cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
195.96.151.83301 Moved Permanently 162 B URL HTTP/1.1 cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
IP 195.96.151.83:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z HTTP/1.1
Host: cdn-128.bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 00:32:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13311
Expires: Sun, 15 Jan 2023 04:14:01 GMT
Date: Sun, 15 Jan 2023 00:32:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17144
Expires: Sun, 15 Jan 2023 05:17:54 GMT
Date: Sun, 15 Jan 2023 00:32:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 23:48:56 GMT
content-type: application/json
age: 2594
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
195.96.151.83301 Moved Permanently 0 B URL HTTP/1.1 cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
IP 195.96.151.83:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z HTTP/1.1
Host: cdn-128.bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://bayfiles.com/nec3g3jeyf
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17331
Expires: Sun, 15 Jan 2023 05:21:01 GMT
Date: Sun, 15 Jan 2023 00:32:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Nkn1UvC+xzO2XvVofLvisT7bom8e8tTPLmTAXo154WOHspCv/PlWvp7+SuVSHrka7NQuEFueyrU=
x-amz-request-id: 4931GPD1WNNK3W66
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 23:43:55 GMT
age: 2895
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1badc19cf0b6cf4b9ec5883c38e332a2
2be80988856a6d643f439a0a73f117bc352a09b0
8be7aad839cd0aabb6560074331c13e25df5f91314c1fd37db88c50210042a2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BE7AAD839CD0AABB6560074331C13E25DF5F91314C1FD37DB88C50210042A2E"
Last-Modified: Sat, 14 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4763
Expires: Sun, 15 Jan 2023 01:51:33 GMT
Date: Sun, 15 Jan 2023 00:32:10 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 00:32:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bayfiles.com/nec3g3jeyf
45.154.253.150404 Not Found 2.3 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 5d735a1eaa5ba8e1dd245471520de4ea
bbac4bf1208e90323c75e7139faa431724fecb6d
fa8bd486b16338e2a9eeba2b2b27195c7f36343dbe5e91be017f7d3b783292d0
GET /nec3g3jeyf HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: N
Content-Encoding: gzip
bayfiles.com/css/bayfiles.css?1668606177
45.154.253.150200 OK 25 kB URL HTTP/1.1 bayfiles.com/css/bayfiles.css?1668606177
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash 896df88019eabed295bc78a2f053ab92
1bca351d99600fb10583eb28c638dd58482535a0
b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0
GET /css/bayfiles.css?1668606177 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 493
Content-Encoding: gzip
bayfiles.com/sw.js
45.154.253.150200 OK 14 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 4525
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.130.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.130.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sun, 15 Jan 2023 00:32:10 GMT
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 3010
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
bayfiles.com/js/app.js?1668606177
45.154.253.150200 OK 58 kB URL HTTP/1.1 bayfiles.com/js/app.js?1668606177
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1668606177 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 63
Content-Encoding: gzip
bayfiles.com/img/flags/24/se.png
45.154.253.150200 OK 581 B URL HTTP/1.1 bayfiles.com/img/flags/24/se.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 384
accept-ranges: bytes
bayfiles.com/img/flags/24/es.png
45.154.253.150200 OK 666 B URL HTTP/1.1 bayfiles.com/img/flags/24/es.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 530
accept-ranges: bytes
bayfiles.com/img/flags/24/pl.png
45.154.253.150200 OK 347 B URL HTTP/1.1 bayfiles.com/img/flags/24/pl.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 397
accept-ranges: bytes
vjs.zencdn.net/7.3.0/video.min.js
151.101.130.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.130.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Sun, 15 Jan 2023 00:32:10 GMT
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/fi.png
45.154.253.150200 OK 456 B URL HTTP/1.1 bayfiles.com/img/flags/24/fi.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 411
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 00:17:25 GMT
age: 885
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/jp.png
45.154.253.150200 OK 599 B URL HTTP/1.1 bayfiles.com/img/flags/24/jp.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 481
accept-ranges: bytes
bayfiles.com/img/flags/24/br.png
