Report - cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z

Report Overview

Submitted URL
cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z
IP
195.96.151.83
ASN
#41634 Svea Hosting AB
Submitted
2023-01-15 00:32:20
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bayfiles.com	376602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.5 kB	168 kB	45.154.253.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.131
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.9 kB	142.250.74.109
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.33.119.27
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.200.156.146
dgemanowhot.com.ua	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.7 kB	188.114.96.1
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
cdn-128.bayfiles.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	992 B	719 B	195.96.151.83
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.6 kB	23.33.119.27
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	2.9 kB	31.13.72.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
vjs.zencdn.net	4968	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	748 B	143 kB	151.101.130.217
djv99sxoqpv11.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	101 kB	54.230.245.37
policityseriod.info	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	3.3 kB	70.32.1.32
onandeggsiswe.com.ua	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	8.9 kB	108.157.229.27
pogothere.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	208 kB	172.64.132.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-15 00:32:11	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-01-15 00:32:11	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-01-15 00:32:11	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-01-15 00:32:11	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	bayfiles.com/nec3g3jeyf	1.8 kB	2023-03-07	2023-08-07
Pretty URL bayfiles.com/nec3g3jeyf IP 45.154.253.150 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2023-08-07 17:15:14 Times Seen811 Hash 222132c7cee7981cc82b3c57684aefe4 988196a7d039385d2a5dec48b60328949be4544b 29c9404d415384cdb3fa69ac2c92d9319f6527112ad2d82fbd27ae52542ac823 Loading...

	djv99sxoqpv11.cloudfront.net/?xsvjd=737333	300 kB	2023-03-12	2023-03-12
Pretty URL djv99sxoqpv11.cloudfront.net/?xsvjd=737333 IP 54.230.245.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 9fca370f8de6480aa7012e3fb9a4088c 66914d72fa130c25ce904830f75eee9eae051f89 946c0da9ef44ecc9ee48f4c1bc2bff849e4c6892c5bc2bf83d0cbcbb347c89b1 Loading...

	onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk	3.0 kB	2023-03-12	2023-03-12
Pretty URL onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk IP 108.157.229.27 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 9fa6c6300df90151a846428e9f262129 1a3d4328065c29a96a1fd6c3d99cf67aac55ff26 dacaf4b30ef2956bb448100d43eb6f4db4a8f37b2e9b398da35c9dcde97ee7db Loading...

	bayfiles.com/sw.js	39 kB	2023-03-07	2023-07-03
Pretty URL bayfiles.com/sw.js IP 45.154.253.150 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2023-07-03 06:06:11 Times Seen235 Hash 964007d2c849e80c42f0598d126ee512 de282c1ab3319bdd9a72d83474115c778a36dc62 f9890628478a7fe67fd6a3a14e8a1a3dfe7d8df69b6c513d2c58331cabf8725b Loading...

	bayfiles.com/nec3g3jeyf	153 B	2023-03-07	2023-05-30
Pretty URL bayfiles.com/nec3g3jeyf IP 45.154.253.150 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2023-05-30 09:27:06 Times Seen132 Hash 1afd5146a7a2eb76587f619acfe1786d 2e7d95479b7ae570c76c7b12a31fa07bf8d03cd0 47423c4ce4edce4f9e0a688c9e6f6ca42ce989534f4bc49ea5f47c7fe3da811c Loading...

	vjs.zencdn.net/7.3.0/video.min.js	476 kB	2023-03-07	2024-01-20
Pretty URL vjs.zencdn.net/7.3.0/video.min.js IP 151.101.130.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-01-20 06:52:22 Times Seen1044 Hash 057f19acd50fc7e3ad917dd600889ee5 479d8baad992ec24bf4c3ac8365014be01565219 963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb Loading...

	bayfiles.com/nec3g3jeyf	160 B	2023-03-12	2023-03-12
Pretty URL bayfiles.com/nec3g3jeyf IP 45.154.253.150 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash dd55cef63d57e3243f28c05b708d2065 dbd487aeac07acd8190d7fcd21bc450bbc9d881b e6453cac8986814fc407c26e73aa58d0eae9488b02fee59e84dee18fdef53889 Loading...

	onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA	3.0 kB	2023-03-12	2023-03-12
Pretty URL onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA IP 108.157.229.27 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 506fa2abab172653d347aab1d4db923a fe632edcedde8612a6af1b827a6f7a9a20966e8c 8db998a688df92ebca2f160b06c525105d99731d5541a1f1f961bbf700cdf0ee Loading...

	onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M	3.0 kB	2023-03-12	2023-03-12
Pretty URL onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M IP 108.157.229.27 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 9e0e88acdcec62c4288dde6433207c82 983386ccfe4af7a09170e26308ec5ab7e5fa0f27 d8f394309ad69263c53b686e9552cca6af24f3978bb0be6e6001bfc9cd615744 Loading...

	djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I	780 B	2023-03-12	2023-03-12
Pretty URL djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I IP 54.230.245.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 74b88c6196266359d6a365741ebcb188 bfa7e8b6e8e4cfa499cfb5be9e2f2a902359a4c0 ec11090bf0e88a844c09814734f1590ee72d5599a9e6e38473a0096f7b792595 Loading...

	djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb	597 B	2023-03-12	2023-03-12
Pretty URL djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb IP 54.230.245.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 5dfa153cbd2bc89cc5c4c79d13c8a635 2f21ce00a90ad1a60b3c3e408af2aa91c6617e79 b7c6d51bffa892c4a62f38011db73fd5fde6eafbbb6ff9a89c7365c6f6cdc7c4 Loading...

	bayfiles.com/js/app.js?1668606177	193 kB	2023-03-07	2023-03-17
Pretty URL bayfiles.com/js/app.js?1668606177 IP 45.154.253.150 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2023-03-17 12:50:45 Times Seen1 Hash ebf881a573c65e946d0b67bbae1f7d8d 5693e08ea7915521918fc75fc5dd8fa9f7f786fb ee607a4919a33f6946c245c09d6db9dd3085ef77bf9f8a7a3a819f3cffe178a7 Loading...

	djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA	203 B	2023-03-12	2023-03-12
Pretty URL djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA IP 54.230.245.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:41:02 Last Seen2023-03-12 23:41:02 Times Seen1 Hash 11dbf11ce62434800bbfa0db4b43a34c cdccb76ef88ceff86cbee5a9282f801bcc2d5740 a3fadc0cb1e21df5e65255332f64fecd63e5d47b530047fe1e54f18845597194 Loading...

