa072956315557af932c97"
Cache-Control: max-age=555850,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b411918040b02-OSL
airsanguages.com/NjMwQ25XUVMuUVcOUmUbRF8NZlxwFgIFCgQFUSccTgpTcAAGXkFtDVpcRScIRFxeN0BYVkRmXHALUhcodWZkGiFuWkdwLWRfaQkDQXxmEgJOUnF2ImFJdWZcdGRycyN0Z3olKARQWw4FDltmAj9ednIvInxeRwQ9BwNaE19wYnY6DRMBdhU4d3JqByxld0c7XFIDeSc2X19DFSxecX06OFV7ATBafFtxGjt+CwgUPFJqfClfbmBxDitscVgnKH5xWAsGRmp8BzhsdFsJAG9EaQc8YVdaAQJBcVIEK2JrXg0Ab0RpIjl1S14CBVFwcQs/c2tlL15sYX4mDQQeVCksXgp4GVx8AGgCKAVVRxkrcHtyKztnW2MIOgJnaHAKQWphJwp3a34rLAZUdCAEUlV4cj9dY1t2J3dEYiQsWlRWIABSd2UCLxBZQywARg53IAdMZVYgF3pWdjM
143.204.55.57200 OK 1.2 kB URL HTTP/1.1 airsanguages.com/NjMwQ25XUVMuUVcOUmUbRF8NZlxwFgIFCgQFUSccTgpTcAAGXkFtDVpcRScIRFxeN0BYVkRmXHALUhcodWZkGiFuWkdwLWRfaQkDQXxmEgJOUnF2ImFJdWZcdGRycyN0Z3olKARQWw4FDltmAj9ednIvInxeRwQ9BwNaE19wYnY6DRMBdhU4d3JqByxld0c7XFIDeSc2X19DFSxecX06OFV7ATBafFtxGjt+CwgUPFJqfClfbmBxDitscVgnKH5xWAsGRmp8BzhsdFsJAG9EaQc8YVdaAQJBcVIEK2JrXg0Ab0RpIjl1S14CBVFwcQs/c2tlL15sYX4mDQQeVCksXgp4GVx8AGgCKAVVRxkrcHtyKztnW2MIOgJnaHAKQWphJwp3a34rLAZUdCAEUlV4cj9dY1t2J3dEYiQsWlRWIABSd2UCLxBZQywARg53IAdMZVYgF3pWdjM
IP 143.204.55.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3042), with no line terminators
Hash b4d8c956f07b9fd095da61b7e9bb0274
7495638d37c53e84d16bbf4471a2388e5a9d7360
711c2cb61e5dcc8648c511b9fed0b397447315eb2de81b28e226b8b2b6db3467
GET /NjMwQ25XUVMuUVcOUmUbRF8NZlxwFgIFCgQFUSccTgpTcAAGXkFtDVpcRScIRFxeN0BYVkRmXHALUhcodWZkGiFuWkdwLWRfaQkDQXxmEgJOUnF2ImFJdWZcdGRycyN0Z3olKARQWw4FDltmAj9ednIvInxeRwQ9BwNaE19wYnY6DRMBdhU4d3JqByxld0c7XFIDeSc2X19DFSxecX06OFV7ATBafFtxGjt+CwgUPFJqfClfbmBxDitscVgnKH5xWAsGRmp8BzhsdFsJAG9EaQc8YVdaAQJBcVIEK2JrXg0Ab0RpIjl1S14CBVFwcQs/c2tlL15sYX4mDQQeVCksXgp4GVx8AGgCKAVVRxkrcHtyKztnW2MIOgJnaHAKQWphJwp3a34rLAZUdCAEUlV4cj9dY1t2J3dEYiQsWlRWIABSd2UCLxBZQywARg53IAdMZVYgF3pWdjM HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1191
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UJYLN7cCSr1wosjKItJffouKRhkL0fDCwKn3tbFwwBUoEfiBJ5ADzA==
ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
IP 142.250.74.131:0
Hash 6fbd6c392b04f319191b3f1322daa769
c2e946297be984fd55435c23e0a911669601bf12
3718bc0c6b6a3a0f838c104433990c3ca7d3a88dc3b87b34d20ad059afc0533f
POST /s/gts1p5/rwhsVIQts8w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
airsanguages.com/NXVMdEVUFy8ZelRILlIwRxlxUXdzUH4yIQdDLRA3TUwvRysFGD1aJlkaORAjRxoiAGtbEDhRd3MeLzwTQCALLRFyEg1GEmQkLzcoBBAfMT1vLyA2En0NfFF3czYNNgx9HAomF1IgATksdC0BIC5+NB0bdX8tFScGXTMYLQB0Fgo1BAYifS0UdDECFhRjOBw6BGc7HSEiXjMkTCBgDwUgBHQkLTstZBQIDCkHMDQyDHQPdBcCZx4PORB7NgFFMRBHDiIpYz0UGiJnMh4HDmUNCTAQcw0rNwRnJBQzB20kCgAgUSMZDRBzDSsxF14XGzMXcSQ2EAlsGRU9FARYPEUTYT8dLAJ0IA4YB1EwGhAEZDAOExEEIwQsL1YxCQxxdxEaJXdnRHkcE143CSwoczEdHxB8Oh4lE3ACCRsUBTw2LHd3IRQfE3w/GgAHEx8/GytFSDwFcgMFLhYDUjEbLiJPNAc
143.204.55.57200 OK 1.2 kB URL HTTP/1.1 airsanguages.com/NXVMdEVUFy8ZelRILlIwRxlxUXdzUH4yIQdDLRA3TUwvRysFGD1aJlkaORAjRxoiAGtbEDhRd3MeLzwTQCALLRFyEg1GEmQkLzcoBBAfMT1vLyA2En0NfFF3czYNNgx9HAomF1IgATksdC0BIC5+NB0bdX8tFScGXTMYLQB0Fgo1BAYifS0UdDECFhRjOBw6BGc7HSEiXjMkTCBgDwUgBHQkLTstZBQIDCkHMDQyDHQPdBcCZx4PORB7NgFFMRBHDiIpYz0UGiJnMh4HDmUNCTAQcw0rNwRnJBQzB20kCgAgUSMZDRBzDSsxF14XGzMXcSQ2EAlsGRU9FARYPEUTYT8dLAJ0IA4YB1EwGhAEZDAOExEEIwQsL1YxCQxxdxEaJXdnRHkcE143CSwoczEdHxB8Oh4lE3ACCRsUBTw2LHd3IRQfE3w/GgAHEx8/GytFSDwFcgMFLhYDUjEbLiJPNAc
IP 143.204.55.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash c39b2f412bc835bc56ff51b7b4388edd
ed6a78df1996148c6a322c56da391ecaace1dd52
95f221e64e9b7347a7b1c54dfd1900fa1b7a1a1462478641859038581a226bbd
GET /NXVMdEVUFy8ZelRILlIwRxlxUXdzUH4yIQdDLRA3TUwvRysFGD1aJlkaORAjRxoiAGtbEDhRd3MeLzwTQCALLRFyEg1GEmQkLzcoBBAfMT1vLyA2En0NfFF3czYNNgx9HAomF1IgATksdC0BIC5+NB0bdX8tFScGXTMYLQB0Fgo1BAYifS0UdDECFhRjOBw6BGc7HSEiXjMkTCBgDwUgBHQkLTstZBQIDCkHMDQyDHQPdBcCZx4PORB7NgFFMRBHDiIpYz0UGiJnMh4HDmUNCTAQcw0rNwRnJBQzB20kCgAgUSMZDRBzDSsxF14XGzMXcSQ2EAlsGRU9FARYPEUTYT8dLAJ0IA4YB1EwGhAEZDAOExEEIwQsL1YxCQxxdxEaJXdnRHkcE143CSwoczEdHxB8Oh4lE3ACCRsUBTw2LHd3IRQfE3w/GgAHEx8/GytFSDwFcgMFLhYDUjEbLiJPNAc HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1199
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vwhomKLSjIxYNo7g4T3hYkS7VPRiKnHT32z41lWy6JvepnKCl_HlrA==
ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
IP 142.250.74.131:0
Hash 6fbd6c392b04f319191b3f1322daa769
c2e946297be984fd55435c23e0a911669601bf12
3718bc0c6b6a3a0f838c104433990c3ca7d3a88dc3b87b34d20ad059afc0533f
POST /s/gts1p5/rwhsVIQts8w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
IP 142.250.74.131:0
Hash 6fbd6c392b04f319191b3f1322daa769
c2e946297be984fd55435c23e0a911669601bf12
3718bc0c6b6a3a0f838c104433990c3ca7d3a88dc3b87b34d20ad059afc0533f
POST /s/gts1p5/rwhsVIQts8w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
airsanguages.com/ZTc0STkEVVckBgQKVm9MF1sJbAsjEgYPXVcBVS1LHQ5XeldVWkVnWglYQS1fF1haPRcLUkBsCyNPUCJ3D1UFAG8pdgQDWzR+RQsIL0VmAX83YFkPaC5ldQhpJG0Re3siQFsYewtYYw1+PGVRIFoqbmIICiJmQD9rCGJkDVMSZVIibC5ndh8cV3VhIlIfcl0PXDIEZQp0EkBxK0E0BXExDQh/cAxzI2RiGHcCfWcZQQ4Cdy50QAV2Dws/ZX8eXTxUBBNdPFsAeXoCcgYObTRmZyR7IntmLXI8cm4wbFVxXRwKJF9nJHsieXUmez9yfiRsJgYHG3EoVWMeYzFUd2R/Lm5xEEEjYkQhd1Z9YB5XHXBVImMBblwMVCR2ZXBsVnJYEW4vf1d4dwBuXy1UMGEMeXEfcnMKbVV4biV8FW4EEwsxYQ15eFYCZ29TFlhaOQQdUnY5ABBUAC4AIVYH
143.204.55.57200 OK 1.2 kB URL HTTP/1.1 airsanguages.com/ZTc0STkEVVckBgQKVm9MF1sJbAsjEgYPXVcBVS1LHQ5XeldVWkVnWglYQS1fF1haPRcLUkBsCyNPUCJ3D1UFAG8pdgQDWzR+RQsIL0VmAX83YFkPaC5ldQhpJG0Re3siQFsYewtYYw1+PGVRIFoqbmIICiJmQD9rCGJkDVMSZVIibC5ndh8cV3VhIlIfcl0PXDIEZQp0EkBxK0E0BXExDQh/cAxzI2RiGHcCfWcZQQ4Cdy50QAV2Dws/ZX8eXTxUBBNdPFsAeXoCcgYObTRmZyR7IntmLXI8cm4wbFVxXRwKJF9nJHsieXUmez9yfiRsJgYHG3EoVWMeYzFUd2R/Lm5xEEEjYkQhd1Z9YB5XHXBVImMBblwMVCR2ZXBsVnJYEW4vf1d4dwBuXy1UMGEMeXEfcnMKbVV4biV8FW4EEwsxYQ15eFYCZ29TFlhaOQQdUnY5ABBUAC4AIVYH
IP 143.204.55.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash 88b159d18100e97bb794fe05a422cd3f
5daa0175a03c0e908a7b8106cebf0dd48fde5977
f7d5f6ea1c517b73bf7e7f2201b54d71998293ff842b7a956b240eeaec2d12ff
GET /ZTc0STkEVVckBgQKVm9MF1sJbAsjEgYPXVcBVS1LHQ5XeldVWkVnWglYQS1fF1haPRcLUkBsCyNPUCJ3D1UFAG8pdgQDWzR+RQsIL0VmAX83YFkPaC5ldQhpJG0Re3siQFsYewtYYw1+PGVRIFoqbmIICiJmQD9rCGJkDVMSZVIibC5ndh8cV3VhIlIfcl0PXDIEZQp0EkBxK0E0BXExDQh/cAxzI2RiGHcCfWcZQQ4Cdy50QAV2Dws/ZX8eXTxUBBNdPFsAeXoCcgYObTRmZyR7IntmLXI8cm4wbFVxXRwKJF9nJHsieXUmez9yfiRsJgYHG3EoVWMeYzFUd2R/Lm5xEEEjYkQhd1Z9YB5XHXBVImMBblwMVCR2ZXBsVnJYEW4vf1d4dwBuXy1UMGEMeXEfcnMKbVV4biV8FW4EEwsxYQ15eFYCZ29TFlhaOQQdUnY5ABBUAC4AIVYH HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1193
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LC8DC0HiKbk2E3eY1VHsSVwI-xQcH3CAKXIKlHlt8tF5-mJcVv_Fmg==
airsanguages.com/aGEzMGEJA1BdXglcURYUGg0OFVMuRAF2BVpXUlQTEFhQAw9YDEIeAgQORlQHGg5dRE8GBEcVUy4WUXc7WwJJZTErM1hmIgAGY3VRXC9ldlQtMlRIKiwgYlM2EBlRfwoLJ2RJBioxRHUOIjVlZjA6OHBjCiU1cnECMidyWCopGVhhIi5QcnYJDDlmZis6IwNlJSw0XHc2HwZ3dTMYA3BhKzojX2IzKxlUejkpIHh2DTEpeFwvMjBLcgQ+DQt1OSkocHcgOiZgZjMgKWZ2Kz4kV3MjPStkZQoqUmBmMyAjdUciPSR9ZyMBVHdiNCYvZFwrOzB7VCs+JB5TIzlRX2YvAyh1ZzQAKWRYIw03W3E2PgZQejQDJ0loDTImYkc3DDdYajYqUERxKQ8nYnMGAzFlVwIZNwNUJi9QS3EgA1V2FgsbDl1AXCVVAwcvHi0HdCIq
143.204.55.57200 OK 1.2 kB URL HTTP/1.1 airsanguages.com/aGEzMGEJA1BdXglcURYUGg0OFVMuRAF2BVpXUlQTEFhQAw9YDEIeAgQORlQHGg5dRE8GBEcVUy4WUXc7WwJJZTErM1hmIgAGY3VRXC9ldlQtMlRIKiwgYlM2EBlRfwoLJ2RJBioxRHUOIjVlZjA6OHBjCiU1cnECMidyWCopGVhhIi5QcnYJDDlmZis6IwNlJSw0XHc2HwZ3dTMYA3BhKzojX2IzKxlUejkpIHh2DTEpeFwvMjBLcgQ+DQt1OSkocHcgOiZgZjMgKWZ2Kz4kV3MjPStkZQoqUmBmMyAjdUciPSR9ZyMBVHdiNCYvZFwrOzB7VCs+JB5TIzlRX2YvAyh1ZzQAKWRYIw03W3E2PgZQejQDJ0loDTImYkc3DDdYajYqUERxKQ8nYnMGAzFlVwIZNwNUJi9QS3EgA1V2FgsbDl1AXCVVAwcvHi0HdCIq
IP 143.204.55.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3038), with no line terminators
Hash 23dd2482cbfb3d4d28d15fec827cb7b6
fb58caeb7527e3775c1722d9290535386d407b05
7efb322771e9ae3f8b213f2b78573d730e3c3733209d3a1afeffbac0bd57ad33
GET /aGEzMGEJA1BdXglcURYUGg0OFVMuRAF2BVpXUlQTEFhQAw9YDEIeAgQORlQHGg5dRE8GBEcVUy4WUXc7WwJJZTErM1hmIgAGY3VRXC9ldlQtMlRIKiwgYlM2EBlRfwoLJ2RJBioxRHUOIjVlZjA6OHBjCiU1cnECMidyWCopGVhhIi5QcnYJDDlmZis6IwNlJSw0XHc2HwZ3dTMYA3BhKzojX2IzKxlUejkpIHh2DTEpeFwvMjBLcgQ+DQt1OSkocHcgOiZgZjMgKWZ2Kz4kV3MjPStkZQoqUmBmMyAjdUciPSR9ZyMBVHdiNCYvZFwrOzB7VCs+JB5TIzlRX2YvAyh1ZzQAKWRYIw03W3E2PgZQejQDJ0loDTImYkc3DDdYajYqUERxKQ8nYnMGAzFlVwIZNwNUJi9QS3EgA1V2FgsbDl1AXCVVAwcvHi0HdCIq HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1186
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PBw4KETkb-oqo9Cw3KoURNTPvQT6IbaafSTulBN6EoUT8fsA2u_uCA==