45.154.253.150200 OK 1.1 kB URL HTTP/1.1 bayfiles.com/img/flags/24/br.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 491
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 468
Cache-Control: max-age=117745
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:10 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 09:14:35 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
bayfiles.com/img/flags/24/de.png
45.154.253.150200 OK 483 B URL HTTP/1.1 bayfiles.com/img/flags/24/de.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:10 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 519
accept-ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09126b7311fb7c2720744cc784de3998
db0151574610e16741c1dbd702e43b45cefa0cad
667a1bd283a4381ae673eb4d54a7bb1302736ae82342583aa93237da76d6bce1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "667A1BD283A4381AE673EB4D54A7BB1302736AE82342583AA93237DA76D6BCE1"
Last-Modified: Thu, 12 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Sun, 15 Jan 2023 01:40:55 GMT
Date: Sun, 15 Jan 2023 00:32:11 GMT
Connection: keep-alive
bayfiles.com/img/flags/24/no.png
45.154.253.150200 OK 611 B URL HTTP/1.1 bayfiles.com/img/flags/24/no.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 429
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737333
54.230.245.37200 OK 98 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333
IP 54.230.245.37:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 9d83d1bfa4416fbaa87105f4dcf88423
b488dcf069cd3606a9d167f454eb13667fc67ce8
7136bc31eec1b67a52c866ad489cb6ab26ddeeaaddb0183baf09920f17bff4e0
GET /?xsvjd=737333 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 98176
date: Sun, 15 Jan 2023 00:32:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PUjZ6nLzMYAI3YaE_Z-hqfdiBIDJ_kGPxrwyZOMNYq9oD82gL7A6YQ==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/ru.png
45.154.253.150200 OK 403 B URL HTTP/1.1 bayfiles.com/img/flags/24/ru.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 505
accept-ranges: bytes
push.services.mozilla.com/
54.200.156.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.156.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D4mAOGMcEiSxhFhFVzgZBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3Br4tv8gx6Xesp6vyyEKghwNniQ=
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ffa7729132c943f60a3d2522b160b4d3
78ebd9989e8327d382878f91c94d4072e6f8edf1
8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2806
Expires: Sun, 15 Jan 2023 01:18:57 GMT
Date: Sun, 15 Jan 2023 00:32:11 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ffa7729132c943f60a3d2522b160b4d3
78ebd9989e8327d382878f91c94d4072e6f8edf1
8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2806
Expires: Sun, 15 Jan 2023 01:18:57 GMT
Date: Sun, 15 Jan 2023 00:32:11 GMT
Connection: keep-alive
policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ
70.32.1.32302 Found 0 B URL HTTP/1.1 policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ
IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:11 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742731.3905942; expires=Wed, 12-Jan-2033 00:32:11 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ?subid1=20230115-1132-1158-aca8-c08424e2012b
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
bayfiles.com/static/logo.png
45.154.253.150200 OK 39 kB URL HTTP/1.1 bayfiles.com/static/logo.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash d39dfc9566d5264e198224dc249dd6bb
67ec60e7df6257a32f41e45e6877dc65f036ef0f
0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a
GET /static/logo.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 38607
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 19:34:48 GMT
etag: "6324cfd8-96cf"
onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA
108.157.229.27200 OK 1.2 kB URL HTTP/2 onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA
IP 108.157.229.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash a11729ca0d26c6dde9c7ec95e26a85fb
783500c461773e5f54caacc3aa2ff4daa155ff3d
06ac8ee299c57ec5aa087132106e5739cb034c3bf0f59477a3a2ca7a0825b855
GET /OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Sun, 15 Jan 2023 00:32:11 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: Tkf50-X0_cYmDzSslJO2CFy9cwDGSoyXENt39notddkA_5pEg3bvDg==
X-Firefox-Spdy: h2
onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M
108.157.229.27200 OK 1.2 kB URL HTTP/2 onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M
IP 108.157.229.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3043), with no line terminators
Hash 56a3dfc6ca523c17e74dc5fd2862149d
3501a13097141bce9ac35cffd2effc08139f1d9e
8eebc55e7d66d942ce920ce50c2177cc6f18a02c2a64dcb760f3aea1a4140c40