HTTP Transactions (85)

	URL	IP	Response	Size
	cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z	195.96.151.83	301 Moved Permanently	162 B
URL HTTP/1.1 cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z IP 195.96.151.83:0 ASN #41634 Svea Hosting AB File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z HTTP/1.1 Host: cdn-128.bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 15 Jan 2023 00:32:09 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF" Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13311 Expires: Sun, 15 Jan 2023 04:14:01 GMT Date: Sun, 15 Jan 2023 00:32:10 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3063227f59d1935298b0620fa7919145 478e1d8bef04b1f95381cac01829c03b6779d420 619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C" Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17144 Expires: Sun, 15 Jan 2023 05:17:54 GMT Date: Sun, 15 Jan 2023 00:32:10 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 14 Jan 2023 23:48:56 GMT content-type: application/json age: 2594 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z	195.96.151.83	301 Moved Permanently	0 B
URL HTTP/1.1 cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z IP 195.96.151.83:0 ASN #41634 Svea Hosting AB File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /nec3g3jeyf/b33c3956-1672566239/office%202013-2021%20c2r%20install%20%20%20lite%207.4.8.kyhaa.7z HTTP/1.1 Host: cdn-128.bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Location: https://bayfiles.com/nec3g3jeyf X-Cache-Host: filecache-03 X-Cache-Disk: nvme-01 Accept-Ranges: bytes`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 64765d3d978fd74d7bc47d55d4f097cf 92eb3f0d55ba99be28105c0b28ef7dd456817f1f 761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3" Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17331 Expires: Sun, 15 Jan 2023 05:21:01 GMT Date: Sun, 15 Jan 2023 00:32:10 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: Nkn1UvC+xzO2XvVofLvisT7bom8e8tTPLmTAXo154WOHspCv/PlWvp7+SuVSHrka7NQuEFueyrU= x-amz-request-id: 4931GPD1WNNK3W66 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 14 Jan 2023 23:43:55 GMT age: 2895 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1badc19cf0b6cf4b9ec5883c38e332a2 2be80988856a6d643f439a0a73f117bc352a09b0 8be7aad839cd0aabb6560074331c13e25df5f91314c1fd37db88c50210042a2e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8BE7AAD839CD0AABB6560074331C13E25DF5F91314C1FD37DB88C50210042A2E" Last-Modified: Sat, 14 Jan 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4763 Expires: Sun, 15 Jan 2023 01:51:33 GMT Date: Sun, 15 Jan 2023 00:32:10 GMT Connection: keep-alive`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 15 Jan 2023 00:32:10 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	bayfiles.com/nec3g3jeyf	45.154.253.150	404 Not Found	2.3 kB
URL HTTP/1.1 bayfiles.com/nec3g3jeyf IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size 2.3 kB (2268 bytes) Hash 5d735a1eaa5ba8e1dd245471520de4ea bbac4bf1208e90323c75e7139faa431724fecb6d fa8bd486b16338e2a9eeba2b2b27195c7f36343dbe5e91be017f7d3b783292d0 HTTP Headers `GET /nec3g3jeyf HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding cache-control: public, max-age=3600 x-oe: N Content-Encoding: gzip`

	bayfiles.com/css/bayfiles.css?1668606177	45.154.253.150	200 OK	25 kB
URL HTTP/1.1 bayfiles.com/css/bayfiles.css?1668606177 IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type ASCII text, with very long lines (65452) Size 25 kB (25354 bytes) Hash 896df88019eabed295bc78a2f053ab92 1bca351d99600fb10583eb28c638dd58482535a0 b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0 HTTP Headers `GET /css/bayfiles.css?1668606177 HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding cache-control: public, max-age=3600 x-oe: Y x-oh: 493 Content-Encoding: gzip`

	bayfiles.com/sw.js	45.154.253.150	200 OK	14 kB
URL HTTP/1.1 bayfiles.com/sw.js IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type ASCII text, with very long lines (39060), with no line terminators Size 14 kB (14388 bytes) Hash fefdeff3180d9772f08a2cadce9a55b0 5610f0290b7f4c81c57a65703825fc2830aeac96 0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61 HTTP Headers `GET /sw.js HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-vdch: Yes cache-control: public, max-age=14400 x-oe: Y x-oh: 4525 Content-Encoding: gzip`

	vjs.zencdn.net/7.3.0/video-js.min.css	151.101.130.217	200 OK	9.7 kB
URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css IP 151.101.130.217:0 ASN #54113 FASTLY File type ASCII text, with very long lines (35998), with no line terminators Size 9.7 kB (9673 bytes) Hash 3397ce943db8add2728dccd9a3b8b8bc a57bbb7546a458fe57d72d06baab950125260cc9 5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba HTTP Headers `GET /7.3.0/video-js.min.css HTTP/1.1 Host: vjs.zencdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK last-modified: Fri, 26 Oct 2018 18:06:27 GMT etag: "895e6b29db41953ef6197815c6be59d3" cache-control: public, max-age=31536000 content-type: text/css; charset=utf-8 content-encoding: gzip date: Sun, 15 Jan 2023 00:32:10 GMT x-served-by: cache-bma1647-BMA x-cache: HIT x-cache-hits: 3010 vary: Accept-Encoding access-control-allow-origin: * timing-allow-origin: * content-length: 9673 X-Firefox-Spdy: h2`

	bayfiles.com/js/app.js?1668606177	45.154.253.150	200 OK	58 kB
URL HTTP/1.1 bayfiles.com/js/app.js?1668606177 IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type ASCII text, with very long lines (63238) Size 58 kB (57886 bytes) Hash ba67ff13fd07739a7037fbc27b2a1955 3e253f69b2f12659c541de122c6bce0ed82ba369 1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818 HTTP Headers `GET /js/app.js?1668606177 HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding cache-control: public, max-age=3600 x-oe: Y x-oh: 63 Content-Encoding: gzip`

	bayfiles.com/img/flags/24/se.png	45.154.253.150	200 OK	581 B
URL HTTP/1.1 bayfiles.com/img/flags/24/se.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 581 B (581 bytes) Hash c9b1e40987c4411b4a7d13c07a8843aa cfce93be3ba77e4e30033d25e2e5c6a37da1b27d 8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14 HTTP Headers `GET /img/flags/24/se.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 581 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 384 accept-ranges: bytes`

	bayfiles.com/img/flags/24/es.png	45.154.253.150	200 OK	666 B
URL HTTP/1.1 bayfiles.com/img/flags/24/es.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 666 B (666 bytes) Hash 5fa381a8eb16d9e673d32980e7fd1710 fc29fbbebe97109ef1d16a0d4a65637d6b725ac8 7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff HTTP Headers `GET /img/flags/24/es.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 666 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 530 accept-ranges: bytes`

	bayfiles.com/img/flags/24/pl.png	45.154.253.150	200 OK	347 B
URL HTTP/1.1 bayfiles.com/img/flags/24/pl.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 347 B (347 bytes) Hash baf3aff7caef0be58f29b41f20a0e4db 11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6 0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f HTTP Headers `GET /img/flags/24/pl.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 347 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 397 accept-ranges: bytes`