airsanguages.com/RGhkYmklCgcPViVVBkQcNgRZR1sCTVYkDXZeBQYbPFEHUQd0BRVMCigHEQYPNgcKFkcqDRBHWwIjBVAzBz5VOyAHOxMaCBZQNCgENB0xDis+CglXJwAsIVYmBhwGJVsROS0mIDAlCTMOEhItNSMFMjE4KgkbIFMdPQswDSIHKzITCgVcLSs+NAYwMwopJjMWDxUsB1AIMzEuLS1wXiYVDSoyNiAMFyAuGzMCHCssPXBcIBUCdSIsLDMSARMICnUEMwFbIFwzUic8LjwsMxICMUdbBiciUzoeWjU3PSg6HS5bBg41USwSC1UOPgkrIhg+BwweOFsKLjIPRDARPiQaBiIeM1AGLSoVLBM6BjRaDgY+Ux0cMlY0BAA5XBUkLikhKgQgBCEkGRMMVw4EEDoqR1sCMgNEAzcHChJUHVoiKT0rDVYpWDQpFg9b
143.204.55.57200 OK 1.2 kB URL HTTP/1.1 airsanguages.com/RGhkYmklCgcPViVVBkQcNgRZR1sCTVYkDXZeBQYbPFEHUQd0BRVMCigHEQYPNgcKFkcqDRBHWwIjBVAzBz5VOyAHOxMaCBZQNCgENB0xDis+CglXJwAsIVYmBhwGJVsROS0mIDAlCTMOEhItNSMFMjE4KgkbIFMdPQswDSIHKzITCgVcLSs+NAYwMwopJjMWDxUsB1AIMzEuLS1wXiYVDSoyNiAMFyAuGzMCHCssPXBcIBUCdSIsLDMSARMICnUEMwFbIFwzUic8LjwsMxICMUdbBiciUzoeWjU3PSg6HS5bBg41USwSC1UOPgkrIhg+BwweOFsKLjIPRDARPiQaBiIeM1AGLSoVLBM6BjRaDgY+Ux0cMlY0BAA5XBUkLikhKgQgBCEkGRMMVw4EEDoqR1sCMgNEAzcHChJUHVoiKT0rDVYpWDQpFg9b
IP 143.204.55.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash dbb20f3e7b5761976925698398ea4fc1
89dacbdddf8d9fa22f8491231b704454df30344f
680dc8ff13ca981e1d3a7b1d32d545a4dcc5828068e90cccb23186a6935ddc78
GET /RGhkYmklCgcPViVVBkQcNgRZR1sCTVYkDXZeBQYbPFEHUQd0BRVMCigHEQYPNgcKFkcqDRBHWwIjBVAzBz5VOyAHOxMaCBZQNCgENB0xDis+CglXJwAsIVYmBhwGJVsROS0mIDAlCTMOEhItNSMFMjE4KgkbIFMdPQswDSIHKzITCgVcLSs+NAYwMwopJjMWDxUsB1AIMzEuLS1wXiYVDSoyNiAMFyAuGzMCHCssPXBcIBUCdSIsLDMSARMICnUEMwFbIFwzUic8LjwsMxICMUdbBiciUzoeWjU3PSg6HS5bBg41USwSC1UOPgkrIhg+BwweOFsKLjIPRDARPiQaBiIeM1AGLSoVLBM6BjRaDgY+Ux0cMlY0BAA5XBUkLikhKgQgBCEkGRMMVw4EEDoqR1sCMgNEAzcHChJUHVoiKT0rDVYpWDQpFg9b HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1182
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:18 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fv97LL4Npp3Nfg3j87_7R9QddrL4xEH0zxNXRSBYTkcmWaZ4cBxmHA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 189
Cache-Control: max-age=171881
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:19 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:10:00 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
waitingpresen.com/MEZJOEQfeSpLeVUQIVUQShQLWRIJY3t6BlsEOW4qRwQabzxVIz51YkQvLQV8CH56AXwWNiBceQFgOkwlRDM6BXUWLydeKw1gPwV1HnV9FncBaHgeMQ13b0w0USF0CWJAMj1UeQFwfgh0BX98CXIHcHg
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/MEZJOEQfeSpLeVUQIVUQShQLWRIJY3t6BlsEOW4qRwQabzxVIz51YkQvLQV8CH56AXwWNiBceQFgOkwlRDM6BXUWLydeKw1gPwV1HnV9FncBaHgeMQ13b0w0USF0CWJAMj1UeQFwfgh0BX98CXIHcHg
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MEZJOEQfeSpLeVUQIVUQShQLWRIJY3t6BlsEOW4qRwQabzxVIz51YkQvLQV8CH56AXwWNiBceQFgOkwlRDM6BXUWLydeKw1gPwV1HnV9FncBaHgeMQ13b0w0USF0CWJAMj1UeQFwfgh0BX98CXIHcHg HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwRfGfNLoZCOInW9uYuYD7zb7HeYe7upDd7o4NNbAYv66%2BcWq6Qjnje8cuQ7%2FzBIgTHvrhgcL0o3vGx4%2BwjTNiFjYHD2pHDtkU9%2FD4C589vO1Lha3k8QqMqoLpxltQ8NA5QWgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119ac2ab4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waitingpresen.com/a1dRUHdEaDIjSgk8aDwWLDsLNSE9NglhQlwBYGUUPB8pAiItJHckHg9qaWhPWG5odgcCM2xjRU0kJTEDHiRsYkdbYHc5GQ04bGJRHWphfk9FZmJ+R00ibGFRHycwN0pacSEkAwdqYGZAW2dkaUJaYWljRQ
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/a1dRUHdEaDIjSgk8aDwWLDsLNSE9NglhQlwBYGUUPB8pAiItJHckHg9qaWhPWG5odgcCM2xjRU0kJTEDHiRsYkdbYHc5GQ04bGJRHWphfk9FZmJ+R00ibGFRHycwN0pacSEkAwdqYGZAW2dkaUJaYWljRQ
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a1dRUHdEaDIjSgk8aDwWLDsLNSE9NglhQlwBYGUUPB8pAiItJHckHg9qaWhPWG5odgcCM2xjRU0kJTEDHiRsYkdbYHc5GQ04bGJRHWphfk9FZmJ+R00ibGFRHycwN0pacSEkAwdqYGZAW2dkaUJaYWljRQ HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKFOLjIiM0o2UGuKsv72PZzMgt4927zt4qnq5f45oaCG2Vz%2FukqpOp9gHS50gmG1XQwPn%2BIIGTFHSYm2d8yfw%2FG1nrPlxr2o6yHsk%2FmUUa3mq3qexcCXZ%2BDh2HvVYekn5loS%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119bc30b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waitingpresen.com/Z1lLc1BIZigAbQMyAgsBVwsJFxEhISgYClUYeCUoNhEONTVUAG0HOQNkc0toVGByVSAOPXZAYkEqPxIkEip2QnYONy0cbUEvdkN+X3d6QH5Xfz5OYUEtOxI3WmhtAyQTNXZCZlBpe0ZpUmh9S2NX
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/Z1lLc1BIZigAbQMyAgsBVwsJFxEhISgYClUYeCUoNhEONTVUAG0HOQNkc0toVGByVSAOPXZAYkEqPxIkEip2QnYONy0cbUEvdkN+X3d6QH5Xfz5OYUEtOxI3WmhtAyQTNXZCZlBpe0ZpUmh9S2NX
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z1lLc1BIZigAbQMyAgsBVwsJFxEhISgYClUYeCUoNhEONTVUAG0HOQNkc0toVGByVSAOPXZAYkEqPxIkEip2QnYONy0cbUEvdkN+X3d6QH5Xfz5OYUEtOxI3WmhtAyQTNXZCZlBpe0ZpUmh9S2NX HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJcLPc8aKEvHmb5NMUfWA9HlQvdyLLwzpLgTM8eRpwfQRyuEJcYb%2BIbyEwHr8nBJEaxN9gaRy4udCd8r5Qpu9CNq9%2BTOJnAyGG1wrj%2BRGIcjJxjwRJBDteIeWFT3Ca%2BnHygJmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119bc31b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waitingpresen.com/ckgyNHJdd1FHTyAyYG0rHgoCdkBHKVN8PzEqA3IfFgkDQiclLxRAGxZ1CgxLRX4EEgIbLA8FVAE8U0AHAXUDEhscLl0JVAR1AxpBRmYBBVxDbkcJQ1Q8QlUVT3kURAYGJA8FREV4AgFLR3kEA0pE
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/ckgyNHJdd1FHTyAyYG0rHgoCdkBHKVN8PzEqA3IfFgkDQiclLxRAGxZ1CgxLRX4EEgIbLA8FVAE8U0AHAXUDEhscLl0JVAR1AxpBRmYBBVxDbkcJQ1Q8QlUVT3kURAYGJA8FREV4AgFLR3kEA0pE
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ckgyNHJdd1FHTyAyYG0rHgoCdkBHKVN8PzEqA3IfFgkDQiclLxRAGxZ1CgxLRX4EEgIbLA8FVAE8U0AHAXUDEhscLl0JVAR1AxpBRmYBBVxDbkcJQ1Q8QlUVT3kURAYGJA8FREV4AgFLR3kEA0pE HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mV5EC7lV7HX%2B1wWTdYcyWEM%2BeJfDJUGwqcTAA%2BhBZ13CL8cgiRFCs1Vp2cF8mVTHa021FfV2nGamVJXC1VZxSizuON2kSrK5u1gZ0nPB8QPzvCr3B8%2FXL%2B7j0C0QrdNvkL8hbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119cc61b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waitingpresen.com/cHFTdENfTjAHfhFDGS4XKBkHIQRBQQAYOyUTPRwBKCcjBiU1SXUAKhRMakZxQkRgUjMZFW5FZQMFMgA2A0xiUioeFzxJZQZMYlpwRF9gRW1BVyZJclYFIxUkTUB1BDcEHW5FdUdBY0F6RUBlTHNB
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/cHFTdENfTjAHfhFDGS4XKBkHIQRBQQAYOyUTPRwBKCcjBiU1SXUAKhRMakZxQkRgUjMZFW5FZQMFMgA2A0xiUioeFzxJZQZMYlpwRF9gRW1BVyZJclYFIxUkTUB1BDcEHW5FdUdBY0F6RUBlTHNB
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cHFTdENfTjAHfhFDGS4XKBkHIQRBQQAYOyUTPRwBKCcjBiU1SXUAKhRMakZxQkRgUjMZFW5FZQMFMgA2A0xiUioeFzxJZQZMYlpwRF9gRW1BVyZJclYFIxUkTUB1BDcEHW5FdUdBY0F6RUBlTHNB HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7CH3f8Wgh%2B5nHT6QGhuKRuJfbiYKrvNIxrIj%2BA%2FhqoTopjWqRyMUd%2B%2FR0D4PO0FtDYaEY31GyHVx69%2F7V25O5AosLihSIFR1S9WIv07VohUvf2rBdXCIKPQ1irbAMz2OASO7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119dc8cb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waitingpresen.com/andlWXpFSAYqRzkdL2wuACVAazwoIh1qOCJDIAgyWjADGCAoEgIcXB4eAWRCU0FUYEJMBww9R1tPQyoOCwMQKkdbUQw3HAVKQy9HW1lVd0hERUMsR1tRESkbDUpUfwoeAwlkS1xAVWlPU0JUb0JbRg
172.67.196.58204 No Content 0 B URL HTTP/2 waitingpresen.com/andlWXpFSAYqRzkdL2wuACVAazwoIh1qOCJDIAgyWjADGCAoEgIcXB4eAWRCU0FUYEJMBww9R1tPQyoOCwMQKkdbUQw3HAVKQy9HW1lVd0hERUMsR1tRESkbDUpUfwoeAwlkS1xAVWlPU0JUb0JbRg
IP 172.67.196.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /andlWXpFSAYqRzkdL2wuACVAazwoIh1qOCJDIAgyWjADGCAoEgIcXB4eAWRCU0FUYEJMBww9R1tPQyoOCwMQKkdbUQw3HAVKQy9HW1lVd0hERUMsR1tRESkbDUpUfwoeAwlkS1xAVWlPU0JUb0JbRg HTTP/1.1
Host: waitingpresen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtniM2OlPRM%2FJU%2FKj2%2B%2FN9Blo8JrkbUSSZ%2F7tm11d%2FvAD3ucfkq3eZmTJFcbYwkNey0pOwYQe9XnSUqEe96cbvgTwpNaXKcgKoYPg1Dqw6x5okjvKtaycNJAjRhhaFYGiE%2FXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4119dc8fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file-upload.site/page.js
66.29.132.14200 OK 193 B IP 66.29.132.14:0
File type ASCII text, with no line terminators
Hash 391f261aab9787c46e979046b0e25a65
3f2eec09b02e10bff81bf689d9a380b137f87244
bf2dbac3a4aab3d31cc8e6b3e84a14203add0d903a5611f10025d7cfe158801a
GET /page.js HTTP/1.1
Host: file-upload.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 09:25:19 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 17:24:41 GMT
accept-ranges: bytes
content-length: 193
date: Sat, 03 Dec 2022 09:25:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
d26adrx9c3n0mq.cloudfront.net/8bTFCUTYOXiw3CRlYJmwOVQlxaA5LWzE+WB0MBTJfF2ckMk8hVAQhEBlLJmwGS10jP1FQFyc/VVAAZDBSDwx2d0IdXilsVBhBMyVcH1s4JhAYUH88WRdYLj1XSAMEZBhdFHBhHhpYLDVZGkJnYwYDRWdjBlwBbGETXnNnYwYaWCxnAkgCAHQEXUl0ZRNec2-djBh9HZ2J3XAF3fwZEFHBhUQhSKT4TX3dwYQddAXNhB0gDcjdfH1QkPk5IAwRgBlgfcndDUAA
54.230.245.209200 OK 619 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/8bTFCUTYOXiw3CRlYJmwOVQlxaA5LWzE+WB0MBTJfF2ckMk8hVAQhEBlLJmwGS10jP1FQFyc/VVAAZDBSDwx2d0IdXilsVBhBMyVcH1s4JhAYUH88WRdYLj1XSAMEZBhdFHBhHhpYLDVZGkJnYwYDRWdjBlwBbGETXnNnYwYaWCxnAkgCAHQEXUl0ZRNec2-djBh9HZ2J3XAF3fwZEFHBhUQhSKT4TX3dwYQddAXNhB0gDcjdfH1QkPk5IAwRgBlgfcndDUAA
IP 54.230.245.209:0
File type ASCII text, with very long lines (860), with no line terminators