GET /UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Sun, 15 Jan 2023 00:32:11 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: vOCel71xTpf--0yaSHBlFm5-5Tg34sIohiTvrLNGfowQQot_1GfTxQ==
X-Firefox-Spdy: h2
onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk
108.157.229.27200 OK 1.2 kB URL HTTP/2 onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk
IP 108.157.229.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash 962cbefe64ae5c1786934a876869b331
45af67c86f68fea7f43b554df762ee05c1b971c5
027bf7cf073bc7b891d98afa2f46ec6d610a5c770dc7b3d754f4ffc2b76434af
GET /RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sun, 15 Jan 2023 00:32:11 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ThsfxFjq32iIG_td9kf0ybnb0Sq6xCba1fv_B4zk3lUYrXqVNvXEfg==
X-Firefox-Spdy: h2
dgemanowhot.com.ua/aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc
188.114.96.1204 No Content 0 B URL HTTP/2 dgemanowhot.com.ua/aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc HTTP/1.1
Host: dgemanowhot.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YyXbjf7nz29pdgJAsoB%2FRYZOGGvky%2Fpdf%2FthvqP1rXwE1dTlXuvhC0nKoO0FVshkpXXFwlADPNLxeH3royjK5k%2F8oEKtiqfSnGE%2BOwGNeN7jOWF6GrX%2B1CDRNEKSirVqY3iZN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a8346cf62b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/us.png
45.154.253.150200 OK 656 B URL HTTP/1.1 bayfiles.com/img/flags/24/us.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 500
accept-ranges: bytes
dgemanowhot.com.ua/R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k
188.114.96.1204 No Content 0 B URL HTTP/2 dgemanowhot.com.ua/R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k HTTP/1.1
Host: dgemanowhot.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YeSQUeXZLXzgpbqslFQ1hvq2cICKlwTaC%2Boq98dJwZU4uo2Jz%2BR3FYTX3XZ%2FiFFXqEQ4j8EZThtYuYUCVXABna903E1SN8WkgMghSE5KCkPJfAt5%2FxkH8pdnID10MNohVtLsuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a8346df73b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dgemanowhot.com.ua/bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc
188.114.96.1204 No Content 0 B URL HTTP/2 dgemanowhot.com.ua/bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc HTTP/1.1
Host: dgemanowhot.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lMkCkjvOF3k2plz1A8xHAoLHj8aBaRIssA4bbK1sNdqsCYy9FFU0ZUHGnwPnwELGcaMZfP6oYFcw7zJtinK%2B6o3kUOeBI6xCa%2B1ZrLeTpAthvGKR6fks8qcgzmPpZ91ZvqZrRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a8346ef77b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ffa7729132c943f60a3d2522b160b4d3
78ebd9989e8327d382878f91c94d4072e6f8edf1
8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2806
Expires: Sun, 15 Jan 2023 01:18:57 GMT
Date: Sun, 15 Jan 2023 00:32:11 GMT
Connection: keep-alive
bayfiles.com/img/flags/24/fr.png
45.154.253.150200 OK 536 B URL HTTP/1.1 bayfiles.com/img/flags/24/fr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 540
accept-ranges: bytes
bayfiles.com/img/flags/24/kr.png
45.154.253.150200 OK 988 B URL HTTP/1.1 bayfiles.com/img/flags/24/kr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 495
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I
54.230.245.37200 OK 556 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I
IP 54.230.245.37:0
File type ASCII text, with very long lines (780), with no line terminators
Hash d45c2594e3087599db567f82ef4892b1
5deb9db14d601355d4ae4671f89f592460b4e671
e96eed2be9085cba09e39711fa6b533afa74778ea216b86492e7934bd1644154
GET /4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onandeggsiswe.com.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 556
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6iBVLtsfubhOjCThPqCIVilzE-V-9RCh1fI4oPn1_gJkTxTIqWzn8g==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb
54.230.245.37200 OK 455 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb
IP 54.230.245.37:0
File type ASCII text, with very long lines (597), with no line terminators
Hash 2b0be9853f5b01bc7d16ca955a4fc5e7
ec9769bb060d0da44aeaa94bb1175b802feda8fa
66574cf93ee3c5f0b892992cd1b951724cdbe7defc4290bef6a4e74c596d75ca
GET /nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onandeggsiswe.com.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 455
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5z2UnV89yfpbdc_Xv8QPdy_3Nn-z6RBoGosJ76BJ7_xja7L0NT6E-A==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA
54.230.245.37200 OK 190 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA
IP 54.230.245.37:0
File type ASCII text, with no line terminators
Hash c155131d8b2e543ef645e947f651ec9a
6de1359e583786662310ec09c00d4d1a5b0d4bec
0466c5b18f06934c6cce55682f8597d7e69cf301955314f9d4b7e242b30785f8
GET /9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onandeggsiswe.com.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Sun, 15 Jan 2023 00:32:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lzZs7vVBr74zv7BePVP6ztP57LMEbZz5rOg9J6YuqJrrEn8qYDElCw==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/in.png
45.154.253.150200 OK 593 B URL HTTP/1.1 bayfiles.com/img/flags/24/in.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 556
accept-ranges: bytes
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:11 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742731.6817884; expires=Wed, 12-Jan-2033 00:32:11 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-1122-86c0-89e250defff9
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
bayfiles.com/img/flags/24/dk.png
45.154.253.150200 OK 537 B URL HTTP/1.1 bayfiles.com/img/flags/24/dk.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:11 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 497
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:11 GMT
Last-Modified: Sat, 14 Jan 2023 23:48:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a7a41b6730d32253158e0e6d7b4a247d
d2226f6d30657bf502c6d81b180181f0da817245
ccc7702368b8cf967e41986b92b79489d4b9e5b985360a94048e546d9fe64f25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CCC7702368B8CF967E41986B92B79489D4B9E5B985360A94048E546D9FE64F25"
Last-Modified: Fri, 13 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20699
Expires: Sun, 15 Jan 2023 06:17:10 GMT
Date: Sun, 15 Jan 2023 00:32:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a0323bca87228ca600ad58555e1b2d3e
a82132958ff2952767ff6b6b4c97ce81f899e226
ca54fbb1176415af368fc1d7d0711ba6a08c48124c3b33ce3ef2c77029568bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a0323bca87228ca600ad58555e1b2d3e
a82132958ff2952767ff6b6b4c97ce81f899e226
ca54fbb1176415af368fc1d7d0711ba6a08c48124c3b33ce3ef2c77029568bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a7a41b6730d32253158e0e6d7b4a247d
d2226f6d30657bf502c6d81b180181f0da817245
ccc7702368b8cf967e41986b92b79489d4b9e5b985360a94048e546d9fe64f25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CCC7702368B8CF967E41986B92B79489D4B9E5B985360A94048E546D9FE64F25"
Last-Modified: Fri, 13 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20698
Expires: Sun, 15 Jan 2023 06:17:10 GMT
Date: Sun, 15 Jan 2023 00:32:12 GMT
Connection: keep-alive
onandeggsiswe.com.ua/utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333
108.157.229.27204 No Content 0 B URL HTTP/2 onandeggsiswe.com.ua/utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333
IP 108.157.229.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333 HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 00:32:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 15 Jan 2023 00:33:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 7FvLleXxF1LlBC7G06zVJEBaxRSfCdjmfffHetsrICwQS7-oF8Qamw==
X-Firefox-Spdy: h2
onandeggsiswe.com.ua/utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376
108.157.229.27204 No Content 0 B URL HTTP/2 onandeggsiswe.com.ua/utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376
IP 108.157.229.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376 HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 00:32:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 15 Jan 2023 00:33:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 6-WXYSl2B8O452v-XNO-r8VSfUDWQMFJZU8aRy7pDOnhz7Sogm5_Ew==
X-Firefox-Spdy: h2
bayfiles.com/sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH
45.154.253.150200 OK 14 kB URL HTTP/1.1 bayfiles.com/sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 6210
Content-Encoding: gzip
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 426 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
Hash dea896861475942eb17391dcea3b7070
f3fe1af9a986163c9305f480562f638b7eef5e28
a7e6eaacf21ed2d97bc86c7708dc533d8b37d236e4ac6ebeb4f9e5cf358a7752
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Jan 2023 00:32:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-u613NBEtCx5GlQJtS7Xjgw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:dC2kTlWoV5Ux9AwARrlYajUn5yZxGQ:NgXLzigohwaaL-9R;Path=/;Expires=Tue, 14-Jan-2025 00:32:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
onandeggsiswe.com.ua/multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1
108.157.229.27200 OK 1.6 kB URL HTTP/2 onandeggsiswe.com.ua/multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1
IP 108.157.229.27:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash d1982cd77a96f10419c572a2fb5e764f
d858c92c8d27d411b59a9badfd48a4f549e385d1
cf1f2369aa19e2dab827e1275972988a0b2be74cde4e61106aa1d0bd5b2668f2
GET /multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1 HTTP/1.1
Host: onandeggsiswe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1564
date: Sun, 15 Jan 2023 00:32:12 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3231ff53-3e84-4f17-8c0b-25b94d5ba9c2
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: rcfxWeeGL92HeCyZmQh6XTyNLVaDh06ownhVvcijbQZUJn4cfNGUpw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash ddee6f0954a075c47eec3d013d4ccf39
c77c8baf9a24d66ed6f42b81682f430daa9518ba
ed4180aae887c0183ad186a155334455b6e48bb6ed4d8b76851f2c31ade2266b
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Jan 2023 00:32:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-pMgxe4VL1_H7M4xm-p2dQw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:RfBFJANC7cVH5qt3wmLamkA0Il-dng:3I-QdugSVsC9s5S2;Path=/;Expires=Tue, 14-Jan-2025 00:32:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/asd100.bin
172.64.132.29200 OK 103 kB IP 172.64.132.29:0
Size 103 kB (102745 bytes)
Hash cdf6771a8ac7c8ed535ff0dc502ac4b7
4593710aa8cdb1c22a7b9b766763bca21bdaac17
897d21c2f71735cf9823f5aa049395078f5112e83e7d3f7f932b924a4996b660
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 15 Jan 2023 00:32:12 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6243
last-modified: Sat, 14 Jan 2023 22:48:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io9WvDKpAjWCrk6aVBFcyGxtzussiQXQxUg%2FiRJhXzNa3Nq7%2F8A59AODUUFSAp8n3VHFwEROnnv9xFDlfFBjL7WOlCmsqtmdU4798zgLlY%2F9iUu%2FTiekToujXLl7opzw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a834b39fa888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1663356888
45.154.253.150200 OK 1.4 kB URL HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1663356888
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9549584e9288a5dd9d163daa26a6f34d
0c7a71967bd4570770aa9b1043a1d82cd8969252
d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
GET /img/favicon/favicon-32x32-bayfiles.png?1663356888 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/nec3g3jeyf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 00:32:12 GMT
Content-Type: image/png
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 631
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fc38856297a28cd362a2b0421acf8e7
6f83afbac6052fe285eacd2b69e92fd5b81ed7d9
710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 00:32:12 GMT
Last-Modified: Sat, 14 Jan 2023 23:48:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11888
Expires: Sun, 15 Jan 2023 03:50:20 GMT
Date: Sun, 15 Jan 2023 00:32:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11888
Expires: Sun, 15 Jan 2023 03:50:20 GMT
Date: Sun, 15 Jan 2023 00:32:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11888
Expires: Sun, 15 Jan 2023 03:50:20 GMT
Date: Sun, 15 Jan 2023 00:32:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4e46b934e0fe8ce439f5900f72ca8c8
d225e7cadd7cb400e39f9cef903249c77b34ec1c
19dfdcbad9e017e133cbbbf3aa6189815d914a3e189ab89730c09c211339cba2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4594
x-amzn-requestid: e234a2c4-83b0-4ff6-817c-b35a0c748266
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etpRiHPiIAMF7bA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c22270-5e7f22a758ee77e034987dbb;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hGqDibdgHNG6D1g-Vw_PeHScGFFfpZTo9JfuL66BzOASOzzYKSuUcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:35:28 GMT
age: 68204
etag: "d225e7cadd7cb400e39f9cef903249c77b34ec1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91a664271b9042ab5a34c1259df6ab93
7ce177939ceed31dbe137996cace3f71eaab3cf4
08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11285
x-amzn-requestid: 988e5b38-d173-4e8c-9fe6-98f8f2a76b97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEAsE5FoAMFd9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a04-63377e2a6fd82d8d0f582918;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NdMsi2pSibnQ_tyUM4QXeIemgBJuVrRVcBLGmgMp7C895mwY1J53JA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:25:26 GMT
age: 72406
etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccd9a6ee59820f0e819323256cdeebcf
4b7dc1d4fa669c62d8506add356364020c203c7b
4d55fcb90dddc5eae466cc9ce0c42b560b964e3c5c02f069f6a09695af996fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: a5c3a403-75f7-4bda-b22f-089919454a6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniY8HxoIAMF3EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb105-36f4b9a9056d844955c9996f;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _1zECIPTchQXa3nVdsaH_-OY6oXEhgM8dkG_Tp084XK0eaJxYbq6tQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:48:22 GMT
