cdn-133.bayfiles.com/m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar
195.96.151.88301 Moved Permanently 162 B URL HTTP/1.1 cdn-133.bayfiles.com/m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar
IP 195.96.151.88:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar HTTP/1.1
Host: cdn-133.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-133.bayfiles.com/m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 15:10:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fhTovHYc8IMrpiVhoPlAj16jHZ3wrrtdxu4Zr45aAAYWBO2BCm47aA==
Age: 1229
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14697
Expires: Fri, 16 Sep 2022 19:36:16 GMT
Date: Fri, 16 Sep 2022 15:31:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mVZ-WIi_x3Cxl3KwOgaY82x3Sh8Itw83f9jyrRafdltVhELI6yOf-w==
age: 39364
X-Firefox-Spdy: h2
cdn-133.bayfiles.com/m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar
195.96.151.88301 Moved Permanently 0 B URL HTTP/1.1 cdn-133.bayfiles.com/m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar
IP 195.96.151.88:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m2abmf2fy0/be489ead-1663254183/proxy%20&%20vpn%20tools%20&%20utilities%20pack.rar HTTP/1.1
Host: cdn-133.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://bayfiles.com/m2abmf2fy0
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b32a03fb5d4658be4ff310b37a0c7b61
59d9dfe1de522327b17e37ea4bfe21539d28ccc7
319c5ec82bcbce9a047b58495c15ad12d71e308b8a8fe44ed59d89a011d0f76a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319C5EC82BCBCE9A047B58495C15AD12D71E308B8A8FE44ED59D89A011D0F76A"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12568
Expires: Fri, 16 Sep 2022 19:00:47 GMT
Date: Fri, 16 Sep 2022 15:31:19 GMT
Connection: keep-alive
bayfiles.com/m2abmf2fy0
45.154.253.151200 OK 2.9 kB IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (661)
Hash 4471f35105dfa621b500cbc8270c4d03
29b485896bc5b02ea917309de4b3948dae8d60e1
9dab8ee7aab113b360ec3325dcb8bba41f412e19122b470c6c2811cb3410c463
GET /m2abmf2fy0 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: Y
x-oh: 4
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 15:31:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bayfiles.com/css/bayfiles.css?1661352192
45.154.253.151200 OK 25 kB URL HTTP/1.1 bayfiles.com/css/bayfiles.css?1661352192
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash 896df88019eabed295bc78a2f053ab92
1bca351d99600fb10583eb28c638dd58482535a0
b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0
GET /css/bayfiles.css?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 828
Content-Encoding: gzip
bayfiles.com/sw.js
45.154.253.151200 OK 14 kB IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 3322
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.86.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.86.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Fri, 16 Sep 2022 15:31:20 GMT
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 9051
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
bayfiles.com/js/app.js?1661352192
45.154.253.151200 OK 58 kB URL HTTP/1.1 bayfiles.com/js/app.js?1661352192
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 50
Content-Encoding: gzip
bayfiles.com/img/flags/24/dk.png
45.154.253.151200 OK 537 B URL HTTP/1.1 bayfiles.com/img/flags/24/dk.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 96
accept-ranges: bytes
bayfiles.com/img/flags/24/fi.png
45.154.253.151200 OK 456 B URL HTTP/1.1 bayfiles.com/img/flags/24/fi.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 85
accept-ranges: bytes
bayfiles.com/img/flags/24/pl.png
45.154.253.151200 OK 347 B URL HTTP/1.1 bayfiles.com/img/flags/24/pl.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 105
accept-ranges: bytes
vjs.zencdn.net/7.3.0/video.min.js
151.101.86.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Fri, 16 Sep 2022 15:31:20 GMT
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/no.png
45.154.253.151200 OK 611 B URL HTTP/1.1 bayfiles.com/img/flags/24/no.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 912
accept-ranges: bytes
bayfiles.com/img/file/filetypes/ext/rar.png?1597394788