Hash 377c84d9a0a3e841e7b7e6ef6e355ac6
a40582693b12e1d36a288d8d13eb5f2ccb742732
49eb4e8e8b4935323d05abfd628111650da23c9f5d29110e844588fce50dd652
GET /8bTFCUTYOXiw3CRlYJmwOVQlxaA5LWzE+WB0MBTJfF2ckMk8hVAQhEBlLJmwGS10jP1FQFyc/VVAAZDBSDwx2d0IdXilsVBhBMyVcH1s4JhAYUH88WRdYLj1XSAMEZBhdFHBhHhpYLDVZGkJnYwYDRWdjBlwBbGETXnNnYwYaWCxnAkgCAHQEXUl0ZRNec2-djBh9HZ2J3XAF3fwZEFHBhUQhSKT4TX3dwYQddAXNhB0gDcjdfH1QkPk5IAwRgBlgfcndDUAA HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://airsanguages.com/
HTTP/1.1 200 OK
Content-Length: 619
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RC-uMofU-2ITjUXX-H9ggTf6t5923COa-gsU48l6y2rWUT0Ah-ZUEA==
d26adrx9c3n0mq.cloudfront.net/wbGZ3czUPCRkVChgPE04NVF5ESgxKDAQcWxxbOkcFWygBPwEoJTVVQRYCSkMTAAcZFAhKAxkQCF1AFhdXUVJRB0UDDUoGWwgDERpbCQJRBlRRCxgJXAAKFlYHKlNZQxBeVl8EXAICGARGSVRHHUFJVEdCBUJWUkB3SVRHBFwCUENWBi5DRUNNWlJSQHdJVE-cBQ0lVNkIFWUhHWhBeVhAWVgcJUkFzXlZGQwVdVkZWB1wAHgFQCgkPVgcqV0dGG1xAAk4E
54.230.245.209200 OK 362 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/wbGZ3czUPCRkVChgPE04NVF5ESgxKDAQcWxxbOkcFWygBPwEoJTVVQRYCSkMTAAcZFAhKAxkQCF1AFhdXUVJRB0UDDUoGWwgDERpbCQJRBlRRCxgJXAAKFlYHKlNZQxBeVl8EXAICGARGSVRHHUFJVEdCBUJWUkB3SVRHBFwCUENWBi5DRUNNWlJSQHdJVE-cBQ0lVNkIFWUhHWhBeVhAWVgcJUkFzXlZGQwVdVkZWB1wAHgFQCgkPVgcqV0dGG1xAAk4E
IP 54.230.245.209:0
File type ASCII text, with very long lines (455), with no line terminators
Hash 260bd65e08b0a06b2ab7951ca6f627cd
69417f99024b49ed047befa86f22e8497706af23
8159e10904d98edff2e5893d07fd7e87ec9cc2274dbc7f14340bb69f7a0d5a46
GET /wbGZ3czUPCRkVChgPE04NVF5ESgxKDAQcWxxbOkcFWygBPwEoJTVVQRYCSkMTAAcZFAhKAxkQCF1AFhdXUVJRB0UDDUoGWwgDERpbCQJRBlRRCxgJXAAKFlYHKlNZQxBeVl8EXAICGARGSVRHHUFJVEdCBUJWUkB3SVRHBFwCUENWBi5DRUNNWlJSQHdJVE-cBQ0lVNkIFWUhHWhBeVhAWVgcJUkFzXlZGQwVdVkZWB1wAHgFQCgkPVgcqV0dGG1xAAk4E HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://airsanguages.com/
HTTP/1.1 200 OK
Content-Length: 362
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V6hTcpQXWgvRbgaJm3TyIwfP1KAkW8NBHI9TeK6t12sebvkj7WJOFQ==
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d63901bdc227f2c228c63ce1020ad0c2
565e460f75fc425f2b3550716170aec146c65e9a
132f7e24f5c3b83296ca8844fea8f1c1f60827aff8bd6eeee3905176bb854d96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:19 GMT
Last-Modified: Sat, 03 Dec 2022 08:05:26 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
d26adrx9c3n0mq.cloudfront.net/xdkNjb1IVLA0JbQIqB1JrRHFRWmFQKRAAPAZ+GwoQBnoWDGYReicOYVA3GQtvRmUPDjwRfkUKPBV+UkkzEiFeW3QCMwwEbxQ2Ex4mHDEJFSVQNgJSPxk5CgM+F2ZRKWdYc0ZdYl40CgE2GTQQSmBGLRdKYEZyU0FiU3AhSmBGNAoBZEJmUC13RHMbWWZTcC-FKYEYxFUphN3JTWnxGakZdYhEmAAQ9U3ElXWJHc1NeYkdmUV80HzEGCT0OZlEpY0Z2TV90A35S
54.230.245.209200 OK 477 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/xdkNjb1IVLA0JbQIqB1JrRHFRWmFQKRAAPAZ+GwoQBnoWDGYReicOYVA3GQtvRmUPDjwRfkUKPBV+UkkzEiFeW3QCMwwEbxQ2Ex4mHDEJFSVQNgJSPxk5CgM+F2ZRKWdYc0ZdYl40CgE2GTQQSmBGLRdKYEZyU0FiU3AhSmBGNAoBZEJmUC13RHMbWWZTcC-FKYEYxFUphN3JTWnxGakZdYhEmAAQ9U3ElXWJHc1NeYkdmUV80HzEGCT0OZlEpY0Z2TV90A35S
IP 54.230.245.209:0
File type ASCII text, with very long lines (665), with no line terminators
Hash 26da0f500c6826476372bb14b9411f29
b8e9845dd2b31d1877db3f2808e17231b2ba6236
13b6296489ced161382b4c2322e4463e3603168f9dd34d39b0b94caa56c56440
GET /xdkNjb1IVLA0JbQIqB1JrRHFRWmFQKRAAPAZ+GwoQBnoWDGYReicOYVA3GQtvRmUPDjwRfkUKPBV+UkkzEiFeW3QCMwwEbxQ2Ex4mHDEJFSVQNgJSPxk5CgM+F2ZRKWdYc0ZdYl40CgE2GTQQSmBGLRdKYEZyU0FiU3AhSmBGNAoBZEJmUC13RHMbWWZTcC-FKYEYxFUphN3JTWnxGakZdYhEmAAQ9U3ElXWJHc1NeYkdmUV80HzEGCT0OZlEpY0Z2TV90A35S HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://airsanguages.com/
HTTP/1.1 200 OK
Content-Length: 477
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wGG2ZTix8PMDw3rC_mS6pXcoHUtpb-i9OUWkiqf5d7A6aHRXzaVnDQ==
d26adrx9c3n0mq.cloudfront.net/kcHVuUGYTGgA2WQQcCm1eSExZZlBWHx0/CABIHiFRRgUMMiAXMTkKAQo0JXYSChFTYEAcFAA3W1YQADNbQVMPNARNQUgkFh8eUzITAAQaOhQaDxl2ExFIAz8cGRkCMUNCM1t+VlVHXngRGRsKPxEDUFxgCARQXGBXQFtedVUyUFxgERkbWGRDQzdLYlYIQ1-p1VTJQXGAUBlBdEVdAQEBgT1VHXjcDEx4BdVQ2R15hVkBEXmFDQkUIORQVEwEoQ0IzX2BTXkVIJVtB
54.230.245.209200 OK 629 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/kcHVuUGYTGgA2WQQcCm1eSExZZlBWHx0/CABIHiFRRgUMMiAXMTkKAQo0JXYSChFTYEAcFAA3W1YQADNbQVMPNARNQUgkFh8eUzITAAQaOhQaDxl2ExFIAz8cGRkCMUNCM1t+VlVHXngRGRsKPxEDUFxgCARQXGBXQFtedVUyUFxgERkbWGRDQzdLYlYIQ1-p1VTJQXGAUBlBdEVdAQEBgT1VHXjcDEx4BdVQ2R15hVkBEXmFDQkUIORQVEwEoQ0IzX2BTXkVIJVtB
IP 54.230.245.209:0
File type ASCII text, with very long lines (868), with no line terminators
Hash 77f1c5072165da2bf8b2cffa49958f42
d62722aba395360a6a6e2d8088b2bfe57c22f92a
98fa2c77f667ff9148be7194df0a3380b21aa75fcdefa0acb8887db111461a68
GET /kcHVuUGYTGgA2WQQcCm1eSExZZlBWHx0/CABIHiFRRgUMMiAXMTkKAQo0JXYSChFTYEAcFAA3W1YQADNbQVMPNARNQUgkFh8eUzITAAQaOhQaDxl2ExFIAz8cGRkCMUNCM1t+VlVHXngRGRsKPxEDUFxgCARQXGBXQFtedVUyUFxgERkbWGRDQzdLYlYIQ1-p1VTJQXGAUBlBdEVdAQEBgT1VHXjcDEx4BdVQ2R15hVkBEXmFDQkUIORQVEwEoQ0IzX2BTXkVIJVtB HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://airsanguages.com/
HTTP/1.1 200 OK
Content-Length: 629
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _CO5_pB5FgvdSemPiaocvJtEGp4YtsyJnipJQkn4chrAWcHetXoMmQ==
ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rwhsVIQts8w
IP 142.250.74.131:0
Hash 6fbd6c392b04f319191b3f1322daa769
c2e946297be984fd55435c23e0a911669601bf12
3718bc0c6b6a3a0f838c104433990c3ca7d3a88dc3b87b34d20ad059afc0533f
POST /s/gts1p5/rwhsVIQts8w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d63901bdc227f2c228c63ce1020ad0c2
565e460f75fc425f2b3550716170aec146c65e9a
132f7e24f5c3b83296ca8844fea8f1c1f60827aff8bd6eeee3905176bb854d96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:19 GMT
Last-Modified: Sat, 03 Dec 2022 08:05:26 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
d26adrx9c3n0mq.cloudfront.net/Ka2ZCV1YICSwxaR8PJmpuUlBzbm5NDDE4OBtbG2UQIDItMmQgVzIWJAZUZCMsD1tycToKCCVqcA4IIWpnTQcmNWtfQDc2awYJOD46BwdnZRBeSHJyZFtONT44Dwk1JHNZViwjc1lWc2d4W0NxFXNZVjU+OF1SZ2QUTlRyL2BfQ3EVc1lWMCFzWCdzZ2NFVm-tyZFsBJzQ9BENwEWRbV3JnZ1tXZ2VmDQ8wMjAEHmdlEFpWd3lmTRN/Zg
54.230.245.209200 OK 193 B URL HTTP/1.1 d26adrx9c3n0mq.cloudfront.net/Ka2ZCV1YICSwxaR8PJmpuUlBzbm5NDDE4OBtbG2UQIDItMmQgVzIWJAZUZCMsD1tycToKCCVqcA4IIWpnTQcmNWtfQDc2awYJOD46BwdnZRBeSHJyZFtONT44Dwk1JHNZViwjc1lWc2d4W0NxFXNZVjU+OF1SZ2QUTlRyL2BfQ3EVc1lWMCFzWCdzZ2NFVm-tyZFsBJzQ9BENwEWRbV3JnZ1tXZ2VmDQ8wMjAEHmdlEFpWd3lmTRN/Zg
IP 54.230.245.209:0
File type ASCII text, with no line terminators
Hash 8a67d9cfd6aecd1c4e93dab6196bfc96
f01300034763da240a4c3741917e7ab2fb470c45
3136ba1bc2ced5489d0591de387cf8f4762e4b5fe5e741e081e9472a9de885e6
GET /Ka2ZCV1YICSwxaR8PJmpuUlBzbm5NDDE4OBtbG2UQIDItMmQgVzIWJAZUZCMsD1tycToKCCVqcA4IIWpnTQcmNWtfQDc2awYJOD46BwdnZRBeSHJyZFtONT44Dwk1JHNZViwjc1lWc2d4W0NxFXNZVjU+OF1SZ2QUTlRyL2BfQ3EVc1lWMCFzWCdzZ2NFVm-tyZFsBJzQ9BENwEWRbV3JnZ1tXZ2VmDQ8wMjAEHmdlEFpWd3lmTRN/Zg HTTP/1.1
Host: d26adrx9c3n0mq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://airsanguages.com/
HTTP/1.1 200 OK
Content-Length: 193
Connection: keep-alive
Date: Sat, 03 Dec 2022 09:25:19 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0ub2cgBuygjiRk82bYliflh4UKMZMLI1QdmCk3gmcCSJa25Jot68LA==
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84b8b1043a96c760a6b85bc0b3265b85
d9f0338ffcd6cfb3c96bc66966b898d33162f204
e24a64d19f091946caed011ebcf469be2d35168aa12f90b02d9c1c9326afd867
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E24A64D19F091946CAED011EBCF469BE2D35168AA12F90B02D9C1C9326AFD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7566
Expires: Sat, 03 Dec 2022 11:31:25 GMT
Date: Sat, 03 Dec 2022 09:25:19 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sSmIs7CGDrZ+6kT9wdkjPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hvT6EXzWpIqAvCL2YiApunJ1m2c=
bedrapiona.com/5/5003260/?oo=1&js_build=iclick-v1.458.0
139.45.197.234200 OK 1.4 kB URL HTTP/2 bedrapiona.com/5/5003260/?oo=1&js_build=iclick-v1.458.0
IP 139.45.197.234:0
File type JSON data\012- , ASCII text, with very long lines (2856), with no line terminators
Hash 4b85d30aa098a0997d36b1b0937372cd
06517725fb450c67005f57c3d773f4315647b333
84906697a4b6e45121d4add410c29dfcbfd8866f20d07a53359c776f710860ce
GET /5/5003260/?oo=1&js_build=iclick-v1.458.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: application/json
x-trace-id: 02c12d7a1316639b6b35f0cce578c005
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=183e39f47c714be69132da69a59caab3; expires=Sun, 03 Dec 2023 09:25:19 GMT; path=/; secure; SameSite=None
oaidts=1670059519; expires=Sun, 03 Dec 2023 09:25:19 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6031
Cache-Control: max-age=88451
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:19 GMT
Etag: "6389b4f3-116"