	vjs.zencdn.net/7.3.0/video.min.js	151.101.130.217	200 OK	132 kB
URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js IP 151.101.130.217:0 ASN #54113 FASTLY File type Unicode text, UTF-8 text, with very long lines (65141) Size 132 kB (132230 bytes) Hash e296d874aca2a1550b409394be51efaa c184c030e9aab3d03de27bc588919e249d5ccdf7 401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f HTTP Headers `GET /7.3.0/video.min.js HTTP/1.1 Host: vjs.zencdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK last-modified: Fri, 26 Oct 2018 18:06:27 GMT etag: "057f19acd50fc7e3ad917dd600889ee5" cache-control: public, max-age=31536000 content-type: application/javascript; charset=utf-8 content-encoding: gzip date: Sun, 15 Jan 2023 00:32:10 GMT x-served-by: cache-bma1647-BMA x-cache: HIT x-cache-hits: 1 vary: Accept-Encoding access-control-allow-origin: * timing-allow-origin: * content-length: 132230 X-Firefox-Spdy: h2`

	bayfiles.com/img/flags/24/fi.png	45.154.253.150	200 OK	456 B
URL HTTP/1.1 bayfiles.com/img/flags/24/fi.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 456 B (456 bytes) Hash 0ea9115d18d5210d4f1db520881faa3a 09829c2b7b5e4bae28d62b1dff90220f28c3bdf5 544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da HTTP Headers `GET /img/flags/24/fi.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 456 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 411 accept-ranges: bytes`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 15 Jan 2023 00:17:25 GMT age: 885 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	bayfiles.com/img/flags/24/jp.png	45.154.253.150	200 OK	599 B
URL HTTP/1.1 bayfiles.com/img/flags/24/jp.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 599 B (599 bytes) Hash 857f6f0e0886a3729b758b7241e42e61 a7be973a93c6ad51cf07a9f21a5dd72cc3e15680 8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64 HTTP Headers `GET /img/flags/24/jp.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 599 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 481 accept-ranges: bytes`

	bayfiles.com/img/flags/24/br.png	45.154.253.150	200 OK	1.1 kB
URL HTTP/1.1 bayfiles.com/img/flags/24/br.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 1.1 kB (1115 bytes) Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd 7a038177fe4deec455d61d3e9c90019fa4727d40 0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb HTTP Headers `GET /img/flags/24/br.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 1115 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 491 accept-ranges: bytes`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash c01ec61f7ca77158f474b3ab519c12fa fc82ae0fcd73a83a980b75709a08e65239894e4a f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 468 Cache-Control: max-age=117745 Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:10 GMT Etag: "63c270a7-1d7" Expires: Mon, 16 Jan 2023 09:14:35 GMT Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471`

	bayfiles.com/img/flags/24/de.png	45.154.253.150	200 OK	483 B
URL HTTP/1.1 bayfiles.com/img/flags/24/de.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 483 B (483 bytes) Hash 9f8cc07c258bcd2de0c7900861e20ffc fed97219e44693d4f3918fc4037b325732225d81 07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19 HTTP Headers `GET /img/flags/24/de.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:10 GMT Content-Type: image/png Content-Length: 483 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 519 accept-ranges: bytes`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09126b7311fb7c2720744cc784de3998 db0151574610e16741c1dbd702e43b45cefa0cad 667a1bd283a4381ae673eb4d54a7bb1302736ae82342583aa93237da76d6bce1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "667A1BD283A4381AE673EB4D54A7BB1302736AE82342583AA93237DA76D6BCE1" Last-Modified: Thu, 12 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4124 Expires: Sun, 15 Jan 2023 01:40:55 GMT Date: Sun, 15 Jan 2023 00:32:11 GMT Connection: keep-alive`

	bayfiles.com/img/flags/24/no.png	45.154.253.150	200 OK	611 B
URL HTTP/1.1 bayfiles.com/img/flags/24/no.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 611 B (611 bytes) Hash f14ac70aa6dd4d371671c0e6d7cba4e3 1139e3acd6e073bffb59157cbc10af72ed757218 9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4 HTTP Headers `GET /img/flags/24/no.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 611 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 429 accept-ranges: bytes`

	djv99sxoqpv11.cloudfront.net/?xsvjd=737333	54.230.245.37	200 OK	98 kB
URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333 IP 54.230.245.37:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (15948) Size 98 kB (98176 bytes) Hash 9d83d1bfa4416fbaa87105f4dcf88423 b488dcf069cd3606a9d167f454eb13667fc67ce8 7136bc31eec1b67a52c866ad489cb6ab26ddeeaaddb0183baf09920f17bff4e0 HTTP Headers `GET /?xsvjd=737333 HTTP/1.1 Host: djv99sxoqpv11.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-length: 98176 date: Sun, 15 Jan 2023 00:32:10 GMT access-control-allow-origin: * cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-encoding: gzip pragma: no-cache x-cache: Miss from cloudfront via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PUjZ6nLzMYAI3YaE_Z-hqfdiBIDJ_kGPxrwyZOMNYq9oD82gL7A6YQ== X-Firefox-Spdy: h2`

	bayfiles.com/img/flags/24/ru.png	45.154.253.150	200 OK	403 B
URL HTTP/1.1 bayfiles.com/img/flags/24/ru.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 403 B (403 bytes) Hash d8df89b036e6afb48f72d2440831bad0 04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35 2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c HTTP Headers `GET /img/flags/24/ru.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 403 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 505 accept-ranges: bytes`

	push.services.mozilla.com/	54.200.156.146	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.200.156.146:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: D4mAOGMcEiSxhFhFVzgZBQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 3Br4tv8gx6Xesp6vyyEKghwNniQ=`

	e1.o.lencr.org/	23.33.119.27	200 OK	344 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash ffa7729132c943f60a3d2522b160b4d3 78ebd9989e8327d382878f91c94d4072e6f8edf1 8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB" Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2806 Expires: Sun, 15 Jan 2023 01:18:57 GMT Date: Sun, 15 Jan 2023 00:32:11 GMT Connection: keep-alive`

	e1.o.lencr.org/	23.33.119.27	200 OK	344 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash ffa7729132c943f60a3d2522b160b4d3 78ebd9989e8327d382878f91c94d4072e6f8edf1 8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB" Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2806 Expires: Sun, 15 Jan 2023 01:18:57 GMT Date: Sun, 15 Jan 2023 00:32:11 GMT Connection: keep-alive`

	policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:11 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742731.3905942; expires=Wed, 12-Jan-2033 00:32:11 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/a0l6SWsQawk%2BNB47FmtRSSEOPRsYc1VmCQowHCAHDjpUKgQGZgk%2BRQE6WGVJGCQca1FaZVg9CgwWEy1JUWtNelxYe0xrR0k6Dys0Ai1Ia1FJKxh5CA5wGS9GW3wcKEZfKk58RlJxTHhGXX4ccF8Kfk8qWg0qWDQ?subid1=20230115-1132-1158-aca8-c08424e2012b content-length: 0 content-type: text/html; charset=UTF-8 connection: close