age: 81830
etag: "4b7dc1d4fa669c62d8506add356364020c203c7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 807e309c0c704608186f4f0be4f40d94
1eadbf6f305c19b86e83e570cd94133ff4bf33c1
e96f690e1fa5b1e54986a02cba764b4e965891553197a6decbea64a91c5dccaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4986
x-amzn-requestid: 19aa397e-1b5c-4c3e-be88-a429ca3d2f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enenaH5YoAMF6TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfaafc-210871f97c1c327e73fc25e0;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 06:38:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bthAkm0KtTHW9QVgchZF-TWemX9R9BsA7N1LMRQbQyD0wCkk2Io9ag==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 19:56:42 GMT
age: 16530
etag: "1eadbf6f305c19b86e83e570cd94133ff4bf33c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bda8a71e1e7a2173911de887bcab274
a05c3182c259756d1a5327d5a133320313565fc8
b00ae81aae4e5867010548c35737058b2ccfd9a6a6e2a061c729a71d04a5a1a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2965
x-amzn-requestid: b17939c4-4838-4ec7-8459-93f88392a966
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euH1cFFaIAMFuCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c25355-4caee7f1070ed0c450f919f8;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:01:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fnUpBYZf6aDHW2v8vTN1O2N9GqPvYvbEytMf8fjkUVYzCjBCjU7grA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:14 GMT
etag: "a05c3182c259756d1a5327d5a133320313565fc8"
content-type: image/jpeg
age: 9958
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 66823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 15 Jan 2023 00:32:12 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6243
last-modified: Sat, 14 Jan 2023 22:48:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gz6JF%2F8Urp4BX%2BNJdice2HNG6kw6OGaoTF45%2BcAsW2wM1rerKHzKG9AC6%2B4VED%2FrpYaxN%2Bggl%2Ff3f9GNXiuNut9yAO1GY6oq3MJEIJfiY8SpxyuwDZNby1BhQqnjfqT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a834b3a11888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bayfiles.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.2358990; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-13fd-8191-309ac9aed3d4
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 754
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.5737345; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-1359-8e5d-678981f988b0
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bayfiles.com
Content-Length: 364
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.8304965; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-137e-86c5-329ecd019499
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 389
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.4145722; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-1359-b97c-b43943cd50e7
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 394
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.4516892; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-134f-8b30-6f5aa0b311f2
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 748
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.1373826; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-13ac-aa30-6cbb9a753a3d
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
policityseriod.info/
70.32.1.32302 Found 0 B IP 70.32.1.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bayfiles.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 15 Jan 2023 00:32:13 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1673742733.3852389; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000
location: http://ww25.policityseriod.info/?subid1=20230115-1132-13c8-9182-e4899797a786
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 00:32:12 GMT
content-type: text/plain
set-cookie: csu=277534316250309@1@1673742732; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuIEDZ%2FpDGpOsOksP7OOm0vtef6BLs7NAZPbK%2FDzR6%2FD3jWnyrpUHztKZ43kZlSdR84z05xSIb7HrpzY5A7FgbIYVLlmUaqWK0XigTxevpzyR%2FLrcXz09FzVydKh0Jxq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a834b4a17888b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Jan 2023 00:32:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-W3lDzmFa9zhpq7JmfA-2sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Jan 2023 00:32:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-HOE8Uztf5_l963EO2Dhv5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ZCcNqVaOVGpscQPTTx6ME3IaS+LacTmq/FdbSCu+zapkrWeBa9A5mQX710a4EQKY2zxlPcuYbPfeDcsntAOZRA==
date: Sun, 15 Jan 2023 00:32:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2