Expires: Sun, 04 Dec 2022 09:59:30 GMT
Last-Modified: Fri, 02 Dec 2022 08:18:59 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5195
Expires: Sat, 03 Dec 2022 10:51:54 GMT
Date: Sat, 03 Dec 2022 09:25:19 GMT
Connection: keep-alive
tzegilo.com/stattag.js
172.67.194.45200 OK 5.5 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash b8d1c6f584455a67ff9199ea755f7dbe
82a25206c899e59b1505c7cac2211ab22a945e82
6eca01023b17159ae76243bbc3c38f4492bdf77092e8d60b70c5fb49c903e6bc
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lpbjMcbYfer8q4x9f8ysYTLsdrzcuh0S2Nq15yAo8bwcLsvvljtgUrVVsmDe42vRqiDSIAALkde9w%2BhgRcUFQlFI8evax%2BnTEAFCxYQRtxviz2XoI8v9vYsQcpiSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b411dba58b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=183e39f47c714be69132da69a59caab3
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=183e39f47c714be69132da69a59caab3
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b7ba9d75dcfa03050fa56c3372158090
6c343d66745a2b78340e7db131e7a5f8e0d518d3
1da9363a28a24184e72fad8d1e8ddc37ba3fcb7053b1c35eb3d7ac9aa08d4fad
GET /gid.js?userId=183e39f47c714be69132da69a59caab3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://www.file-upload.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=183e39f47c714be69132da69a59caab3; expires=Sun, 03 Dec 2023 09:25:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
outbursttones.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js
192.243.59.13200 OK 21 kB URL HTTP/1.1 outbursttones.com/01/10/5f/01105f188a1c32226733edcb09dd3870.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60180), with no line terminators
Hash 92d5b915becd3f2b02889ae7556aa4e8
fb93d71cb8ef80b1ae043c09d5fceac99da99148
9c3c0a01fb587b9d35857f1aeb7816503353ef6cfbf9d1f8513681a0c60aebef
Analyzer Verdict Alert fortinet Malware
GET /01/10/5f/01105f188a1c32226733edcb09dd3870.js HTTP/1.1
Host: outbursttones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 09:25:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a14232ec74910e523d5cba55c6ddcc77
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09a8116e93fcce1a332a55d5e46835e6
4589859db9f4af5891885b28a84f4ec259ca89bb
51fa1867d6d777fd70d52e0265c094389ba01dc4da2026a816974fa7771f1c82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51FA1867D6D777FD70D52E0265C094389BA01DC4DA2026A816974FA7771F1C82"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Sat, 03 Dec 2022 10:34:00 GMT
Date: Sat, 03 Dec 2022 09:25:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: max-age=159559
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:44:39 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a06afa1875c7542451698bb20623def1
b6075db78f93567b4a115d4cc0c1cc7f170de3f6
0257f7232d4431fadd985f2137df900816246f51936ae8521d35f44b21fa6c83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a06afa1875c7542451698bb20623def1
b6075db78f93567b4a115d4cc0c1cc7f170de3f6
0257f7232d4431fadd985f2137df900816246f51936ae8521d35f44b21fa6c83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3327cd8798da63bd1c2fbb97b01cf8f9
d6b9b18c2d1046cb3f89e54fcc266d6c1e9114a0
badb3b7f869b09f728236606eaab7ca63fc4ceb5ecfc9d605a842b287b48362c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BADB3B7F869B09F728236606EAAB7CA63FC4CEB5ECFC9D605A842B287B48362C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6635
Expires: Sat, 03 Dec 2022 11:15:55 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.211.13302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash d8841b21a773a2b7a5352f8659620844
11e413ba06152ee58d76e39024e9d892516470cd
6f4cead2b800a67717a08e8070e1982bd0b1e60386caf4389d4f265daf239ca2
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 09:25:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-670847506%3A1670059520083706&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtaFDVEop7xcbe4fs4j-v2K2v_BRGEJNqhmc2U289OcM58Y2g4982DFQO8iUoVd6AY-r_Pq
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-znJwZQ7fdguUQI4obmsjyw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:wfAZldKSFW085QBU6ospkozVdK4wQw:Lz5zMT3_MgXLJgF6;Path=/;Expires=Mon, 02-Dec-2024 09:25:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3327cd8798da63bd1c2fbb97b01cf8f9
d6b9b18c2d1046cb3f89e54fcc266d6c1e9114a0
badb3b7f869b09f728236606eaab7ca63fc4ceb5ecfc9d605a842b287b48362c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BADB3B7F869B09F728236606EAAB7CA63FC4CEB5ECFC9D605A842B287B48362C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6635
Expires: Sat, 03 Dec 2022 11:15:55 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.211.13302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 185238bf851ea695f66cc02b63b6cd24
8a8834ec78398daf2f25c3163c4058b3243265d0
998f6bee09e32d80b1a36c1decc1e889bd37f77af61490eefaaabe0fb39736df
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 09:25:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2096913384%3A1670059520096996&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs-YkkenIY3bmSbalXL8QDJRxk_kx8Nuvsu4N35d1l9jur61nXZ3MxVVnQKMpubY1vPfGld
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-YGJT9VjdsDE6RmErjMEWsg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:iUuVsJhVp2ReuJ5Oh8slON2z_6fmWg:k3g_0QMdNGlNwxA0;Path=/;Expires=Mon, 02-Dec-2024 09:25:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
airsanguages.com/utx?cb=CLaRKKHVZVq2&top=www.file-upload.com&tid=889766
143.204.55.57204 No Content 0 B URL HTTP/2 airsanguages.com/utx?cb=CLaRKKHVZVq2&top=www.file-upload.com&tid=889766
IP 143.204.55.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=CLaRKKHVZVq2&top=www.file-upload.com&tid=889766 HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Dec 2022 09:26:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PE42rRgZpmib2nQaiSFbamXnAq1eE0vJgsWhZhEQaK549l4OI-891w==
X-Firefox-Spdy: h2
airsanguages.com/utx?cb=bGgHZYeFdQrw&top=www.file-upload.com&tid=888399
143.204.55.57204 No Content 0 B URL HTTP/2 airsanguages.com/utx?cb=bGgHZYeFdQrw&top=www.file-upload.com&tid=888399
IP 143.204.55.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=bGgHZYeFdQrw&top=www.file-upload.com&tid=888399 HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Dec 2022 09:26:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AjiHZj9Y0_IVou6IQ32Du1-cKrRFyJJD7qPdbIPjreEU4gReqskNoA==
X-Firefox-Spdy: h2
airsanguages.com/utx?cb=Knj4u5kIW6o8&top=www.file-upload.com&tid=922253
143.204.55.57204 No Content 0 B URL HTTP/2 airsanguages.com/utx?cb=Knj4u5kIW6o8&top=www.file-upload.com&tid=922253
IP 143.204.55.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Knj4u5kIW6o8&top=www.file-upload.com&tid=922253 HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Dec 2022 09:26:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OV0a_oLan9lllxK4YXnXhqKXtEZ8I_PxnQQzpA-NXFClw9qULV_eKw==
X-Firefox-Spdy: h2
airsanguages.com/utx?cb=h6qzMK5j9yDU&top=www.file-upload.com&tid=888398
143.204.55.57204 No Content 0 B URL HTTP/2 airsanguages.com/utx?cb=h6qzMK5j9yDU&top=www.file-upload.com&tid=888398
IP 143.204.55.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=h6qzMK5j9yDU&top=www.file-upload.com&tid=888398 HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 09:25:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 03 Dec 2022 09:26:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gSWPY3zjLNoT4AO4cABc3C5Eiqnpz6N4fh-DcQekKJfbWefb_vF7QQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=532677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b411efcb60b02-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 901
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 03 Dec 2022 09:25:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://www.file-upload.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
accounts.google.com/v3/signin/identifier?dsh=S-670847506%3A1670059520083706&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtaFDVEop7xcbe4fs4j-v2K2v_BRGEJNqhmc2U289OcM58Y2g4982DFQO8iUoVd6AY-r_Pq
216.58.211.13403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-670847506%3A1670059520083706&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtaFDVEop7xcbe4fs4j-v2K2v_BRGEJNqhmc2U289OcM58Y2g4982DFQO8iUoVd6AY-r_Pq
IP 216.58.211.13:0
Hash e13774512e6e94fc401fa33e2dd47707
da23cf00aca543288227ec4e68129af70e1444f7
8a3ee388d737f8f6917fcc60566803f3f555c10a25472e87d584a3c10c7063de