	bayfiles.com/static/logo.png	45.154.253.150	200 OK	39 kB
URL HTTP/1.1 bayfiles.com/static/logo.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data Size 39 kB (38607 bytes) Hash d39dfc9566d5264e198224dc249dd6bb 67ec60e7df6257a32f41e45e6877dc65f036ef0f 0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a HTTP Headers `GET /static/logo.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 38607 Connection: keep-alive last-modified: Fri, 16 Sep 2022 19:34:48 GMT etag: "6324cfd8-96cf"`

	onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA	108.157.229.27	200 OK	1.2 kB
URL HTTP/2 onandeggsiswe.com.ua/OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA IP 108.157.229.27:0 ASN #0 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators Size 1.2 kB (1200 bytes) Hash a11729ca0d26c6dde9c7ec95e26a85fb 783500c461773e5f54caacc3aa2ff4daa155ff3d 06ac8ee299c57ec5aa087132106e5739cb034c3bf0f59477a3a2ca7a0825b855 HTTP Headers GET /OHd6VzhZFRk6B1lKGHFNShtHcgp+UkgRXFIBQ25LQBgLJ04JRlQ0VFcCHjFKVxkOeVZdA19lfgw4LBYLWR00NmgJHDcTfQhCL2ZbfTQXNH1vJjsxd1MmPA9tVAMfPnF+JgA7HQoxNRZ2XS0vHn5tMStgYX0PMgZCaTwtP25uOiw8dnwfQmZvaRw1FHBiID47fX0tOBJdaUYjYHtQThgBa0gTPhFybzwWYnVqGxIjb18hMAJ8QBU5L2F0MR0dfXkPAj56CD0/AnwNIzgCanMTKwFZYCJLZnpuGDkUYAw/LiB6DxMrAVlqMTtyCno2LGNvex8zBG95OTgNXxU5KhZwTEY4AUh6I0kCfXMAMx1iahsbEFBAHjggCW8gECNhbAA8cgp+Lh0zWnkAFj96CQQtFAp6JTtnfls5FjBrfhAJAHpUGD0RCnklMiAMcVEQJFdWB0cacA4NEx9qCBBPIldbGhEA HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html content-length: 1200 date: Sun, 15 Jan 2023 00:32:11 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: Tkf50-X0_cYmDzSslJO2CFy9cwDGSoyXENt39notddkA_5pEg3bvDg== X-Firefox-Spdy: h2

	onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M	108.157.229.27	200 OK	1.2 kB
URL HTTP/2 onandeggsiswe.com.ua/UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M IP 108.157.229.27:0 ASN #0 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3043), with no line terminators Size 1.2 kB (1192 bytes) Hash 56a3dfc6ca523c17e74dc5fd2862149d 3501a13097141bce9ac35cffd2effc08139f1d9e 8eebc55e7d66d942ce920ce50c2177cc6f18a02c2a64dcb760f3aea1a4140c40 HTTP Headers GET /UlVNTnAzNy4jTzNoL2gFIDlwa0IUcH8IFDgjdHcDKjo8PgZjZGMtHD0gKSgCPTs5YB43IWh8NjwbNyIBCDglGyY1BAwYQBwECSIENBQqdyoHA3kcJSo+BwwbMRAHN0QzB3whGBcTJSs0OBwfGSIUGwgPOgQXNXY3ECIXHzIXIgkMHAMQGn4xGAB8OigHPngKIwMAAxglGAcPJgcRABspNhoUCBwkEyEvDCY6EQw5HxcDJTYpGxN9FDMHbBgZMmsaDDkXHwIIeioDZCIGJipgCRkXMRwaJRgLECohHwNkIgYkNRgEFhcfNhodIhwXHCUjBxM6HTM7eCUKJzUxAQY1HDcpKRgzAH0XOBcQdBsnFBcuDSFiHQgpAyEDCyk3EQM9FicTDC4ZNgsaFSUDAhQMKiAaEyopJwM2ABw2CBocKSIwcyc9HzwlcAM4ICUuBQZiPHoWB2M HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html content-length: 1192 date: Sun, 15 Jan 2023 00:32:11 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: vOCel71xTpf--0yaSHBlFm5-5Tg34sIohiTvrLNGfowQQot_1GfTxQ== X-Firefox-Spdy: h2

	onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk	108.157.229.27	200 OK	1.2 kB
URL HTTP/2 onandeggsiswe.com.ua/RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk IP 108.157.229.27:0 ASN #0 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators Size 1.2 kB (1181 bytes) Hash 962cbefe64ae5c1786934a876869b331 45af67c86f68fea7f43b554df762ee05c1b971c5 027bf7cf073bc7b891d98afa2f46ec6d610a5c770dc7b3d754f4ffc2b76434af HTTP Headers GET /RU5kYTQkLAcMCyRzBkdBNyJZRAYDa1YnUC84XVhHPSEVEUJ0f0oCWCo7AAdGKiAQT1ogOkFTcnwaCQ0AHBgxFXYtFywAXioPLCdMLCgyVHgQIyYOdTI9Ky5OcBsvMEMkBxxYeAE0B1Z+FiktLEw2JjwJYTMFCDN9FzQPF3Y9dwcCTTYGI1BMLi8lBlcEfAxXYDJ+JQB3CAklBlNwBwMJUBA2KlZmdSYhOwdwDCAWU3IFAzhkACAmWWMXFzICfD0UNzdycigPGXgMfSZZYxR2LS4HLSo8N30dL1UVfQIZKldgAD0OAnw9FCcJUDIoNwl+EBkmBmMTYyIkbnZ6KyllDGtWI30QNi8rBiFrViNjACY2O3xwFzw3eikFJSB/BwopCXETfzAkB3wUMDQNKS8mGXIQD0ILRyogFFxlKAEJFwcrLBEtZCwoMSk HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK content-type: text/html content-length: 1181 date: Sun, 15 Jan 2023 00:32:11 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: ThsfxFjq32iIG_td9kf0ybnb0Sq6xCba1fv_B4zk3lUYrXqVNvXEfg== X-Firefox-Spdy: h2

	dgemanowhot.com.ua/aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc	188.114.96.1	204 No Content	0 B
URL HTTP/2 dgemanowhot.com.ua/aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /aU1WMXFGcjVCTDMgAF4oAgMOZzcBLDUAJzoYEGtGPwsyVScHGHBFGA1wYQJGWn5lFwEAKWsAVxo5N0UEGnBnFxgHKzkMVx9wZx9CXWNlAF9bayMMQE85JlAWVHxwQQUdIWsAR15+YQVDXn5nBEFc HTTP/1.1 Host: dgemanowhot.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 204 No Content date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YyXbjf7nz29pdgJAsoB%2FRYZOGGvky%2Fpdf%2FthvqP1rXwE1dTlXuvhC0nKoO0FVshkpXXFwlADPNLxeH3royjK5k%2F8oEKtiqfSnGE%2BOwGNeN7jOWF6GrX%2B1CDRNEKSirVqY3iZN4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 789a8346cf62b4f1-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	bayfiles.com/img/flags/24/us.png	45.154.253.150	200 OK	656 B
URL HTTP/1.1 bayfiles.com/img/flags/24/us.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 656 B (656 bytes) Hash ae506a6c014bfeb8d8cbfdfbe94c14c9 f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1 HTTP Headers `GET /img/flags/24/us.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 656 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 500 accept-ranges: bytes`