45.154.253.151200 OK 631 B URL HTTP/1.1 bayfiles.com/img/file/filetypes/ext/rar.png?1597394788
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d33954367bc5d15c7f0e01857e7ae8ea
b8b5ba4e52c439feed2b51c7f982be6f4dee3aae
a6f8963dd8d602e135e8b860b7e48badfd78c2b1bef9ec362a39ce2fc484606f
GET /img/file/filetypes/ext/rar.png?1597394788 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 631
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 143
accept-ranges: bytes
bayfiles.com/img/flags/24/jp.png
45.154.253.151200 OK 599 B URL HTTP/1.1 bayfiles.com/img/flags/24/jp.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 66
accept-ranges: bytes
bayfiles.com/img/flags/24/br.png
45.154.253.151200 OK 1.1 kB URL HTTP/1.1 bayfiles.com/img/flags/24/br.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 90
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 15:21:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _GLvsABKIMFfhMU4nXQ7ZJqu3yaoA7LATGjwjsgDQ8-_7ezOLhLwqQ==
Age: 1678
bayfiles.com/img/flags/24/de.png
45.154.253.151200 OK 483 B URL HTTP/1.1 bayfiles.com/img/flags/24/de.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1009
accept-ranges: bytes
bayfiles.com/static/logo.png
45.154.253.151200 OK 39 kB URL HTTP/1.1 bayfiles.com/static/logo.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash d39dfc9566d5264e198224dc249dd6bb
67ec60e7df6257a32f41e45e6877dc65f036ef0f
0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a
GET /static/logo.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 38607
Connection: keep-alive
last-modified: Fri, 14 Aug 2020 11:23:32 GMT
etag: "5f367434-96cf"
bayfiles.com/img/flags/24/fr.png
45.154.253.151200 OK 536 B URL HTTP/1.1 bayfiles.com/img/flags/24/fr.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 82
accept-ranges: bytes
bayfiles.com/img/flags/24/kr.png
45.154.253.151200 OK 988 B URL HTTP/1.1 bayfiles.com/img/flags/24/kr.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 100
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5053
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:20 GMT
Last-Modified: Fri, 16 Sep 2022 14:07:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
bayfiles.com/img/flags/24/ru.png
45.154.253.151200 OK 403 B URL HTTP/1.1 bayfiles.com/img/flags/24/ru.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 82
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737333
54.230.245.59200 OK 98 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333
IP 54.230.245.59:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 1a9ce7da672c96d29c6bd4df3d54b555
43f968205187b8103beab2d8c21bccf064153246
b2dd665e624412c0fb25b3aada101bfb8cebfcfcf935ca2db65d7b67ae4f9f11
GET /?xsvjd=737333 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 98004
date: Fri, 16 Sep 2022 15:31:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0ScBqPOSrCtGfyhW21_Km7iJbWmFZuZn2LMLWXl--isEdvR-nctNIg==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/in.png
45.154.253.151200 OK 593 B URL HTTP/1.1 bayfiles.com/img/flags/24/in.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 841
accept-ranges: bytes
bayfiles.com/img/flags/24/se.png
45.154.253.151200 OK 581 B URL HTTP/1.1 bayfiles.com/img/flags/24/se.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 102
accept-ranges: bytes
bayfiles.com/img/flags/24/es.png
45.154.253.151200 OK 666 B URL HTTP/1.1 bayfiles.com/img/flags/24/es.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:20 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 88
accept-ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 957470df815c0292a2efcee6a28efc6b
d5bec87e2bb369cf397dd2eab4d2bdf80210b75d
46ddec32af98c535c0b7a5a8fd15e8923ba3767b9cedc15bc7cc7cd989310e17
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "46DDEC32AF98C535C0B7A5A8FD15E8923BA3767B9CEDC15BC7CC7CD989310E17"
Last-Modified: Wed, 14 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 16 Sep 2022 16:33:31 GMT
Date: Fri, 16 Sep 2022 15:31:20 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2LD/EWeGaTCEYYOKGiBhuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4jKO4RJ+i8ydnaZKeVGfK9jG1/Q=
akelandord.buzz/WXd1ZUE4FRYIfjhKF0M0KxtIQHMfUkcjJTMBTFwyIRgEFTdoRlsGLTYCEQMzNhkBSy88A1BXBxoTRA0WCCEaMA8jEBs/EBQPOAs5LSUyXC06Ghk3DDAiACsAPRs4ISkwOTQnLRgzJyInMD5CNSopGBYmcW4wIVwzAw1NPw5rAwIDAwBPOy05LCImEiwVHTMuDB1PQCsAEAU7HCYjNhtRKxAwFgQPIAAaKykqQhZWDDomGz8sAzAdLSIaQgIEcBMFMyITNiUPNGRrMTkceQkRIjc5EBxMEAIBEwAwLCoiLyIpETwcJyo4Iy8NGB5OBD0vaBwWMXEKOA9IcSwRRTAkAz8zFxNrHxsGFi0kFAgYNzoCMHgUNEEMFDQYJAAGIS0ULQBpLUU8ZzMEGgsxZBEMXQIBRDQLcA
143.204.55.24200 OK 1.2 kB URL HTTP/2 akelandord.buzz/WXd1ZUE4FRYIfjhKF0M0KxtIQHMfUkcjJTMBTFwyIRgEFTdoRlsGLTYCEQMzNhkBSy88A1BXBxoTRA0WCCEaMA8jEBs/EBQPOAs5LSUyXC06Ghk3DDAiACsAPRs4ISkwOTQnLRgzJyInMD5CNSopGBYmcW4wIVwzAw1NPw5rAwIDAwBPOy05LCImEiwVHTMuDB1PQCsAEAU7HCYjNhtRKxAwFgQPIAAaKykqQhZWDDomGz8sAzAdLSIaQgIEcBMFMyITNiUPNGRrMTkceQkRIjc5EBxMEAIBEwAwLCoiLyIpETwcJyo4Iy8NGB5OBD0vaBwWMXEKOA9IcSwRRTAkAz8zFxNrHxsGFi0kFAgYNzoCMHgUNEEMFDQYJAAGIS0ULQBpLUU8ZzMEGgsxZBEMXQIBRDQLcA
IP 143.204.55.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3010), with no line terminators
Hash 612db6fedce7f71d2651dcb46ead5d94
544a871a795407b0aac52a46a309cc11e9d31d04
780961d2bd1c9fc88390f2d48d4f40f059a8d6f0454688caf4705cb07aeafe54
GET /WXd1ZUE4FRYIfjhKF0M0KxtIQHMfUkcjJTMBTFwyIRgEFTdoRlsGLTYCEQMzNhkBSy88A1BXBxoTRA0WCCEaMA8jEBs/EBQPOAs5LSUyXC06Ghk3DDAiACsAPRs4ISkwOTQnLRgzJyInMD5CNSopGBYmcW4wIVwzAw1NPw5rAwIDAwBPOy05LCImEiwVHTMuDB1PQCsAEAU7HCYjNhtRKxAwFgQPIAAaKykqQhZWDDomGz8sAzAdLSIaQgIEcBMFMyITNiUPNGRrMTkceQkRIjc5EBxMEAIBEwAwLCoiLyIpETwcJyo4Iy8NGB5OBD0vaBwWMXEKOA9IcSwRRTAkAz8zFxNrHxsGFi0kFAgYNzoCMHgUNEEMFDQYJAAGIS0ULQBpLUU8ZzMEGgsxZBEMXQIBRDQLcA HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1168
date: Fri, 16 Sep 2022 15:31:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4-Fr70AbUDKrFQ-MfZq_BxFlsq3ApyfIlME0WYXVkYM9d4vU9bTPeg==
X-Firefox-Spdy: h2
akelandord.buzz/SFF4TVcpMxsgaClsGmsiOj1FaGUOdEoLMyInQXQkMD4JPSF5YFYuOyckHCslJz8MYzktJV1/ETwyLi5nKQYbHhgOPigaFh10Sg8CDgMpHxANGSAhERABLS4QCwA+PAMhBCoLMH01KBwCcBwwdRMAPRsnAy9gGRwPDgg7DDwfMBAEGgsDMjwVHWk/CwMdGyAYEg4bST4UHzkTaGUKBTkuBAk7IikWChsgBDseBDslYzwJKRgbDRkxCht5Gx4XLw4zLnw8PhMuJRQZOS0fAHkyHB07JzIwfAUkEzoLMRomHw4PHRs7CwUOMy46GiAULiI6GxY9LAAdZC0XBmUANww/AWkvfS8eH0oYEh8XHA8NLwMhHDwGPy0qFh4XPAs1DQQyCRIZYB4eAg4pKRsFH3cSPjgmIUU3Gz42ISQDKhwfBj0x
143.204.55.24200 OK 1.2 kB URL HTTP/2 akelandord.buzz/SFF4TVcpMxsgaClsGmsiOj1FaGUOdEoLMyInQXQkMD4JPSF5YFYuOyckHCslJz8MYzktJV1/ETwyLi5nKQYbHhgOPigaFh10Sg8CDgMpHxANGSAhERABLS4QCwA+PAMhBCoLMH01KBwCcBwwdRMAPRsnAy9gGRwPDgg7DDwfMBAEGgsDMjwVHWk/CwMdGyAYEg4bST4UHzkTaGUKBTkuBAk7IikWChsgBDseBDslYzwJKRgbDRkxCht5Gx4XLw4zLnw8PhMuJRQZOS0fAHkyHB07JzIwfAUkEzoLMRomHw4PHRs7CwUOMy46GiAULiI6GxY9LAAdZC0XBmUANww/AWkvfS8eH0oYEh8XHA8NLwMhHDwGPy0qFh4XPAs1DQQyCRIZYB4eAg4pKRsFH3cSPjgmIUU3Gz42ISQDKhwfBj0x
IP 143.204.55.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash fc9ea8938abec2fc7f6736e30c56418c
56c38c88fab6d3925bc0f9cd9b4e589f036dc684
946acdb33352ec5fad54785d706a57274c71b5afde091e2fcb5b2906f3b213f9
GET /SFF4TVcpMxsgaClsGmsiOj1FaGUOdEoLMyInQXQkMD4JPSF5YFYuOyckHCslJz8MYzktJV1/ETwyLi5nKQYbHhgOPigaFh10Sg8CDgMpHxANGSAhERABLS4QCwA+PAMhBCoLMH01KBwCcBwwdRMAPRsnAy9gGRwPDgg7DDwfMBAEGgsDMjwVHWk/CwMdGyAYEg4bST4UHzkTaGUKBTkuBAk7IikWChsgBDseBDslYzwJKRgbDRkxCht5Gx4XLw4zLnw8PhMuJRQZOS0fAHkyHB07JzIwfAUkEzoLMRomHw4PHRs7CwUOMy46GiAULiI6GxY9LAAdZC0XBmUANww/AWkvfS8eH0oYEh8XHA8NLwMhHDwGPy0qFh4XPAs1DQQyCRIZYB4eAg4pKRsFH3cSPjgmIUU3Gz42ISQDKhwfBj0x HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1175
date: Fri, 16 Sep 2022 15:31:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kJbyHir09XJB307RNdzA0sedVVn14BbB76vUTChKCGil29YwzMyUVQ==
X-Firefox-Spdy: h2
akelandord.buzz/S09qRGsqLQkpVCpyCGIeOSNXYVkNalgCDyE5U30YMyAbNB16fkQnByQ6DiIZJCEeagUuO092LXoZWC9bKAkFdCknID0eOAYOPwFaPxUscCMafVM8KnssDAooLxoyLAM9FSwwDA41MyMjeRouDSgNLi8jOiwCWxUuHSUzdil6ASQiLwIHPHRaOSw7LDoOIg4uP3sKOB4RJAg+LAB5AB0jORonEi05PB08JSwvDT4BLTksBjRZHRgCKikdfw8IEnICKC8qIi1bfRkZIl89PCUVPCUsKC07KD07CQYFKBMiGmFZCRsrHiobGyMPMzN2T3YtERxSAzoMOwQTOmYZKyVYAS0oBjIxBTs8OAM2ID08eAUgJiMnFS8jPSUVDWIBOCAENFYhJ193WR8sBjMdGjwQMlg
143.204.55.24200 OK 1.2 kB URL HTTP/2 akelandord.buzz/S09qRGsqLQkpVCpyCGIeOSNXYVkNalgCDyE5U30YMyAbNB16fkQnByQ6DiIZJCEeagUuO092LXoZWC9bKAkFdCknID0eOAYOPwFaPxUscCMafVM8KnssDAooLxoyLAM9FSwwDA41MyMjeRouDSgNLi8jOiwCWxUuHSUzdil6ASQiLwIHPHRaOSw7LDoOIg4uP3sKOB4RJAg+LAB5AB0jORonEi05PB08JSwvDT4BLTksBjRZHRgCKikdfw8IEnICKC8qIi1bfRkZIl89PCUVPCUsKC07KD07CQYFKBMiGmFZCRsrHiobGyMPMzN2T3YtERxSAzoMOwQTOmYZKyVYAS0oBjIxBTs8OAM2ID08eAUgJiMnFS8jPSUVDWIBOCAENFYhJ193WR8sBjMdGjwQMlg
IP 143.204.55.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3003), with no line terminators
Hash 8160fb60d0b847b654d0df467d1924e0
1b025c8a8c38247a5328d9779d3f1fe5b45cab2f
fc61180e1fa5d037abec3fe2498ef736f6dcaf518e47f8aa29c8b39b06f23f0b
GET /S09qRGsqLQkpVCpyCGIeOSNXYVkNalgCDyE5U30YMyAbNB16fkQnByQ6DiIZJCEeagUuO092LXoZWC9bKAkFdCknID0eOAYOPwFaPxUscCMafVM8KnssDAooLxoyLAM9FSwwDA41MyMjeRouDSgNLi8jOiwCWxUuHSUzdil6ASQiLwIHPHRaOSw7LDoOIg4uP3sKOB4RJAg+LAB5AB0jORonEi05PB08JSwvDT4BLTksBjRZHRgCKikdfw8IEnICKC8qIi1bfRkZIl89PCUVPCUsKC07KD07CQYFKBMiGmFZCRsrHiobGyMPMzN2T3YtERxSAzoMOwQTOmYZKyVYAS0oBjIxBTs8OAM2ID08eAUgJiMnFS8jPSUVDWIBOCAENFYhJ193WR8sBjMdGjwQMlg HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Fri, 16 Sep 2022 15:31:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7GClUtfZuuGe53LCm_g4PmwoIKEm62QJLwHoVh2KNCcqGoH-00WSZg==
X-Firefox-Spdy: h2
fntlyenclothe.xyz/Y0Z4MWRMeRtCWQYQLgM9GS42azE5EDwBJg0SFGQuMhEcYTIEcl5FDQd7TwRSUHFOFxQKIkUDXUU1DFAQFjVFAEIKKB5eWUUwRQBKU2hNCEpSYA0MVUUyCFADXndeQRAXKkUAUlV1SwVWUXBMBVJX
172.67.175.8204 No Content 0 B URL HTTP/2 fntlyenclothe.xyz/Y0Z4MWRMeRtCWQYQLgM9GS42azE5EDwBJg0SFGQuMhEcYTIEcl5FDQd7TwRSUHFOFxQKIkUDXUU1DFAQFjVFAEIKKB5eWUUwRQBKU2hNCEpSYA0MVUUyCFADXndeQRAXKkUAUlV1SwVWUXBMBVJX
IP 172.67.175.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y0Z4MWRMeRtCWQYQLgM9GS42azE5EDwBJg0SFGQuMhEcYTIEcl5FDQd7TwRSUHFOFxQKIkUDXUU1DFAQFjVFAEIKKB5eWUUwRQBKU2hNCEpSYA0MVUUyCFADXndeQRAXKkUAUlV1SwVWUXBMBVJX HTTP/1.1
Host: fntlyenclothe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 15:31:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6Ml4XoeFHC1GpssuoJuVwzp%2FrpFO07Ku5H%2FefPOneuDsv2OTWAkgy48AC6ksiGp3c4y%2BYdvXIqbeSn3N29fKVbUkyjLiUUesEZMVKUH12O083mkufPgc%2F8zE9qMUi6VlKYhNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74baa6072d94b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fntlyenclothe.xyz/RmYwWGRpWVMrWRQhWBsHACwJAAo2IWprMhcFdRIIIldIaDUBJxYsDSJbB2tTdVUFfhQvAg1pXGAVRDkQMxUNaUIvCFY3WWAQDWlKdkgBdldgEw1pQjIWUT9Zd0BALBAqWwFuUnVVBGpWcFIEb1w
172.67.175.8204 No Content 0 B URL HTTP/2 fntlyenclothe.xyz/RmYwWGRpWVMrWRQhWBsHACwJAAo2IWprMhcFdRIIIldIaDUBJxYsDSJbB2tTdVUFfhQvAg1pXGAVRDkQMxUNaUIvCFY3WWAQDWlKdkgBdldgEw1pQjIWUT9Zd0BALBAqWwFuUnVVBGpWcFIEb1w
IP 172.67.175.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RmYwWGRpWVMrWRQhWBsHACwJAAo2IWprMhcFdRIIIldIaDUBJxYsDSJbB2tTdVUFfhQvAg1pXGAVRDkQMxUNaUIvCFY3WWAQDWlKdkgBdldgEw1pQjIWUT9Zd0BALBAqWwFuUnVVBGpWcFIEb1w HTTP/1.1
Host: fntlyenclothe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 15:31:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE8Bee0MLCsmbZscPRQ2Da8TYRCy%2FJnF92iyUBReN%2Fv67DWkQzK0NwieQIm4FI506dFO7To5n%2BbZP522tVddAz6doeQqrM%2FQaAD8t2xKMtDaks6K%2BwOj1AYukuSwwJNNkqM4YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74baa6073d9db52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fntlyenclothe.xyz/NXhvbEUaRwwfeGM/JSMSckECOh0ACjg7B1QdOCoSbD4hWicEF0kYLFFFWF9yBktcSjVcHFJdY0YMDhgwRkVeSixbHgBRY0NFXkJ2AVZdVGsEXhpRdBMMHw0iCElJHDFBFFJdcwNLXFh3B05bWHEC
172.67.175.8204 No Content 0 B URL HTTP/2 fntlyenclothe.xyz/NXhvbEUaRwwfeGM/JSMSckECOh0ACjg7B1QdOCoSbD4hWicEF0kYLFFFWF9yBktcSjVcHFJdY0YMDhgwRkVeSixbHgBRY0NFXkJ2AVZdVGsEXhpRdBMMHw0iCElJHDFBFFJdcwNLXFh3B05bWHEC
IP 172.67.175.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NXhvbEUaRwwfeGM/JSMSckECOh0ACjg7B1QdOCoSbD4hWicEF0kYLFFFWF9yBktcSjVcHFJdY0YMDhgwRkVeSixbHgBRY0NFXkJ2AVZdVGsEXhpRdBMMHw0iCElJHDFBFFJdcwNLXFh3B05bWHEC HTTP/1.1
Host: fntlyenclothe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 15:31:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSVrGsPP5o0mkNz3GsRmHT%2F%2FNFp3T9VfDUFNlYvUc44VZs2uccJTQExImVMvcHsOiulrbQ2JxAppdbEZfYMzgJBq7cblF2G5r05nmF7XSu1HzVh%2BA%2FicSDtz4LtLyl%2BvJ8DK6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74baa6071d8bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 957470df815c0292a2efcee6a28efc6b
d5bec87e2bb369cf397dd2eab4d2bdf80210b75d
46ddec32af98c535c0b7a5a8fd15e8923ba3767b9cedc15bc7cc7cd989310e17
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "46DDEC32AF98C535C0B7A5A8FD15E8923BA3767B9CEDC15BC7CC7CD989310E17"
Last-Modified: Wed, 14 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Fri, 16 Sep 2022 16:33:31 GMT
Date: Fri, 16 Sep 2022 15:31:20 GMT
Connection: keep-alive
bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597394788
45.154.253.151200 OK 1.4 kB URL HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597394788
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9549584e9288a5dd9d163daa26a6f34d
0c7a71967bd4570770aa9b1043a1d82cd8969252
d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
GET /img/favicon/favicon-32x32-bayfiles.png?1597394788 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/m2abmf2fy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 15:31:21 GMT
Content-Type: image/png
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 263
accept-ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ec52a9469dc1cc9de649d7238276cd9
df7ded27bcf84d34f341564285df04676abfd5dd
52c79cc06ce6e30ea1aed724d2161ce936bd77e6e1c2427ba10dbbca80b06ce1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52C79CC06CE6E30EA1AED724D2161CE936BD77E6E1C2427BA10DBBCA80B06CE1"
Last-Modified: Wed, 14 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12375
Expires: Fri, 16 Sep 2022 18:57:36 GMT
Date: Fri, 16 Sep 2022 15:31:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ec52a9469dc1cc9de649d7238276cd9
df7ded27bcf84d34f341564285df04676abfd5dd
52c79cc06ce6e30ea1aed724d2161ce936bd77e6e1c2427ba10dbbca80b06ce1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52C79CC06CE6E30EA1AED724D2161CE936BD77E6E1C2427BA10DBBCA80B06CE1"
Last-Modified: Wed, 14 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12375
Expires: Fri, 16 Sep 2022 18:57:36 GMT
Date: Fri, 16 Sep 2022 15:31:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e93324d6ebf7de1bf51a43d1cfce9fbc
673a6701d07f44a1139eeb7693ca220cf1bdb954
c977af10b5b436b49e038bde9c841a77830cd20a1c3d084d4fb833e9089b495c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:21 GMT
Last-Modified: Fri, 16 Sep 2022 14:24:36 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3c4ccde3c005912d7beb96d384b682bb
32921158136d33b968ae900879201217e2eb4ff3
4e53060ab4fb2227c698e4f3487ced9512af7bea2c5842c106d9970bbb3842a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10a81ef20281f280d5309b9a878188a5
50cc8ea86a0daee9423ac68558427d4e98b0dba3
93e14da10b080113480dd8fb1aa6e67711a35931d9a5b24c8e4c599dcf357377
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ec52a9469dc1cc9de649d7238276cd9
df7ded27bcf84d34f341564285df04676abfd5dd
52c79cc06ce6e30ea1aed724d2161ce936bd77e6e1c2427ba10dbbca80b06ce1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52C79CC06CE6E30EA1AED724D2161CE936BD77E6E1C2427BA10DBBCA80B06CE1"
Last-Modified: Wed, 14 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12375
Expires: Fri, 16 Sep 2022 18:57:36 GMT
Date: Fri, 16 Sep 2022 15:31:21 GMT
Connection: keep-alive
akelandord.buzz/utx?cb=svDKzpbapAXq&top=bayfiles.com&tid=756376
143.204.55.24204 No Content 0 B URL HTTP/2 akelandord.buzz/utx?cb=svDKzpbapAXq&top=bayfiles.com&tid=756376
IP 143.204.55.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=svDKzpbapAXq&top=bayfiles.com&tid=756376 HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 15:31:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 16 Sep 2022 15:32:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Aeth8W1UvFbXI98tpYkJbC9oL144CDCljgdz1ejmtCUr8Of1Ac8oOw==
X-Firefox-Spdy: h2
akelandord.buzz/utx?cb=jSYqJYqj2SIo&top=bayfiles.com&tid=737333
143.204.55.24204 No Content 0 B URL HTTP/2 akelandord.buzz/utx?cb=jSYqJYqj2SIo&top=bayfiles.com&tid=737333
IP 143.204.55.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=jSYqJYqj2SIo&top=bayfiles.com&tid=737333 HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 15:31:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 16 Sep 2022 15:32:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k0CEo8CFL0rNhO8CnPGYgZxH4SAfdKeOXWdXUJj9d603Uy20OV_hdQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 26fab68c4534d3b989db8eb7ce96fb79
c3f108f2b47cdf3a04a8c6018d7a6e1ae95b56ae
8d5f9c2f0ab71cbce881ac5940229ee478bcea5b30261d31903d43f39bd38b45
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 15:31:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1375866456%3A1663342281172431&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWokpwkaDrUi91ZwjO6rLBLBi4r8I9yv2KbCUKaWuxw4Jz5boCYRZ6iOGQVwdSjUpISnZe9H
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-2bvGNoMrtbo2DXd5rxfPeg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:zy4LsI5JNUt4WpGux9Pq8yZAOUcqYQ:6lE-lPBggq4Au1CK;Path=/;Expires=Sun, 15-Sep-2024 15:31:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 5b6bb4b1cecc978d9237428ad4778403
91226bb2e0b092178c911e4fbcff2cc55d9a8501
a03974393c944d00ff288b77f99f9c627d278f59e1e3ac053b2fa806ca41c8e1
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 15:31:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S688139116%3A1663342281174491&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSkaafNHPyKvrCQIthyr6q6RXTX5GBMGIHgggDajQuVGFQ-nvIp9a2wuNwm_G9q0jAY8qY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-chAtA4D3Ewn-uez5hixgcA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:v0tLRdIYnRz-BlaC59AMtt5wmlZOMg:NBK7Ekxn2INSsi_0;Path=/;Expires=Sun, 15-Sep-2024 15:31:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/Cd1hWQVoUNzgnZQMxMnxtRG9lcmlRMiUuNAdlMDhiNABlADRGfiI7PkpocC07GT9rZz8ZO2twfBY8NHxuUSwmLjFKMD85NAIrNygzAn4jIGcaNywoNhs5c3McQnZmZGhHcC5wa1JrFGRoRzQ/Ly8PfWRxIk9uCXduUmsUZGhHKiBkaTZhYG9qXn1kcT0SOz-0uf0UeZHFrR2hncWtSamYnMwU9MC4iUmoQeGxZaHA0Z0Y
54.230.245.59200 OK 540 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/Cd1hWQVoUNzgnZQMxMnxtRG9lcmlRMiUuNAdlMDhiNABlADRGfiI7PkpocC07GT9rZz8ZO2twfBY8NHxuUSwmLjFKMD85NAIrNygzAn4jIGcaNywoNhs5c3McQnZmZGhHcC5wa1JrFGRoRzQ/Ly8PfWRxIk9uCXduUmsUZGhHKiBkaTZhYG9qXn1kcT0SOz-0uf0UeZHFrR2hncWtSamYnMwU9MC4iUmoQeGxZaHA0Z0Y
IP 54.230.245.59:0
File type ASCII text, with very long lines (765), with no line terminators
Hash 1ce1b0c682fb10b3f18b7d3646564f3f
8f9d4c9eb96f7e7dff4adb9270be8856c999b56e
60c1efbcf448fc03459a841b299336b404dc6ad7db8ca1e6b8319a070de90ddd
Analyzer Verdict Alert fortinet Malware
GET /Cd1hWQVoUNzgnZQMxMnxtRG9lcmlRMiUuNAdlMDhiNABlADRGfiI7PkpocC07GT9rZz8ZO2twfBY8NHxuUSwmLjFKMD85NAIrNygzAn4jIGcaNywoNhs5c3McQnZmZGhHcC5wa1JrFGRoRzQ/Ly8PfWRxIk9uCXduUmsUZGhHKiBkaTZhYG9qXn1kcT0SOz-0uf0UeZHFrR2hncWtSamYnMwU9MC4iUmoQeGxZaHA0Z0Y HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://akelandord.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 540
date: Fri, 16 Sep 2022 15:31:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cGCDXi2WlbfwKtysJRdcH8YiwrtJiiFLwgVzVuzShlsv1BinHZfF2g==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/tcVc0aWcSOFoPWAU+UFRQRGEHXlFXPUcGCQFqTiURFg5dPQU8MH8DHlcjTg1aQXFYCAkWahIMCRJqBU8GFTUJXUEFJ1sCWhk+TAcSAjZdABJXIlVUCh4tXQULEHIGL1JfZxFbV1kvBVhCQhURW1cdPlocH1RlBBFfRwgCXUJCFRFbVwMhEVomSGEaWU5UZQ-QOAhI8W0xVN2UEWFdBZgRYQkNnUgAVFDFbEUJDEQ1fSUFxQVRW
54.230.245.59200 OK 455 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/tcVc0aWcSOFoPWAU+UFRQRGEHXlFXPUcGCQFqTiURFg5dPQU8MH8DHlcjTg1aQXFYCAkWahIMCRJqBU8GFTUJXUEFJ1sCWhk+TAcSAjZdABJXIlVUCh4tXQULEHIGL1JfZxFbV1kvBVhCQhURW1cdPlocH1RlBBFfRwgCXUJCFRFbVwMhEVomSGEaWU5UZQ-QOAhI8W0xVN2UEWFdBZgRYQkNnUgAVFDFbEUJDEQ1fSUFxQVRW
IP 54.230.245.59:0
File type ASCII text, with very long lines (593), with no line terminators
Hash 1b82aee39fa453964c3c3922d3ae0e4a
41fe805f38c1a1cd01cb7dca70e787200c58d4ea
84848af7fd3bf596854be728914af08b8215447f111a3774b0c6cc70bf16d465
Analyzer Verdict Alert fortinet Malware
GET /tcVc0aWcSOFoPWAU+UFRQRGEHXlFXPUcGCQFqTiURFg5dPQU8MH8DHlcjTg1aQXFYCAkWahIMCRJqBU8GFTUJXUEFJ1sCWhk+TAcSAjZdABJXIlVUCh4tXQULEHIGL1JfZxFbV1kvBVhCQhURW1cdPlocH1RlBBFfRwgCXUJCFRFbVwMhEVomSGEaWU5UZQ-QOAhI8W0xVN2UEWFdBZgRYQkNnUgAVFDFbEUJDEQ1fSUFxQVRW HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://akelandord.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 455
date: Fri, 16 Sep 2022 15:31:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8vHca_zLIs1FpiYdvaIxFO0DKOgVuQ1kq6BiJsYPvpEJLbs_YORd2w==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/1V2k0cFo0BloWZSMAUE1tZF4HQ29xA0cfNCdUXhhvZFtgEzYgH2UDICFaEgQgM1QEVjY2B1NNfDIHV01rcQhQEmdjT0ERZzoGThk2OwgRQhxiRwRVaGdBTEFrclp2VWhnBV0eLy9MBkAib19rRm5yWnZVaGcbQlVpFlACXmp+TAZAPTIKXx9/ZS8GQGtnWQ-VAa3JbBBYzJQxSHyJyW3JJbHlZEgVnZg
54.230.245.59200 OK 191 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/1V2k0cFo0BloWZSMAUE1tZF4HQ29xA0cfNCdUXhhvZFtgEzYgH2UDICFaEgQgM1QEVjY2B1NNfDIHV01rcQhQEmdjT0ERZzoGThk2OwgRQhxiRwRVaGdBTEFrclp2VWhnBV0eLy9MBkAib19rRm5yWnZVaGcbQlVpFlACXmp+TAZAPTIKXx9/ZS8GQGtnWQ-VAa3JbBBYzJQxSHyJyW3JJbHlZEgVnZg
IP 54.230.245.59:0
File type ASCII text, with no line terminators
Hash 5bda47ad9d6d2c5ce1dbbffcb650bdfe
1c3e4d7d9eebc5f3e9fef0c2150458dac6c625ec
5f09a8b454f659aca06b6e0e56fc9f71660fbdc3010a11ef0fc74f8046e7c70b
Analyzer Verdict Alert fortinet Malware
GET /1V2k0cFo0BloWZSMAUE1tZF4HQ29xA0cfNCdUXhhvZFtgEzYgH2UDICFaEgQgM1QEVjY2B1NNfDIHV01rcQhQEmdjT0ERZzoGThk2OwgRQhxiRwRVaGdBTEFrclp2VWhnBV0eLy9MBkAib19rRm5yWnZVaGcbQlVpFlACXmp+TAZAPTIKXx9/ZS8GQGtnWQ-VAa3JbBBYzJQxSHyJyW3JJbHlZEgVnZg HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://akelandord.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 191
date: Fri, 16 Sep 2022 15:31:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6k87W3b7GJ7hG1sOovONSv5s1JPt8hrJw_RIbX9_Ofo-lsb88plvgw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e93324d6ebf7de1bf51a43d1cfce9fbc
673a6701d07f44a1139eeb7693ca220cf1bdb954
c977af10b5b436b49e038bde9c841a77830cd20a1c3d084d4fb833e9089b495c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:21 GMT
Last-Modified: Fri, 16 Sep 2022 14:24:36 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 734d709ca96b537a66a72b012bad01b3
1422dc6e556936950feec9000a321a050b638ff8
f22c958051fad1d1d361d069afd22467fbc3caaebffac1ffb0fe3eead923c0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
akelandord.buzz/multi?cs=WmlDWHFuWXNuRmNbe25AYlt6bUc&abt=0&red=1&sm=76&k=&v=1.0.59.1&sts=0&prn=0&emb=0&tid=756376&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fm2abmf2fy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_NyVG=1663342265055&crc=1
143.204.55.24200 OK 1.5 kB URL HTTP/2 akelandord.buzz/multi?cs=WmlDWHFuWXNuRmNbe25AYlt6bUc&abt=0&red=1&sm=76&k=&v=1.0.59.1&sts=0&prn=0&emb=0&tid=756376&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fm2abmf2fy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_NyVG=1663342265055&crc=1
IP 143.204.55.24:0
File type ASCII text, with very long lines (3186), with no line terminators
Hash 3160f87c8642c8fd4f1d4e54222d76b0
140bd67d2811897e3b0341680d11a9986bdb6da6
f86e480a7b6d883a61fb0ccc0470f0e4d055946ac97d6876502a5488da805ea8
GET /multi?cs=WmlDWHFuWXNuRmNbe25AYlt6bUc&abt=0&red=1&sm=76&k=&v=1.0.59.1&sts=0&prn=0&emb=0&tid=756376&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fm2abmf2fy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_NyVG=1663342265055&crc=1 HTTP/1.1
Host: akelandord.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1477
date: Fri, 16 Sep 2022 15:31:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=39258366-4d4f-4f9e-9ac3-c6a0aeeb16b0
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pPK4jLNLqjgxfsqJVDC_z8KfZFk5SZUKV-653btNxUH5V9VqAwSdxQ==
X-Firefox-Spdy: h2
pogothere.xyz/
172.67.137.152200 OK 530 B IP 172.67.137.152:0
File type ASCII text, with no line terminators
Hash 8dcf6b8ee69513ada7db3db65d3f321f
910f15b48b948d00e57a1c156a5482a9b426ebfa
3d52632bebaac6c7a8bc0eb01c5a0820dc1ab7fa033aa297819e675110cb038d
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:31:21 GMT
content-type: text/plain
set-cookie: csu=1481011293501162@1@1663342281; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOavd4W%2FHOv4%2BevR73YaCwDJe5GHXo1L%2FaDz9O9MNUvG8TTLdR89Tz4hmrT%2FC8OBmaqI1vp6m02Vkx5YDK4OS%2FUDgw02ndIZBGHQ5yOxsNrb2vCIBeHtEnZjlweW1XFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74baa608fc8d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17427
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 15:31:21 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
172.67.137.152200 OK 103 kB IP 172.67.137.152:0
Size 103 kB (102903 bytes)
Hash 35c508113cb4317ea81b07ed6357e91e
1cbbec18da5284e0f04eb4f2195da1020b5bf8a3
81a92c95703d0594ef533183788a38624d4fa508eff6b758ccca0ebbd49f1184
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:31:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2311
last-modified: Fri, 16 Sep 2022 14:52:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsANEAODQ88gxVPJR9oP9fnf50eaYEr80DqzDOV8bNDJDwM0i%2BexGnEufdJtpORpCMmXNMsh%2BIFjCyzkSSJA6pFGPHEocPbmJzDBFEeBWckTz9GYQIDG9fM5rH%2BiSXst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74baa608fc8c1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dxJEH4Jh8lAZ0T28BZnFLhWczwZ7oOaspCmR-SWudP32cF3BQc6wmw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:56:40 GMT
age: 63281
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JyXQcHKFIksMgLMROqOfV1ZqdFKSp3QSIlGmXuDR6h88o9J6s-mgkw==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:14:32 GMT
age: 62209
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.67.137.152200 OK 111 kB IP 172.67.137.152:0
Size 111 kB (110835 bytes)
Hash 8306d8053caa94baa232963166e71358
ced2fc621209dafd128d4fbf09537e22f90dbc87
01c6ae7bf61874c569cfab7fbbd535ce6d95c3ab56d38a43ddf2ca15cc024b31
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:31:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2311
last-modified: Fri, 16 Sep 2022 14:52:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdYU%2FqVEzjLAYO4Gzudt%2BFk60vezuL7cM98TI1ULnjO1Hqfck1jlNyz3hIsISUj%2FSm6G2QkT6puLKDJjc06awjqz6cE4NCCMQDYOBt%2Be1sNDOv6qR3ziNvh%2FPO2P9h1z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74baa608fc891c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 512280055633fcce9abc7d11a9816a24
de5c3e010fca76659455a144875a52c25fa72bdd
435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 63935
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J5lOTqdLhgg3Hzfw3b86ScfLkODllGEA_y9xUSxBxBCS4sI5nAWKZQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 23:35:10 GMT
age: 57371
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:12:38 GMT
age: 44323
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: kAFL6WW/p4yHjvXCmThemsC1kRvInnLL3s+AVdUZWz7eHRmNWw10DQfbCQuCHFjNvUetYC0wne6Tqd6oSvghKg==
date: Fri, 16 Sep 2022 15:31:21 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1375866456%3A1663342281172431&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWokpwkaDrUi91ZwjO6rLBLBi4r8I9yv2KbCUKaWuxw4Jz5boCYRZ6iOGQVwdSjUpISnZe9H
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1375866456%3A1663342281172431&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWokpwkaDrUi91ZwjO6rLBLBi4r8I9yv2KbCUKaWuxw4Jz5boCYRZ6iOGQVwdSjUpISnZe9H
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1375866456%3A1663342281172431&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWokpwkaDrUi91ZwjO6rLBLBi4r8I9yv2KbCUKaWuxw4Jz5boCYRZ6iOGQVwdSjUpISnZe9H HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 15:31:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-98-y5S-Nqy2WNYJ4eKOi3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=MO9aYKOgtWWzM9hx_hJsT1scWJW0pah6NSE9IlW9SFbs45kTj6JIc4Syj7QEjwq6z6yaIw8a2nZPWlEwNCBQ1rABkrT9W49V3QCEv2JS7z3f4MmODB_3tx-g40TYBNLNE5GstByVF46j7NJ-C1MID4nxdeR0NQlpinyefTo9i10; expires=Sat, 18-Mar-2023 15:31:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S688139116%3A1663342281174491&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSkaafNHPyKvrCQIthyr6q6RXTX5GBMGIHgggDajQuVGFQ-nvIp9a2wuNwm_G9q0jAY8qY
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S688139116%3A1663342281174491&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSkaafNHPyKvrCQIthyr6q6RXTX5GBMGIHgggDajQuVGFQ-nvIp9a2wuNwm_G9q0jAY8qY
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S688139116%3A1663342281174491&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSkaafNHPyKvrCQIthyr6q6RXTX5GBMGIHgggDajQuVGFQ-nvIp9a2wuNwm_G9q0jAY8qY HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 15:31:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-0QSB1JWfOJ0jrBy7IJQnRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=LtpkkBmayb2V_VSReGannWAUaS5U8IjCf0VOokPjQh1uO2ILCcyGRzu9oNgyWA2jYV-weGqcdkXx0eaUu3sr2BA2erI11t2IIvxB0pg16QXZhYFMEiHG0Dy59NoCpXuJ2L2kbd21YNv1XqswMPbdVuTXUS4BXIKjvSbjHXnW2OQ; expires=Sat, 18-Mar-2023 15:31:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2