GET /v3/signin/identifier?dsh=S-670847506%3A1670059520083706&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtaFDVEop7xcbe4fs4j-v2K2v_BRGEJNqhmc2U289OcM58Y2g4982DFQO8iUoVd6AY-r_Pq HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 09:25:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: script-src 'nonce-583EnD_IZiwJI4c_4oIsYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oaphoace.net/500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:20 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://www.file-upload.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3327cd8798da63bd1c2fbb97b01cf8f9
d6b9b18c2d1046cb3f89e54fcc266d6c1e9114a0
badb3b7f869b09f728236606eaab7ca63fc4ceb5ecfc9d605a842b287b48362c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BADB3B7F869B09F728236606EAAB7CA63FC4CEB5ECFC9D605A842B287B48362C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6635
Expires: Sat, 03 Dec 2022 11:15:55 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Sat, 03 Dec 2022 09:25:20 GMT
Content-Type: text/html
Content-Length: 298
ETag: "63734773-12a"
Via: 1.1 google
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7f88aabc2a9ef1070ea8400baec35250
1a5f9649d09f3eb2d829b6787e72e613e70381e7
591e83e23fb1c832f336ed77a8b10cf6175a04d2341a0bad5d608084b70b9598
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2481
Cache-Control: max-age=145374
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Etag: "638aa12d-116"
Expires: Mon, 05 Dec 2022 01:48:14 GMT
Last-Modified: Sat, 03 Dec 2022 01:06:53 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 278
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
104.22.32.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash 2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Sun, 04 Dec 2022 08:28:35 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3405
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b41227db409a3-ARN
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 498 B IP 172.64.173.27:0
File type ASCII text, with no line terminators
Hash 676a09bd9c8ffab962ab573614a9d3ec
ca4d2f652328e12e079fe7b106a56741467be975
1eac80a0df4b5c3f6c6c8d331354df4bcd6ca50442621af8ffc2764d00e6e85e
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: text/plain
set-cookie: csu=2127537467694623@1@1670059520; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzNoCLl7NNFnJTGzIxq%2B4zrteQClVx9RHGdNX1jbNZN2ac6Fs186GR0JeiBJd3ee%2FjW9DKYWrFkQblDYtSbM9UMf%2FciU4oQ2kGtJY6mWRGuKBooLBjRuy5r1XM2qSOKG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b4120c8d87719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
airsanguages.com/floater?cs=N0dHTWMAcXd%2FVQdzdXtWAXRzdVE&abt=0&red=1&sm=83&k=download%20anastaysherr&v=0.8.13.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_s1Pm=1670059517532&crc=1
143.204.55.57200 OK 1.0 kB URL HTTP/2 airsanguages.com/floater?cs=N0dHTWMAcXd%2FVQdzdXtWAXRzdVE&abt=0&red=1&sm=83&k=download%20anastaysherr&v=0.8.13.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_s1Pm=1670059517532&crc=1
IP 143.204.55.57:0
File type ASCII text, with very long lines (1411), with no line terminators
Hash 989036b4cbe965d8ff7e1dee166a4109
4b455f3c1fdfef8350633e9ea26d3335a7dccaed
28699fec35dc0790fda4f32b2bbbc537213764f747f5ff49c6cda3a6bfd233ce
GET /floater?cs=N0dHTWMAcXd%2FVQdzdXtWAXRzdVE&abt=0&red=1&sm=83&k=download%20anastaysherr&v=0.8.13.0&sts=0&prn=0&emb=0&tid=888399&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_s1Pm=1670059517532&crc=1 HTTP/1.1
Host: airsanguages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 1000
date: Sat, 03 Dec 2022 09:25:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://www.file-upload.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=c3d921b6-08ea-45f9-98c1-b636b02c27c3
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gs903fiBQCsEFjbfch_bS7W-mabSVjAFN9ld68WGUnZ3JW5PTVcPUQ==
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 652b85baa61ac3fc6035364c20ee9f8f
c2db0272d2b94de0f74d8c60a0279f39d17d60df
8686d32c468c4fd446bd115b9e213f3d7be6776d01418c5dcbec9727fc2a178e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
set-cookie: uid_id2=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd:1:1; expires=Tue, 30 Nov 2032 09:25:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
peacocktypewriter.com/38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 peacocktypewriter.com/38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37130), with no line terminators
Hash 4408ea0513288cc1716b59e61e106ce5
2e3729886bf2eae411cf02accff475a25cd79eb6
9b91d9f0f529f8cac36b80e8e9db32967a9652e4bd79f11ebd0824e64b142464
GET /38/f0/0a/38f00a36b3d7705a00e14d2d7baaa601.js HTTP/1.1
Host: peacocktypewriter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 09:25:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28c01f18b41a1d1dc930a4893bc86620
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
Content-Length: 0
pogothere.xyz/
172.64.173.27200 OK 17 kB IP 172.64.173.27:0
File type ASCII text, with no line terminators
Hash b7f93f9f07343f22814a55967aa087c1
8c543a94652db418a0fb1e5746752b0cc725a84c
7b0904c4eb2e3cb43224140b59a99894992644c4b3f83d7307c49a18bb7f7356
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: text/plain
set-cookie: csu=2019933879888752@1@1670059520; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJrEEckCj2qtPjMjLqfhu4z1CHNqBoAW0jPcqr3lo3q3imwkQNHp2SAALcyCbS%2FfH1kTP6g0yNGXOs1m38bj%2Bem1kdzZ0O1Fz%2BAjJI57Pn%2FWh4vR5Rj8jNo9ey6aOu3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b412179c77719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Sat, 03 Dec 2022 13:28:52 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
oaphoace.net/401/5419445?oo=1&oaid=183e39f47c714be69132da69a59caab3
139.45.197.239200 OK 2.8 kB URL HTTP/2 oaphoace.net/401/5419445?oo=1&oaid=183e39f47c714be69132da69a59caab3
IP 139.45.197.239:0
Hash 0fe2116f2bb437ec3ac57d4b5b72c901
292cb4d40a040dbf8f9d70d3cbbda27920c88822
c10b27482a8ba71e30e65b808e10f14a7c286fb340952ba6c7cd889f17fcfa91
GET /401/5419445?oo=1&oaid=183e39f47c714be69132da69a59caab3 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: OAID=38426dea3ca14325a4c3661939f43932
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: application/json
x-trace-id: da4f546d0253d4136563a6a3747ab9fa
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://www.file-upload.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=183e39f47c714be69132da69a59caab3; expires=Sun, 03 Dec 2023 09:25:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Sat, 03 Dec 2022 13:28:52 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 2.2 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 03d670c402895770bf396c05ae616d35
957b49e63cb7c0af65ce080a67e65fcbc8730f89
200766f03cb83d612184b1ca21b45c3c9081473b893282263e06d281ba6d1740
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Sat, 03 Dec 2022 13:28:52 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Sat, 03 Dec 2022 13:28:52 GMT
Date: Sat, 03 Dec 2022 09:25:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 42453
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:55 GMT
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
age: 42445
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 112 kB IP 172.64.173.27:0
Size 112 kB (112115 bytes)
Hash 367dc4e32afcb65e3f6b62e083c7c421
e37aa64fe740187209ce4dbb817670aa16024cea
d098551b6f2bcd4048ac69e03095b534dfc2c1b403e5f8675b302a5e93132aa8
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 02 Dec 2022 23:51:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fI8qudFnO0fz7vuqDe61vxh7hbIsKj8xDmF3cT2ok5sfjZbIJpWidoydY2DNddryhuoZ74zdRkSU0bm7vPuJdid1m5sU9CrOX1KyA5SjozJET%2BFqzd1h8sbxFVqXIz9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b4120c8d47719-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 12270
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: b0bf3aed-f968-4ebb-953e-35300d74ef16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdCe8GgNIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63884ac5-4b20ca67753e65c5232660f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 06:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axyk2U1R7AX1RVQmdc303S2S2CUs_RgphyeYPsbGveGHMAjY3KEzdw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:19:35 GMT
age: 72345
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 38776
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 103 kB IP 172.64.173.27:0
Size 103 kB (102768 bytes)
Hash 509cb2ee76ef8fc198ba59a8e3273653
0dc818339acdf5f70959cddf749708a661e38778
8988cf9b6237e104a72e5acfe22b8484b7d1e07c6f85c80b3886004b448438f5