	dgemanowhot.com.ua/R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k	188.114.96.1	204 No Content	0 B
URL HTTP/2 dgemanowhot.com.ua/R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /R0ZIeGpoeSsLVyYCIBkPASoaPC0rCCkUDRcnDUkFEDE8ETkAMW4MAyN7f0tddHV9XhouInVJUmE1PBkeMjV1SUwuKC4XV2EwdUlEd2h6VlhhM3VJTDM2KR9XdmA4DB4re3lOXXRxfEpddHd9S1k HTTP/1.1 Host: dgemanowhot.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 204 No Content date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YeSQUeXZLXzgpbqslFQ1hvq2cICKlwTaC%2Boq98dJwZU4uo2Jz%2BR3FYTX3XZ%2FiFFXqEQ4j8EZThtYuYUCVXABna903E1SN8WkgMghSE5KCkPJfAt5%2FxkH8pdnID10MNohVtLsuE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 789a8346df73b4f1-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	dgemanowhot.com.ua/bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc	188.114.96.1	204 No Content	0 B
URL HTTP/2 dgemanowhot.com.ua/bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /bnRsU0hBSw8gdTcaHGAdJiY4Ang0Gz0FBiAgAQkAOx8EGyk7MUonIQpJW2Z+XUNadTgHEFFhcUgHGDI8GwdRYm4HGgo8dUgCUWJmXlpaY2ZfUhlueUgAHDIvU0VKIzwaGFFifllHW2d6WUddZnpc HTTP/1.1 Host: dgemanowhot.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 204 No Content date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lMkCkjvOF3k2plz1A8xHAoLHj8aBaRIssA4bbK1sNdqsCYy9FFU0ZUHGnwPnwELGcaMZfP6oYFcw7zJtinK%2B6o3kUOeBI6xCa%2B1ZrLeTpAthvGKR6fks8qcgzmPpZ91ZvqZrRc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 789a8346ef77b4f1-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	e1.o.lencr.org/	23.33.119.27	200 OK	344 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash ffa7729132c943f60a3d2522b160b4d3 78ebd9989e8327d382878f91c94d4072e6f8edf1 8cb8cadac4b51ad7994a64206cd15064b1e7d45bf30fcc566ec644e67d5611cb HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "8CB8CADAC4B51AD7994A64206CD15064B1E7D45BF30FCC566EC644E67D5611CB" Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2806 Expires: Sun, 15 Jan 2023 01:18:57 GMT Date: Sun, 15 Jan 2023 00:32:11 GMT Connection: keep-alive`

	bayfiles.com/img/flags/24/fr.png	45.154.253.150	200 OK	536 B
URL HTTP/1.1 bayfiles.com/img/flags/24/fr.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 536 B (536 bytes) Hash e81efecf1a1b1d3a17d00a904c5cc3c9 1203894dbfc8363302dc709d852c05a4dd8bf9dc 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750 HTTP Headers `GET /img/flags/24/fr.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 536 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 540 accept-ranges: bytes`

	bayfiles.com/img/flags/24/kr.png	45.154.253.150	200 OK	988 B
URL HTTP/1.1 bayfiles.com/img/flags/24/kr.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 988 B (988 bytes) Hash cb22f00511d088a71e84f8c1c864caed 6599812ed106bda6017487287e12bc836570649f 09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1 HTTP Headers `GET /img/flags/24/kr.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 988 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 495 accept-ranges: bytes`

	djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I	54.230.245.37	200 OK	556 B
URL HTTP/2 djv99sxoqpv11.cloudfront.net/4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I IP 54.230.245.37:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (780), with no line terminators Size 556 B (556 bytes) Hash d45c2594e3087599db567f82ef4892b1 5deb9db14d601355d4ae4671f89f592460b4e671 e96eed2be9085cba09e39711fa6b533afa74778ea216b86492e7934bd1644154 HTTP Headers GET /4OVA3ajNaP1kMDE05U1cECmcEWQAfOkQFXUlteiIFQzl/OANeZUIFUFQ7YExHQzQKWhVVMVkNDh81WQkOCHZWDlEEZBEeQ1Y7Ch9bVSpdDFJWKl5MRlhtWgVJUDxbCxYLFgJEAxxiB0JEUD5TBURKdQVaXU11BVoCCX4HTwB7dQVaRFA+AV4WChISWANBZg-NPAHt1BVpBT3UEKwIJZRlaGhxiBw1WWjtYTwF/YgdbAwlhB1sWC2BRA0FcNlgSFgsWBloGF2ARHw4I HTTP/1.1 Host: djv99sxoqpv11.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://onandeggsiswe.com.ua/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK content-length: 556 date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 6iBVLtsfubhOjCThPqCIVilzE-V-9RCh1fI4oPn1_gJkTxTIqWzn8g== X-Firefox-Spdy: h2`

	djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb	54.230.245.37	200 OK	455 B
URL HTTP/2 djv99sxoqpv11.cloudfront.net/nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb IP 54.230.245.37:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (597), with no line terminators Size 455 B (455 bytes) Hash 2b0be9853f5b01bc7d16ca955a4fc5e7 ec9769bb060d0da44aeaa94bb1175b802feda8fa 66574cf93ee3c5f0b892992cd1b951724cdbe7defc4290bef6a4e74c596d75ca HTTP Headers GET /nNzlqZmhUVgQAV0NQDltfAg9ZUV4RUxkJBkcEJy4aR1ohEFheDjIRWRFNEAJVBx8GBwZQBEwDBlQEW0AJU1tXUk5DSQUNVUJRBhwCUVgFHAERTAtbBVhDAwoEVhxYIF0ZCU9UWB9OAwgMWE4ZQ1oHVx5DWgcIWkhYEgooQ1oHTgMIXgMcWSRNBQkSUFwSCi-hDWgdLHENbdghaU0YHEE9UWFBcCQ0HEgssVFgGCVpXWAYcWFYOXksPAAdPHFggWQcMRFZOQgRb HTTP/1.1 Host: djv99sxoqpv11.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://onandeggsiswe.com.ua/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK content-length: 455 date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 5z2UnV89yfpbdc_Xv8QPdy_3Nn-z6RBoGosJ76BJ7_xja7L0NT6E-A== X-Firefox-Spdy: h2`

	djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA	54.230.245.37	200 OK	190 B
URL HTTP/2 djv99sxoqpv11.cloudfront.net/9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA IP 54.230.245.37:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 190 B (190 bytes) Hash c155131d8b2e543ef645e947f651ec9a 6de1359e583786662310ec09c00d4d1a5b0d4bec 0466c5b18f06934c6cce55682f8597d7e69cf301955314f9d4b7e242b30785f8 HTTP Headers GET /9Tml4YVUtBhYHajoAHFxifV5LUmBoAwsOOz5UKQwaIx9LDzc7JSgIMxshXhUvKlRIRzkvBx9ccysHG1xkaAgcA2h6Tw0AaCMGAgg5IghdUxN7R0hEZ35BDwg7KgYPEnB8WRYVcHxZSVF7fkxLI3B8WQ8IO3hdXVIXa1tIGWN6TEsjcHxZChdwfShJUWBgWV-FEZ34OHQI+IUxKJ2d+WEhRZH5YXVNlKAAKBDMhEV1TE39ZTU9laBxFUA HTTP/1.1 Host: djv99sxoqpv11.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://onandeggsiswe.com.ua/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK content-length: 190 date: Sun, 15 Jan 2023 00:32:11 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: lzZs7vVBr74zv7BePVP6ztP57LMEbZz5rOg9J6YuqJrrEn8qYDElCw== X-Firefox-Spdy: h2`

	bayfiles.com/img/flags/24/in.png	45.154.253.150	200 OK	593 B
URL HTTP/1.1 bayfiles.com/img/flags/24/in.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 593 B (593 bytes) Hash ccaf96cfc341dc9a17e24b96bef223ff 8791d6db6628e0fb21b847ab94484f0c615e38ac 728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354 HTTP Headers `GET /img/flags/24/in.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 593 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 556 accept-ranges: bytes`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 388 Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:11 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742731.6817884; expires=Wed, 12-Jan-2033 00:32:11 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-1122-86c0-89e250defff9 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	bayfiles.com/img/flags/24/dk.png	45.154.253.150	200 OK	537 B
URL HTTP/1.1 bayfiles.com/img/flags/24/dk.png IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 537 B (537 bytes) Hash b6ebe55a7d176720cd2b1003298187a8 930858408b9af1f79c430bbe15c185db555a7815 07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a HTTP Headers `GET /img/flags/24/dk.png HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:11 GMT Content-Type: image/png Content-Length: 537 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 497 accept-ranges: bytes`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 5fc38856297a28cd362a2b0421acf8e7 6f83afbac6052fe285eacd2b69e92fd5b81ed7d9 710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2598 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:11 GMT Last-Modified: Sat, 14 Jan 2023 23:48:54 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471`

	e1.o.lencr.org/	23.33.119.27	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash a7a41b6730d32253158e0e6d7b4a247d d2226f6d30657bf502c6d81b180181f0da817245 ccc7702368b8cf967e41986b92b79489d4b9e5b985360a94048e546d9fe64f25 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "CCC7702368B8CF967E41986B92B79489D4B9E5B985360A94048E546D9FE64F25" Last-Modified: Fri, 13 Jan 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20699 Expires: Sun, 15 Jan 2023 06:17:10 GMT Date: Sun, 15 Jan 2023 00:32:11 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a0323bca87228ca600ad58555e1b2d3e a82132958ff2952767ff6b6b4c97ce81f899e226 ca54fbb1176415af368fc1d7d0711ba6a08c48124c3b33ce3ef2c77029568bae HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a0323bca87228ca600ad58555e1b2d3e a82132958ff2952767ff6b6b4c97ce81f899e226 ca54fbb1176415af368fc1d7d0711ba6a08c48124c3b33ce3ef2c77029568bae HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	e1.o.lencr.org/	23.33.119.27	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash a7a41b6730d32253158e0e6d7b4a247d d2226f6d30657bf502c6d81b180181f0da817245 ccc7702368b8cf967e41986b92b79489d4b9e5b985360a94048e546d9fe64f25 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "CCC7702368B8CF967E41986B92B79489D4B9E5B985360A94048E546D9FE64F25" Last-Modified: Fri, 13 Jan 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20698 Expires: Sun, 15 Jan 2023 06:17:10 GMT Date: Sun, 15 Jan 2023 00:32:12 GMT Connection: keep-alive`

	onandeggsiswe.com.ua/utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333	108.157.229.27	204 No Content	0 B
URL HTTP/2 onandeggsiswe.com.ua/utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333 IP 108.157.229.27:0 ASN #0 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /utx?cb=g4Nhpf1Yvp2w&top=bayfiles.com&tid=737333 HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content date: Sun, 15 Jan 2023 00:32:11 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://bayfiles.com cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Sun, 15 Jan 2023 00:33:11 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: 7FvLleXxF1LlBC7G06zVJEBaxRSfCdjmfffHetsrICwQS7-oF8Qamw== X-Firefox-Spdy: h2

	onandeggsiswe.com.ua/utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376	108.157.229.27	204 No Content	0 B
URL HTTP/2 onandeggsiswe.com.ua/utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376 IP 108.157.229.27:0 ASN #0 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /utx?cb=Ukj203xaxHfH&top=bayfiles.com&tid=756376 HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 204 No Content date: Sun, 15 Jan 2023 00:32:11 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://bayfiles.com cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Sun, 15 Jan 2023 00:33:11 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: 6-WXYSl2B8O452v-XNO-r8VSfUDWQMFJZU8aRy7pDOnhz7Sogm5_Ew== X-Firefox-Spdy: h2

	bayfiles.com/sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH	45.154.253.150	200 OK	14 kB
URL HTTP/1.1 bayfiles.com/sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type ASCII text, with very long lines (39060), with no line terminators Size 14 kB (14388 bytes) Hash fefdeff3180d9772f08a2cadce9a55b0 5610f0290b7f4c81c57a65703825fc2830aeac96 0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61 HTTP Headers GET /sw.js?Z3dKWkQ8VX1pc1RFfHhoRVVmeCYFRyk%2EfQQRZ2pxARZnbidTQmdjfFFGZ2xzAU5%2BO3NSFHs8J0VbaG4mBEIsbXNSWnk7clZafmtzA1ooP3xUWnJvJlUTfW59XxJ%2BO2ZLVTktZktVOjUoDhQjLj0UEjgzKwNZIzQiCFVmeHFJRWgH HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:12 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-vdch: Yes cache-control: public, max-age=14400 x-oe: Y x-oh: 6210 Content-Encoding: gzip`

	accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube	142.250.74.109	302 Found	426 B
URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP 142.250.74.109:0 ASN #15169 GOOGLE File type data Size 426 B (426 bytes) Hash dea896861475942eb17391dcea3b7070 f3fe1af9a986163c9305f480562f638b7eef5e28 a7e6eaacf21ed2d97bc86c7708dc533d8b37d236e4ac6ebeb4f9e5cf358a7752 HTTP Headers `GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 15 Jan 2023 00:32:12 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-security-policy: script-src 'nonce-u613NBEtCx5GlQJtS7Xjgw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 391 server: GSE set-cookie: __Host-GAPS=1:dC2kTlWoV5Ux9AwARrlYajUn5yZxGQ:NgXLzigohwaaL-9R;Path=/;Expires=Tue, 14-Jan-2025 00:32:12 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	onandeggsiswe.com.ua/multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1	108.157.229.27	200 OK	1.6 kB
URL HTTP/2 onandeggsiswe.com.ua/multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1 IP 108.157.229.27:0 ASN #0 File type ASCII text, with very long lines (3287), with no line terminators Size 1.6 kB (1564 bytes) Hash d1982cd77a96f10419c572a2fb5e764f d858c92c8d27d411b59a9badfd48a4f549e385d1 cf1f2369aa19e2dab827e1275972988a0b2be74cde4e61106aa1d0bd5b2668f2 HTTP Headers GET /multi?cs=bWJIYkJcW3lad1xVcVRxXVB4W3c&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fnec3g3jeyf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_wmPt=1673742732115&crc=1 HTTP/1.1 Host: onandeggsiswe.com.ua User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK content-type: text/plain content-length: 1564 date: Sun, 15 Jan 2023 00:32:12 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://bayfiles.com cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: csu=3231ff53-3e84-4f17-8c0b-25b94d5ba9c2 content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache: Miss from cloudfront via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: rcfxWeeGL92HeCyZmQh6XTyNLVaDh06ownhVvcijbQZUJn4cfNGUpw== X-Firefox-Spdy: h2

	accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail	142.250.74.109	302 Found	392 B
URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP 142.250.74.109:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378) Size 392 B (392 bytes) Hash ddee6f0954a075c47eec3d013d4ccf39 c77c8baf9a24d66ed6f42b81682f430daa9518ba ed4180aae887c0183ad186a155334455b6e48bb6ed4d8b76851f2c31ade2266b HTTP Headers `GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 15 Jan 2023 00:32:12 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-pMgxe4VL1_H7M4xm-p2dQw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 392 server: GSE set-cookie: __Host-GAPS=1:RfBFJANC7cVH5qt3wmLamkA0Il-dng:3I-QdugSVsC9s5S2;Path=/;Expires=Tue, 14-Jan-2025 00:32:12 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5ac0e204e812ce8905ac046581ff4e95 c0322d4ecff9356cca1a8e55d62e8d2f9540eca7 de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:12 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	pogothere.xyz/asd100.bin	172.64.132.29	200 OK	103 kB
URL HTTP/2 pogothere.xyz/asd100.bin IP 172.64.132.29:0 ASN #13335 CLOUDFLARENET File type data Size 103 kB (102745 bytes) Hash cdf6771a8ac7c8ed535ff0dc502ac4b7 4593710aa8cdb1c22a7b9b766763bca21bdaac17 897d21c2f71735cf9823f5aa049395078f5112e83e7d3f7f932b924a4996b660 HTTP Headers `GET /asd100.bin HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Origin: https://bayfiles.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 15 Jan 2023 00:32:12 GMT content-type: binary/octet-stream access-control-allow-origin: https://bayfiles.com access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cache-control: max-age=14400 cf-cache-status: HIT age: 6243 last-modified: Sat, 14 Jan 2023 22:48:09 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io9WvDKpAjWCrk6aVBFcyGxtzussiQXQxUg%2FiRJhXzNa3Nq7%2F8A59AODUUFSAp8n3VHFwEROnnv9xFDlfFBjL7WOlCmsqtmdU4798zgLlY%2F9iUu%2FTiekToujXLl7opzw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 789a834b39fa888b-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1663356888	45.154.253.150	200 OK	1.4 kB
URL HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1663356888 IP 45.154.253.150:0 ASN #41634 Svea Hosting AB File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size 1.4 kB (1368 bytes) Hash 9549584e9288a5dd9d163daa26a6f34d 0c7a71967bd4570770aa9b1043a1d82cd8969252 d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e HTTP Headers `GET /img/favicon/favicon-32x32-bayfiles.png?1663356888 HTTP/1.1 Host: bayfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/nec3g3jeyf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx Date: Sun, 15 Jan 2023 00:32:12 GMT Content-Type: image/png Content-Length: 1368 Connection: keep-alive cache-control: public, max-age=3600 x-oe: Y x-oh: 631 accept-ranges: bytes`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 5fc38856297a28cd362a2b0421acf8e7 6f83afbac6052fe285eacd2b69e92fd5b81ed7d9 710ed74bf69a62793e46c7a8557a3a133ad240beadfa3ecc6061b815f24fe9c6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2599 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 15 Jan 2023 00:32:12 GMT Last-Modified: Sat, 14 Jan 2023 23:48:54 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 256e39696ba05f2324bbc49b2a396115 e1cf8b15abd0a20eb1218be517c03459514a59e0 d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9" Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11888 Expires: Sun, 15 Jan 2023 03:50:20 GMT Date: Sun, 15 Jan 2023 00:32:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 256e39696ba05f2324bbc49b2a396115 e1cf8b15abd0a20eb1218be517c03459514a59e0 d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9" Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11888 Expires: Sun, 15 Jan 2023 03:50:20 GMT Date: Sun, 15 Jan 2023 00:32:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 256e39696ba05f2324bbc49b2a396115 e1cf8b15abd0a20eb1218be517c03459514a59e0 d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9" Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11888 Expires: Sun, 15 Jan 2023 03:50:20 GMT Date: Sun, 15 Jan 2023 00:32:12 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg	34.120.237.76	200 OK	4.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.6 kB (4594 bytes) Hash a4e46b934e0fe8ce439f5900f72ca8c8 d225e7cadd7cb400e39f9cef903249c77b34ec1c 19dfdcbad9e017e133cbbbf3aa6189815d914a3e189ab89730c09c211339cba2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4594 x-amzn-requestid: e234a2c4-83b0-4ff6-817c-b35a0c748266 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: etpRiHPiIAMF7bA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c22270-5e7f22a758ee77e034987dbb;Sampled=0 x-amzn-remapped-date: Sat, 14 Jan 2023 03:33:04 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: hGqDibdgHNG6D1g-Vw_PeHScGFFfpZTo9JfuL66BzOASOzzYKSuUcQ== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 05:35:28 GMT age: 68204 etag: "d225e7cadd7cb400e39f9cef903249c77b34ec1c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11285 bytes) Hash 91a664271b9042ab5a34c1259df6ab93 7ce177939ceed31dbe137996cace3f71eaab3cf4 08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11285 x-amzn-requestid: 988e5b38-d173-4e8c-9fe6-98f8f2a76b97 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eXEAsE5FoAMFd9w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b91a04-63377e2a6fd82d8d0f582918;Sampled=0 x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:44 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NdMsi2pSibnQ_tyUM4QXeIemgBJuVrRVcBLGmgMp7C895mwY1J53JA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 04:25:26 GMT age: 72406 etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10319 bytes) Hash ccd9a6ee59820f0e819323256cdeebcf 4b7dc1d4fa669c62d8506add356364020c203c7b 4d55fcb90dddc5eae466cc9ce0c42b560b964e3c5c02f069f6a09695af996fe3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10319 x-amzn-requestid: a5c3a403-75f7-4bda-b22f-089919454a6d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eniY8HxoIAMF3EQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63bfb105-36f4b9a9056d844955c9996f;Sampled=0 x-amzn-remapped-date: Thu, 12 Jan 2023 07:04:37 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: _1zECIPTchQXa3nVdsaH_-OY6oXEhgM8dkG_Tp084XK0eaJxYbq6tQ== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 01:48:22 GMT age: 81830 etag: "4b7dc1d4fa669c62d8506add356364020c203c7b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (4986 bytes) Hash 807e309c0c704608186f4f0be4f40d94 1eadbf6f305c19b86e83e570cd94133ff4bf33c1 e96f690e1fa5b1e54986a02cba764b4e965891553197a6decbea64a91c5dccaf HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4986 x-amzn-requestid: 19aa397e-1b5c-4c3e-be88-a429ca3d2f77 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: enenaH5YoAMF6TQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63bfaafc-210871f97c1c327e73fc25e0;Sampled=0 x-amzn-remapped-date: Thu, 12 Jan 2023 06:38:52 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: bthAkm0KtTHW9QVgchZF-TWemX9R9BsA7N1LMRQbQyD0wCkk2Io9ag== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 19:56:42 GMT age: 16530 etag: "1eadbf6f305c19b86e83e570cd94133ff4bf33c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg	34.120.237.76	200 OK	3.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.0 kB (2965 bytes) Hash 4bda8a71e1e7a2173911de887bcab274 a05c3182c259756d1a5327d5a133320313565fc8 b00ae81aae4e5867010548c35737058b2ccfd9a6a6e2a061c729a71d04a5a1a4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 2965 x-amzn-requestid: b17939c4-4838-4ec7-8459-93f88392a966 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: euH1cFFaIAMFuCw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c25355-4caee7f1070ed0c450f919f8;Sampled=0 x-amzn-remapped-date: Sat, 14 Jan 2023 07:01:41 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: fnUpBYZf6aDHW2v8vTN1O2N9GqPvYvbEytMf8fjkUVYzCjBCjU7grA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 21:46:14 GMT etag: "a05c3182c259756d1a5327d5a133320313565fc8" content-type: image/jpeg age: 9958 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg	34.120.237.76	200 OK	9.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.5 kB (9539 bytes) Hash a23d61d610c7b55d943fcb2636a01b65 82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065 28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9539 x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: epfDqEAZIAMFudQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0 x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Sat, 14 Jan 2023 05:58:29 GMT etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065" content-type: image/jpeg age: 66823 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	pogothere.xyz/asd100.bin	172.64.132.29	200 OK	102 kB
URL HTTP/2 pogothere.xyz/asd100.bin IP 172.64.132.29:0 ASN #13335 CLOUDFLARENET File type data Size 102 kB (102400 bytes) Hash 4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 HTTP Headers `GET /asd100.bin HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Origin: https://bayfiles.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 15 Jan 2023 00:32:12 GMT content-type: binary/octet-stream access-control-allow-origin: https://bayfiles.com access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cache-control: max-age=14400 cf-cache-status: HIT age: 6243 last-modified: Sat, 14 Jan 2023 22:48:09 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gz6JF%2F8Urp4BX%2BNJdice2HNG6kw6OGaoTF45%2BcAsW2wM1rerKHzKG9AC6%2B4VED%2FrpYaxN%2Bggl%2Ff3f9GNXiuNut9yAO1GY6oq3MJEIJfiY8SpxyuwDZNby1BhQqnjfqT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 789a834b3a11888b-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://bayfiles.com Content-Length: 350 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.2358990; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-13fd-8191-309ac9aed3d4 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 754 Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.5737345; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-1359-8e5d-678981f988b0 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://bayfiles.com Content-Length: 364 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.8304965; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-137e-86c5-329ecd019499 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 389 Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.4145722; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-1359-b97c-b43943cd50e7 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 394 Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.4516892; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-134f-8b30-6f5aa0b311f2 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 748 Origin: https://bayfiles.com Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.1373826; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-13ac-aa30-6cbb9a753a3d content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	policityseriod.info/	70.32.1.32	302 Found	0 B
URL HTTP/1.1 policityseriod.info/ IP 70.32.1.32:0 ASN #32181 ASN-GIGENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST / HTTP/1.1 Host: policityseriod.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://bayfiles.com Content-Length: 351 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 302 Found date: Sun, 15 Jan 2023 00:32:13 GMT server: Apache/2.4.38 (Debian) set-cookie: __tad=1673742733.3852389; expires=Wed, 12-Jan-2033 00:32:13 GMT; Max-Age=315360000 location: http://ww25.policityseriod.info/?subid1=20230115-1132-13c8-9182-e4899797a786 content-length: 0 content-type: text/html; charset=UTF-8 connection: close`