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 02 Dec 2022 23:51:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfeU8dipPGjSFT6fpzuFnUobAhIA9DNAmcyQOt8DtMm7%2BFpeoBcaggiyzB%2Fb%2FAcapLh6re1apCvwq4Ybr8mVaPnLV7bnWWyxJl%2F8f5kLmp3s5wG9X7zQFPLOGSmlg6Ok"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b4120c8ca7719-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.140.24200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.140.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 09:25:20 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 4a7e3bb23c72bff549a0d8e847c8c9bd
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 03 Dec 2022 09:25:20 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF4eK4GLd%2Berq1OKcueroQjiXgFN5yIR2AkMdfeXOx1s3mv37kDteM3WQjQ6TuMuKcgkYXboKE9waGroa12PciCd8PVG5KKVfFDP9QG8P8SyLiD1g5ab528dqBkH2rsaBHOHA84%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773b41241fd97324-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 79807aaa68acbd4f11cbd49a3cbcab80
e50f1d5236cfcced7d3a49bdb02565976f0e32eb
be47570774c076a0c44819885c53b267ef41a0c41a1f888008bfe24ff2b3d0a5
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 639fdb3e727b12ff1477bd4c1060bba0
etag: "781de89c3c66f29dfa91ed7418547b9c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Dec 2022 09:38:05 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: eYB6qmisvU8Ry9SaPLyrgA==
x-fb-debug: bWMLQOIsfDpwkaFmEFuMM7JtmHU2WS0S365jFWTF9rsJd9AnRiVgNTtGHTVUE0SJvfbbrQf6TK97Ql49HaMJfA==
content-length: 1687
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 09:25:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399
108.177.14.154302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399
IP 108.177.14.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d5c79bca898209328605248f15bc6c81
8ca17926ff331f502cefd5538f3bc00239977088
ad2a34689460dc74fb2b48035991544562f25d90866335f45585c96c8289063c
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 09:25:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=991d1d46b439890a23fb024ece2d9b3c
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=991d1d46b439890a23fb024ece2d9b3c
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 95aa4f50a4f3171f0fc5c36b39700991
cd685b6cfe577df8e48e3ed00b5df688328a56f2
dbf77e3bd3112c1645c221524aa6392481996a45db8877d28548d17e694d0007
GET /en_US/sdk.js?hash=991d1d46b439890a23fb024ece2d9b3c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 326460e5c8299931155ecd31c13189a4
etag: "21d36c6fceff4486a7e271608fdb5d48"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 03 Dec 2023 07:46:07 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: lapPUKTzFx8PxcNrOXAJkQ==
x-fb-debug: Q+oiFSK2q5vWGORAjJYQfsOkU0WRFrI7aRhEericuwArhtcQi3Y/S2QMHFbuhqTOpJ5QCPK9MiIAH1tzd7y81Q==
priority: u=3,i
content-length: 88358
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 09:25:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 103 kB IP 172.64.173.27:0
Size 103 kB (102872 bytes)
Hash 7c8e5faa36001f80e0baa6f9ab59e4f7
1cdaf8e2397c13073c1092572e30f9a35837239b
380514883032cbc277dbdd9cb95b0e75659d68cebaecf0278e4632c282f62beb
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 02 Dec 2022 23:51:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Fe2%2Bp7DXNjaDg1UurDKQX45dqu5nhDrhcERh1qIoHF7vIFHC5fua%2BtH1x8MGOAKHthh%2FKvLiDqNJf8uUhmMXfq2S6pIUrKPJtk0em47nUUKrtMKgppU7OnTqI9ciJSr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b4120c8da7719-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 09:25:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399&slf_rd=1&random=1348306906
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.file-upload.com/assets/images/norton.png
188.114.97.1200 OK 108 kB URL HTTP/2 www.file-upload.com/assets/images/norton.png
IP 188.114.97.1:0
File type PNG image data, 119 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (107834 bytes)
Hash c630bbf69427b743b500ec4013ea42a5
390b552693b566a3294fa43ca74227b5b645667d
b22cba8082f42aa7ca7914d4c9a2f6ec0a0be00cdb65e63b8f90aac5e4250fa7
GET /assets/images/norton.png HTTP/1.1
Host: www.file-upload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:18 GMT
content-type: image/png
cache-control: max-age=315360000
cf-bgj: csam-hash
etag: W/"5be576df-1363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 09 Nov 2018 12:00:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49700100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0H%2FmpgY93X%2BDhJEF2nPasm0NVJuSpyMaZOlaLo5Gp9okBn6v98azDSSBh5AKNd1LxFGd0IrFwBlfY6uHtRX3LRheA05R11f%2Fq7PxhgyLnx9zifdWiY6j7pT0Rwe2oML7LfZk2m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b411688990b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399&slf_rd=1&random=1348306906
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399&slf_rd=1&random=1348306906
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42931250-7&cid=993141546.1670059519&jid=238338693&_v=5.7.2&z=762608399&slf_rd=1&random=1348306906 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 09:25:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8fda378702fd07825a0c395341d5eab7
29632ad3f690715ff119de420c986f5b9e17e4d5
cc3a300400b86105b9c9fdf74e3b70bc257550ccbd839772bc0731d419bdefe5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CC3A300400B86105B9C9FDF74E3B70BC257550CCBD839772BC0731D419BDEFE5"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13992
Expires: Sat, 03 Dec 2022 13:18:33 GMT
Date: Sat, 03 Dec 2022 09:25:21 GMT
Connection: keep-alive
xml.serve-servee.com/thumbnail?i=edlERdrfuGk_1&imgt=icon
172.64.162.38302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=edlERdrfuGk_1&imgt=icon
IP 172.64.162.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=edlERdrfuGk_1&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 09:25:21 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/192x192_duwWEKdQ4PMk0stZ69y8.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmzAIQZ0DMJA1Lggrc%2Fxe1O8hbhXQu5SyQi9Yy3QDS9MmJRHVPzUvt2J8EcpwhRpwBIccczOIZcOOi6V48czoPbCttcyADvq5%2BMTK1JLyXvMSG8a3B%2Bp9HMCfgq3fQng%2FfYVWLJCsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b412a3bf8718c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.serve-servee.com/n337/ad/192x192_duwWEKdQ4PMk0stZ69y8.png
172.64.162.38200 OK 1.1 kB URL HTTP/2 static.serve-servee.com/n337/ad/192x192_duwWEKdQ4PMk0stZ69y8.png
IP 172.64.162.38:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 4fa2beaeca8f598401f3ec6300cb860b
45634806ea1fa936c0e600b8b22f835600529b36
ef897a0bab353d84bf69ae3570347dea36236575a7b1bbd5992b8f256f856577
GET /n337/ad/192x192_duwWEKdQ4PMk0stZ69y8.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:21 GMT
content-type: image/png
content-length: 1112
last-modified: Fri, 24 Apr 2020 13:59:43 GMT
accept-ranges: bytes
etag: "5ea2f0cf-458"
cache-control: max-age=86400
x-hw: 1670059521.cds254.lo4.h2,1670059521.cds216.lo4.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr7Uzv4eZL46maqUbqszjzJ%2BaF1joJbERatP%2FSpbb0%2F9z2uGYx7TjReMi5kO3RvKowOf11wg%2BvmHf65QsLnQzsOSN5zfvFRBCglsf3XOVNRio5XWDp7QE3DrM%2BypK2xm3k1pjELPYmNhBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b412afd0e718c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8fda378702fd07825a0c395341d5eab7
29632ad3f690715ff119de420c986f5b9e17e4d5
cc3a300400b86105b9c9fdf74e3b70bc257550ccbd839772bc0731d419bdefe5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CC3A300400B86105B9C9FDF74E3B70BC257550CCBD839772BC0731D419BDEFE5"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13992
Expires: Sat, 03 Dec 2022 13:18:33 GMT
Date: Sat, 03 Dec 2022 09:25:21 GMT
Connection: keep-alive
oaphoace.net/impression/3xflJCWhUTJdHvqbstJqlMipqHDlTOFkVYqdtJuUuETyktk8KvZaV143tKu3KGsFds6GTHo3M573tTZiGSG4IN3Dg1ZmvNBGu2AdQBC-dROIxJg7tKu5gZfKkuBLix1CeaIK9QBfJhV3F8OR1AF62zZfdgHYJTS6SgFjDRY83kLirtWc93xLU_og9VsQM5d7W3sWQZ6HF_z5MXojZ2TAlf4wcvc-6rRZ5dxkUUEXTFcwpijioXJqBcEP_3Mzzrz_0kej7gu24lAye93Th_TFS_HcTUWqeiqylG38I-Yn5kPYc-qLg0G_pzrFlhEqX4rpsIMXyQ13vZoDSyW1PaLQDwhz6jdhYOCA2hLppcpR-2Kkv9eAO7xSd5vZi3CR0r6YP39nGcgi7_POlWyiVLC_vw98dwCUW8qDhcx2NE-9JvhMC2DW-pV0xzGYzqGCBQzIit3jVum0Nf6ClTQ-HysTNzu6m6b8ZgmrW1Kzb1B39BMlAuZs3_J3HGEuv0nEAWOupCY3B4M1ATXdO7BVRHANo9b9VaeiGH5HsKfV12r2I3L4zDDHEnydr6NW1xJBf_K-ToxOknyFV_U9T-uDUOCBLixpYrAshB7LSmHRhlzPIdc=?_z=5419445&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/3xflJCWhUTJdHvqbstJqlMipqHDlTOFkVYqdtJuUuETyktk8KvZaV143tKu3KGsFds6GTHo3M573tTZiGSG4IN3Dg1ZmvNBGu2AdQBC-dROIxJg7tKu5gZfKkuBLix1CeaIK9QBfJhV3F8OR1AF62zZfdgHYJTS6SgFjDRY83kLirtWc93xLU_og9VsQM5d7W3sWQZ6HF_z5MXojZ2TAlf4wcvc-6rRZ5dxkUUEXTFcwpijioXJqBcEP_3Mzzrz_0kej7gu24lAye93Th_TFS_HcTUWqeiqylG38I-Yn5kPYc-qLg0G_pzrFlhEqX4rpsIMXyQ13vZoDSyW1PaLQDwhz6jdhYOCA2hLppcpR-2Kkv9eAO7xSd5vZi3CR0r6YP39nGcgi7_POlWyiVLC_vw98dwCUW8qDhcx2NE-9JvhMC2DW-pV0xzGYzqGCBQzIit3jVum0Nf6ClTQ-HysTNzu6m6b8ZgmrW1Kzb1B39BMlAuZs3_J3HGEuv0nEAWOupCY3B4M1ATXdO7BVRHANo9b9VaeiGH5HsKfV12r2I3L4zDDHEnydr6NW1xJBf_K-ToxOknyFV_U9T-uDUOCBLixpYrAshB7LSmHRhlzPIdc=?_z=5419445&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/3xflJCWhUTJdHvqbstJqlMipqHDlTOFkVYqdtJuUuETyktk8KvZaV143tKu3KGsFds6GTHo3M573tTZiGSG4IN3Dg1ZmvNBGu2AdQBC-dROIxJg7tKu5gZfKkuBLix1CeaIK9QBfJhV3F8OR1AF62zZfdgHYJTS6SgFjDRY83kLirtWc93xLU_og9VsQM5d7W3sWQZ6HF_z5MXojZ2TAlf4wcvc-6rRZ5dxkUUEXTFcwpijioXJqBcEP_3Mzzrz_0kej7gu24lAye93Th_TFS_HcTUWqeiqylG38I-Yn5kPYc-qLg0G_pzrFlhEqX4rpsIMXyQ13vZoDSyW1PaLQDwhz6jdhYOCA2hLppcpR-2Kkv9eAO7xSd5vZi3CR0r6YP39nGcgi7_POlWyiVLC_vw98dwCUW8qDhcx2NE-9JvhMC2DW-pV0xzGYzqGCBQzIit3jVum0Nf6ClTQ-HysTNzu6m6b8ZgmrW1Kzb1B39BMlAuZs3_J3HGEuv0nEAWOupCY3B4M1ATXdO7BVRHANo9b9VaeiGH5HsKfV12r2I3L4zDDHEnydr6NW1xJBf_K-ToxOknyFV_U9T-uDUOCBLixpYrAshB7LSmHRhlzPIdc=?_z=5419445&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: OAID=183e39f47c714be69132da69a59caab3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:23 GMT
content-type: image/gif
content-length: 43
x-trace-id: 40284c6bb9790f2630e5316ca8991c16
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 222687
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.106200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.106:0
Hash 49dcb3f23a58f998f11d8c2ca1b90a68
0aee92fad52d2f03484a134901a90260af43e913
92223ea8fd1122967d4b3adaec6c401be4ab899e973ed13fb3fb90520cdefcfa
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 09:25:23 GMT
date: Sat, 03 Dec 2022 09:25:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 222689
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:25:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 23193c3c0d9580d0c757de17730ac556
5ac0a13fe68155bfd4c6a3076729da2578776f8c
5019cffffb2c40d48d084ac4bf0bfac07569ecbe8835293c9ee4d4404dbcd4da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5019CFFFFB2C40D48D084AC4BF0BFAC07569ECBE8835293C9EE4D4404DBCD4DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18183
Expires: Sat, 03 Dec 2022 14:28:28 GMT
Date: Sat, 03 Dec 2022 09:25:25 GMT
Connection: keep-alive
reproductiontape.com/sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd%3A1%3A1
192.243.61.225200 OK 4.5 kB URL HTTP/1.1 reproductiontape.com/sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6279), with no line terminators
Hash cb378372ebf9cb48bab9926b125bd0b2
4d2057db5a0034bf18648a2fef625ebcfd6cc632
7f87e8415adc9e1867632d959516e50926acb5a2ba6cefdc35fbc57ff6d3b2fe
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=38f00a36b3d7705a00e14d2d7baaa601&uuid=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd%3A1%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 09:25:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.file-upload.com
Access-Control-Allow-Origin: http://www.file-upload.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16537667; expires=Sun, 04 Dec 2022 09:25:25 GMT; secure; SameSite=None
uid_id2=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd:1:1; expires=Sat, 10 Dec 2022 09:25:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 04 Dec 2022 09:25:25 GMT; secure; SameSite=None
uncs=1; expires=Sun, 04 Dec 2022 09:25:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 04 Dec 2022 09:25:25 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 04 Dec 2022 09:25:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a99d596bed593be3475ae42615aeeb37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c770ed8e1043091817cf67c2338116d2
eb799e23dbf7d7fd82d63ec0220007e5b8196e48
addff025294dc6a89ff5f686910eb51ba8791c40f50b1c6b63ddc4c8db5808cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDFF025294DC6A89FF5F686910EB51BA8791C40F50B1C6B63DDC4C8DB5808CF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14296
Expires: Sat, 03 Dec 2022 13:23:41 GMT
Date: Sat, 03 Dec 2022 09:25:25 GMT
Connection: keep-alive
reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzg8PejKI4EEZxIOCO1s9v8ccgvmxEozZkEQjnqxfPVtOdVdT1T09WTwEAxIQYXLSY%2B83u1nUoOYPEGTWiywIO4KyB1e8iHchJw8yswOjD6ree%2FW9w%2Fd9rz7eyo8IRc4Or71lN7UxbLVZpZWXb%2BlE2sJXrt6shLRKz1Zu6aTVOFsZzi43eC2kzSp9pfKGEn27WqMhpSENK2vaqcgOV%2BcodPqwG1a7tNqoVcNmA0P3%2F97nATwLIAdH5Ay0nJ7e%2BPERtJggib%2B9qHw%2Fs%2Bmrl%2BLcsMw6DOTu20k%2FsUWCeFlGLkCU7C6mYf2UkM9PwCa7CwWwg%2B2ZAnA9JcGvIXiyu6AJPtg5ZsoNVAIun0IxmECZCTSbQNi70PKAAELi6jqS%2BMFV6wp2%2BxhlM3RKTj3%2BG7qYklO%2FPYMk%2Fvq80cPKDWvyTNvEYxiV0MMJdG%2BCNN9DthlAF3sQ2UfQ8iey%2BvgKknh73RsLLQ9fatRkGHZrbIUpxVca7Vp3pSta7ZVOJKJQtVoi5HJukdYT6GgCo0ZgPkA%2BOzpAHgXI0wCxPKywZjeitB3xqF7vNIQQ9boQzU5LNmW90YkocjHTMEKWjiDMCMLdQeruoK%2FvHzTPwOXfw2%2BU8DKAzwgGskShCApPUDCCQhMUGUExKHek8TVfPpDG5zxc5Noi18uxzXpbbMdmPZWQrfSIPD337p93L6CvDiv1TkQpq7d4XbbbtMkoVWFD1mSbM8ZaNITXJbQ%2FMVe6OVvkL%2B8jneVLf4CzPXizB6FfBMufByvG7RoF2xg3OhSbyTeRNmolT41lsipsDGlLpNkpZLeDLXNEnptT6f75BJTYP%2FfZp%2Bu%2Fn5XvQbgSqSvxgf6BoGfuja%2Fbgmxft4Unj9bTTMd6k81WfCNjmTr55ZvqdmGdvHzRj754XcyAWfnwpvLZFZZInfQ8%2Beq8llK5NeuEIt9d9rcUv5b7jfO5S%2FL0yrULa5fj1CnvtU0mYPrgnQ8h9JQ86frzz%2FvCX2vQbgKXl4jzfbIIaDuBSO%2FAp0v23hI4s5zhaYAiL8euxpePRhMYtewZL%2BH%2F0%2FNlveXvoecCsOwukrjEwJUYmBLMjODzk%2BMsdfvnfq7PA9wEY25csM2NM%2FePrfX6sKKaEY0UrSkedXnUZlR2o0aXs26o2rzJQmR%2BKj559vS%2FAAAA%2F%2F8BAAD%2F%2F75JAPGUBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzg8PejKI4EEZxIOCO1s9v8ccgvmxEozZkEQjnqxfPVtOdVdT1T09WTwEAxIQYXLSY%2B83u1nUoOYPEGTWiywIO4KyB1e8iHchJw8yswOjD6ree%2FW9w%2Fd9rz7eyo8IRc4Or71lN7UxbLVZpZWXb%2BlE2sJXrt6shLRKz1Zu6aTVOFsZzi43eC2kzSp9pfKGEn27WqMhpSENK2vaqcgOV%2BcodPqwG1a7tNqoVcNmA0P3%2F97nATwLIAdH5Ay0nJ7e%2BPERtJggib%2B9qHw%2Fs%2Bmrl%2BLcsMw6DOTu20k%2FsUWCeFlGLkCU7C6mYf2UkM9PwCa7CwWwg%2B2ZAnA9JcGvIXiyu6AJPtg5ZsoNVAIun0IxmECZCTSbQNi70PKAAELi6jqS%2BMFV6wp2%2BxhlM3RKTj3%2BG7qYklO%2FPYMk%2Fvq80cPKDWvyTNvEYxiV0MMJdG%2BCNN9DthlAF3sQ2UfQ8iey%2BvgKknh73RsLLQ9fatRkGHZrbIUpxVca7Vp3pSta7ZVOJKJQtVoi5HJukdYT6GgCo0ZgPkA%2BOzpAHgXI0wCxPKywZjeitB3xqF7vNIQQ9boQzU5LNmW90YkocjHTMEKWjiDMCMLdQeruoK%2FvHzTPwOXfw2%2BU8DKAzwgGskShCApPUDCCQhMUGUExKHek8TVfPpDG5zxc5Noi18uxzXpbbMdmPZWQrfSIPD337p93L6CvDiv1TkQpq7d4XbbbtMkoVWFD1mSbM8ZaNITXJbQ%2FMVe6OVvkL%2B8jneVLf4CzPXizB6FfBMufByvG7RoF2xg3OhSbyTeRNmolT41lsipsDGlLpNkpZLeDLXNEnptT6f75BJTYP%2FfZp%2Bu%2Fn5XvQbgSqSvxgf6BoGfuja%2Fbgmxft4Unj9bTTMd6k81WfCNjmTr55ZvqdmGdvHzRj754XcyAWfnwpvLZFZZInfQ8%2Beq8llK5NeuEIt9d9rcUv5b7jfO5S%2FL0yrULa5fj1CnvtU0mYPrgnQ8h9JQ86frzz%2FvCX2vQbgKXl4jzfbIIaDuBSO%2FAp0v23hI4s5zhaYAiL8euxpePRhMYtewZL%2BH%2F0%2FNlveXvoecCsOwukrjEwJUYmBLMjODzk%2BMsdfvnfq7PA9wEY25csM2NM%2FePrfX6sKKaEY0UrSkedXnUZlR2o0aXs26o2rzJQmR%2BKj559vS%2FAAAA%2F%2F8BAAD%2F%2F75JAPGUBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzg8PejKI4EEZxIOCO1s9v8ccgvmxEozZkEQjnqxfPVtOdVdT1T09WTwEAxIQYXLSY%2B83u1nUoOYPEGTWiywIO4KyB1e8iHchJw8yswOjD6ree%2FW9w%2Fd9rz7eyo8IRc4Or71lN7UxbLVZpZWXb%2BlE2sJXrt6shLRKz1Zu6aTVOFsZzi43eC2kzSp9pfKGEn27WqMhpSENK2vaqcgOV%2BcodPqwG1a7tNqoVcNmA0P3%2F97nATwLIAdH5Ay0nJ7e%2BPERtJggib%2B9qHw%2Fs%2Bmrl%2BLcsMw6DOTu20k%2FsUWCeFlGLkCU7C6mYf2UkM9PwCa7CwWwg%2B2ZAnA9JcGvIXiyu6AJPtg5ZsoNVAIun0IxmECZCTSbQNi70PKAAELi6jqS%2BMFV6wp2%2BxhlM3RKTj3%2BG7qYklO%2FPYMk%2Fvq80cPKDWvyTNvEYxiV0MMJdG%2BCNN9DthlAF3sQ2UfQ8iey%2BvgKknh73RsLLQ9fatRkGHZrbIUpxVca7Vp3pSta7ZVOJKJQtVoi5HJukdYT6GgCo0ZgPkA%2BOzpAHgXI0wCxPKywZjeitB3xqF7vNIQQ9boQzU5LNmW90YkocjHTMEKWjiDMCMLdQeruoK%2FvHzTPwOXfw2%2BU8DKAzwgGskShCApPUDCCQhMUGUExKHek8TVfPpDG5zxc5Noi18uxzXpbbMdmPZWQrfSIPD337p93L6CvDiv1TkQpq7d4XbbbtMkoVWFD1mSbM8ZaNITXJbQ%2FMVe6OVvkL%2B8jneVLf4CzPXizB6FfBMufByvG7RoF2xg3OhSbyTeRNmolT41lsipsDGlLpNkpZLeDLXNEnptT6f75BJTYP%2FfZp%2Bu%2Fn5XvQbgSqSvxgf6BoGfuja%2Fbgmxft4Unj9bTTMd6k81WfCNjmTr55ZvqdmGdvHzRj754XcyAWfnwpvLZFZZInfQ8%2Beq8llK5NeuEIt9d9rcUv5b7jfO5S%2FL0yrULa5fj1CnvtU0mYPrgnQ8h9JQ86frzz%2FvCX2vQbgKXl4jzfbIIaDuBSO%2FAp0v23hI4s5zhaYAiL8euxpePRhMYtewZL%2BH%2F0%2FNlveXvoecCsOwukrjEwJUYmBLMjODzk%2BMsdfvnfq7PA9wEY25csM2NM%2FePrfX6sKKaEY0UrSkedXnUZlR2o0aXs26o2rzJQmR%2BKj559vS%2FAAAA%2F%2F8BAAD%2F%2F75JAPGUBAAA HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: u_pl=16537667; uid_id2=42d1192a-aeeb-4729-9c67-8fcf1e66c1bd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 09:25:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 390ec18b763cbbacc5920354765a0162
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0f3fa70c4b85f9af8be81db15f2473b6
e5dadf573bde48707d00993b7a0301f7303f1a73
ede2da5cda82417700a040d95008b37aa7a30c1eeb053993b82c74fabbff65ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EDE2DA5CDA82417700A040D95008B37AA7A30C1EEB053993B82C74FABBFF65EA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3192
Expires: Sat, 03 Dec 2022 10:18:38 GMT
Date: Sat, 03 Dec 2022 09:25:26 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 03 Dec 2022 09:25:26 GMT
Date: Sat, 03 Dec 2022 09:25:26 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
45.133.44.4200 OK 492 B URL HTTP/2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text
Hash 3f0fe6e62d7bab7ac7d253b9547709d3
568810a7fb28c234338845f0ca9d91223ccc6e58
3dfad62e6d1557c95777fefc1135d0cf0cdb655ed1e6a1b0987590942eea7677
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:25 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 03 Dec 2022 10:25:25 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/img/close.png
172.64.109.13200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/img/close.png
IP 172.64.109.13:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/ssp/utility/live-message/3-2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 28 Apr 2022 08:29:14 GMT
etag: "626a505a-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1539245
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYGUisSSsRjX4dGGt3rBwxAweMbYdY1kukfnKuf8GEEcUL6i8M9bHY%2FDx5elkaAm2tmp4gQMjAtBbVyuae92hcZMv58a2X9dyvjBYIHjMw3K0nbAB%2FpoW2LGphxYr5ppcbzEIVKcVsMk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b41468de106f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js
172.64.109.13200 OK 32 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js
IP 172.64.109.13:0
File type ASCII text, with very long lines (65451)
Hash 903cd978ce608fb95877b53f572b1ae9
2b6ca60a9048649e9a2be7e8e37d51836886ef5f
c8ff76628f57c5d9777942b8bf4ba95f208d3dbf205c3a7d796939c911026f36
GET /sb/ssp/utility/live-message/3-2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:17 GMT
etag: W/"626a505d-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1539245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsyTREIw4Bc8ZmcuBK3gb9kMwv6TFyZ2wb4F0dU%2F9EKdKKcULAC3sRMZcfxLJnp4yyD0Lo5SlVri0Ma%2BXt3sYkQSXxfndA%2FygYRbmQ3EYuF1s5l%2BHC3vpSzPe9k3VEq4MnQ%2FGhMhZdQU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b41468dcd06f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9821
Expires: Sat, 03 Dec 2022 12:09:07 GMT
Date: Sat, 03 Dec 2022 09:25:26 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0f3fa70c4b85f9af8be81db15f2473b6
e5dadf573bde48707d00993b7a0301f7303f1a73
ede2da5cda82417700a040d95008b37aa7a30c1eeb053993b82c74fabbff65ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EDE2DA5CDA82417700A040D95008B37AA7A30C1EEB053993B82C74FABBFF65EA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3192
Expires: Sat, 03 Dec 2022 10:18:38 GMT
Date: Sat, 03 Dec 2022 09:25:26 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b849d6fec2795f05895691bebbaaf6e8
5bfd0781ebb28abf8bfe3afd2557a6290985eeea
394300ca7334229a7fee43d05aa2fc53d5e5acfea953c3852ecc9420abd9005c
GET /si/d8/9e/7e/d89e7e93f9084c1603a4d5c5eb150bd5/1667590681.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: image/png
content-length: 32483
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:38:09 GMT
etag: "63656a21-7ee3"
expires: Mon, 05 Dec 2022 09:25:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/bf/aa/60/bfaa60fe895a002eba68c7c50f3bbb9c/1667590665.png
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/bf/aa/60/bfaa60fe895a002eba68c7c50f3bbb9c/1667590665.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/bf/aa/60/bfaa60fe895a002eba68c7c50f3bbb9c/1667590665.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:37:53 GMT
etag: "63656a11-7ffb"
expires: Mon, 05 Dec 2022 09:25:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/style.css
172.64.109.13200 OK 1.6 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/style.css
IP 172.64.109.13:0
Hash 1383ff77a305cbbde6dd2f35a747ef33
f3b341dcdbf56dd56e19348bf352370265bbfd30
ee44277ebc4dc007956e8d709ad10b2d9f897a6a88b58c0d0f23c405bae73d6a
GET /sb/ssp/utility/live-message/3-2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-22dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXpgu70EVTrlpHT4fatT7JVJ1aU4vnXOoArlP71IALsfRYCH3OcrMlFEP058HjeQTCP72iPfz%2Bn0B1oARNMn1JYfzEBP6bzA6N3ieTaSXobnUcWeldSv0aOSG%2BeJOHDzZHTA2NqdYMPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b4145fa96889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=384
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=384
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=384 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 09:25:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=253
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=253
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=253 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.file-upload.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 09:25:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css
IP 172.64.109.13:0
GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fq8cS0uzgx%2FZBy7JOz4MQEocQYqFVu1obfztvxB8nu%2Fa5CtDdDmW6XLt%2BQGy%2FdDuAqit1HrU%2FsTAc%2Flw06pSRSH9T%2FaM5Key8fakSASXEauofy4usGAm4t22k0YsZWo%2BTP%2BPF%2Bk3HtW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b41460abe889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oaphoace.net/500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
GET /500/5419445?excludes=&oaid=183e39f47c714be69132da69a59caab3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fwww.file-upload.com%2Fwt5wpht3gpbf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Cookie: OAID=183e39f47c714be69132da69a59caab3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: application/javascript
x-trace-id: 7870ea84c7fd2f424597ed998f588adf
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: http://www.file-upload.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=183e39f47c714be69132da69a59caab3; expires=Sun, 03 Dec 2023 09:25:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 110a7138efc8ba64deaf11b8dca0fd97
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:17:26 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 04 Dec 2022 07:45:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 5972
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcYrw%2FbIUQam062NmDH3mfw%2FivIFCJIcZ0mR%2FouIeYIZ4MRhA4uwHTiFrzySFNlyVtESBDFoYCEYHbjY%2BsLhyHcyrwS%2BGHAKPE3VkpVVkbCmZKKsy235JKFClPtkf58a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b411b1e7bfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/js/script.js
IP 172.64.109.13:0
GET /sb/ssp/utility/live-message/3-2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.file-upload.com
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:26 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:16 GMT
etag: W/"626a505c-495"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx5TjHN%2F8pmV64OAkIL%2BqvZ4%2BI6bQAp4LYcIbc3UQtLhUTNRAtTDg2F%2By3G%2BgevMrvR66l3QqT5cI7qDWs0%2B3uh%2FW8%2BH8dXi1AprV4Trq%2BSieWL9lcla6D1X5dS0QfrOY3A%2Fbcnm2X0Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b41471c5b889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oaphoace.net/401/5419445
139.45.197.239200 OK 0 B IP 139.45.197.239:0
GET /401/5419445 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.file-upload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:25:19 GMT
content-type: application/javascript
x-trace-id: 35a785d095fd32d967ca81ab0625cd7d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=38426dea3ca14325a4c3661939f43932; expires=Sun, 03 Dec 2023 09:25:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2096913384%3A1670059520096996&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs-YkkenIY3bmSbalXL8QDJRxk_kx8Nuvsu4N35d1l9jur61nXZ3MxVVnQKMpubY1vPfGld
216.58.211.13403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-2096913384%3A1670059520096996&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs-YkkenIY3bmSbalXL8QDJRxk_kx8Nuvsu4N35d1l9jur61nXZ3MxVVnQKMpubY1vPfGld
IP 216.58.211.13:0
GET /v3/signin/identifier?dsh=S-2096913384%3A1670059520096996&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs-YkkenIY3bmSbalXL8QDJRxk_kx8Nuvsu4N35d1l9jur61nXZ3MxVVnQKMpubY1vPfGld HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 09:25:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-TyPo2mzH9MxkwmvvoYaCkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.file-upload.com/
Origin: http://www.file-upload.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:25:20 GMT
content-type: text/plain
set-cookie: csu=1077872859214610@1@1670059520; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://www.file-upload.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHkUBAZSdpJc05oWKETM2ANTOG3PKvY1axNEtgiS2pMQZnHUwu37xwtumYNvDC2feI3elVAWZbMSfGPTnQFA2z2bBN84ZATzLe2FSVw6T3LwMQnvFPU9mW0nOVDGIFOo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b412179cd7719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2