	pogothere.xyz/	172.64.132.29	200 OK	0 B
URL HTTP/2 pogothere.xyz/ IP 172.64.132.29:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Origin: https://bayfiles.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 15 Jan 2023 00:32:12 GMT content-type: text/plain set-cookie: csu=277534316250309@1@1673742732; Max-Age=31104000; Secure; SameSite=None access-control-allow-origin: https://bayfiles.com access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuIEDZ%2FpDGpOsOksP7OOm0vtef6BLs7NAZPbK%2FDzR6%2FD3jWnyrpUHztKZ43kZlSdR84z05xSIb7HrpzY5A7FgbIYVLlmUaqWK0XigTxevpzyR%2FLrcXz09FzVydKh0Jxq"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 789a834b4a17888b-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe	142.250.74.109	403 Forbidden	0 B
URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe IP 142.250.74.109:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /v3/signin/identifier?dsh=S-234386863%3A1673742732040125&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4w9kaeOYkp8NCQBn6KH6awemEwBqKngi3aK8cuglDfoTy0XG1uUD375KymqLvN0lrPJYFe HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 15 Jan 2023 00:32:12 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-W3lDzmFa9zhpq7JmfA-2sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only: same-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe	142.250.74.109	403 Forbidden	0 B
URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe IP 142.250.74.109:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /v3/signin/identifier?dsh=S1040905646%3A1673742732048855&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4vYU42hjbpYREK3hQCHRbE4tDaHZrgyjKBukkkjUk27TsETpSZ33kskR3-LUhr4IJT0Sfe HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bayfiles.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 15 Jan 2023 00:32:12 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains cross-origin-opener-policy-report-only: same-origin content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-HOE8Uztf5_l963EO2Dhv5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp	31.13.72.36	200 OK	0 B
URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp IP 31.13.72.36:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash HTTP Headers `GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://bayfiles.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-encoding: br pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 cross-origin-opener-policy: same-origin-allow-popups vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding strict-transport-security: max-age=15552000; preload content-type: text/html; charset="utf-8" x-fb-debug: ZCcNqVaOVGpscQPTTx6ME3IaS+LacTmq/FdbSCu+zapkrWeBa9A5mQX710a4EQKY2zxlPcuYbPfeDcsntAOZRA== date: Sun, 15 Jan 2023 00:32:12 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML