Report - www.upload-4ever.com/5yix1wfx09pl

Report Overview

Submitted URL
www.upload-4ever.com/5yix1wfx09pl
IP
104.21.12.131
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-19 10:41:33
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-25T18:50:35Z	394 B	749 B	139.45.195.8
www.google.com	7	2015-05-10T13:11:19Z	2023-03-25T21:05:45Z	492 B	730 B	216.58.211.4
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-25T18:49:55Z	518 B	578 B	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-26T06:32:39Z	494 B	1.0 kB	108.177.14.157
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.43.13.62
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.4 kB	8.9 kB	23.36.76.226
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-26T06:13:32Z	528 B	5.2 kB	142.250.74.130
ssl.google-analytics.com	275	2012-10-02T06:58:30Z	2023-03-26T07:28:12Z	370 B	18 kB	142.250.74.104
youradexchange.com	273384	2013-02-04T17:25:46Z	2023-03-25T19:08:56Z	1.5 kB	1.2 kB	172.67.205.72
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	2.7 kB	5.6 kB	142.250.74.131
superfastcdn.com	88935	2017-09-19T20:24:43Z	2023-03-25T11:44:24Z	375 B	84 kB	104.21.234.172
www.upload-4ever.com	780180	2020-12-31T06:05:28Z	2023-03-25T05:53:29Z	462 B	788 B	172.67.152.107
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
cagothie.net	198368	2021-07-06T04:00:26Z	2023-03-26T01:59:39Z	1.3 kB	42 kB	139.45.197.238

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.upload-4ever.com/js/jquery.paging.js	19 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/js/jquery.paging.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-04-24 06:57:51 Times Seen3009 Hash d7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6 Loading...

	www.upload-4ever.com/assets/js/bootstrap.min.js?ver=10	51 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/bootstrap.min.js?ver=10 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-24 12:00:58 Times Seen243755 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.upload-4ever.com/js/paging.js?ver=8	2.0 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/js/paging.js?ver=8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:51 Times Seen131 Hash 72fd099a2f1b24e8ad211308041e48c2 a1d45a105cce69e607050011242dd10f79a181d0 20bc222f73096f80397fe7b936bf6c6ca21f77dc5eb9ae91244154a98a207a64 Loading...

	www.upload-4ever.com/5yix1wfx09pl	59 kB	2023-03-26	2023-06-09
Pretty URL www.upload-4ever.com/5yix1wfx09pl IP 172.67.152.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:37:09 Last Seen2023-06-09 19:49:35 Times Seen3 Hash b287369532e6b473e890b4a5ef27a8a4 00eacd03506cf1c943541368a4b4336c88d1e441 e7f0bb3c00b3e3f135ac70b9a82424fc314dd386e2ce1b31e458ab082543a509 Loading...

	www.upload-4ever.com/z-6683946	939 B	2023-03-26	2023-03-26
Pretty URL www.upload-4ever.com/z-6683946 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:37:09 Last Seen2023-03-26 10:37:09 Times Seen1 Hash abbbf474995c8096b48f98500e1ecfd1 0467b498397b80bdd40b3145b6f99d649ff87a52 a2b2c70fc218c4b4eaef3e2faaa92d5ec5848137fc47aa8686d0c85ac13aef98 Loading...

	superfastcdn.com/script/tailwind.js	102 kB	2023-03-25	2023-03-29
Pretty URL superfastcdn.com/script/tailwind.js IP 104.21.234.172 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:29:09 Last Seen2023-03-29 21:30:16 Times Seen55 Hash 394072bd570971d5e4013e2de1ec8cad 582dc5f8c13b34c86566090da7ab868193b210af b85f796edeb4e007eaa0bd82ebaf072aebd302c5bfa3f4e151f597d385cebff8 Loading...

	cagothie.net/tag.min.js	72 kB	2023-03-26	2023-03-26
Pretty URL cagothie.net/tag.min.js IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:37:13 Last Seen2023-03-26 10:51:01 Times Seen35 Hash 679e9ed21d745ce8d4de09a8b2e8c965 a0d174919f45b620a129d1b9d29fe50f527ab58d 5a0c34c221b55b6b68b90c971111aa6ea73b78ee5f42bb5da4d6108167429513 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	superfastcdn.com/script/ut.js?cb=1679222491436	72 kB	2023-03-13	2023-05-17
Pretty URL superfastcdn.com/script/ut.js?cb=1679222491436 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:52:40 Last Seen2023-05-17 08:06:14 Times Seen325 Hash 32cbc0400462d7cfabd88795319e259b cbb3412f003e6e974e8db7af6588580f817a08ec b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5 Loading...

	www.upload-4ever.com/assets/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/jquery-3.3.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 12:08:17 Times Seen105846 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.upload-4ever.com/assets/js/popper.min.js?ver=10	20 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/popper.min.js?ver=10 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:52 Times Seen352 Hash c055b8c12988ec2b1f7238d85e79f4b4 5958a52438c8d753d692b11b5419bd1490c2655b 58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004 Loading...

	www.upload-4ever.com/assets/js/perfect-scrollbar.min.js	18 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/perfect-scrollbar.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2024-04-24 06:57:51 Times Seen2197 Hash 4a10bcfa0a9c9fa9d503b5a498cac31e c4f6c403e99fb37cb496c3844b332823db7c5837 a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634 Loading...

	www.upload-4ever.com/js/jquery.cookie.js	3.1 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/js/jquery.cookie.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-04-24 06:57:51 Times Seen2518 Hash ff14e4812b7f512e620b1ad35542bcfc c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Loading...

	www.upload-4ever.com/js/bootstrap-confirm.js	3.1 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/js/bootstrap-confirm.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:51 Times Seen306 Hash ed107aaa46561415692b9d4548c7c615 c23678dd36a64ddd29d8cc102d1b1bebf922875f ecf662e9f1d25bd142e6b4e5618012a3af7af1a2cd7504d67b90d59ca344ef2f Loading...

	www.upload-4ever.com/5yix1wfx09pl	194 B	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/5yix1wfx09pl IP 172.67.152.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:51 Times Seen103 Hash 7b6bba7d4a9952542fc729c25130c2d4 37a7d946a08461b0c84011c71317555e1293f5ee 3dfbca52099e0c1e4aac2e292e811ea8ff217111b02d2eafae23d584e4e8cf4b Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	144 kB	2023-03-26	2023-03-26
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:37:09 Last Seen2023-03-26 10:37:09 Times Seen1 Hash c785c25dc17e2030ec2cb127798db52d a775326f74ef70be823f99965d2a614b991f35b0 e65d68f562b45aab80d1b13bf63cd5427c55d367a1087b55e9c9db482b9a3a04 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html	10 kB	2023-03-14	2023-04-05
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:29:45 Last Seen2023-04-05 02:11:59 Times Seen4625 Hash a969ec2e827cf3b8a9dc2ccd439733c2 189a089bc848f30d70479c6c0da113c13a83f99b 84f8183c57907d5d6223e8bea02deea39c65caf1371df19b3e6e82cb983da1f1 Loading...

	www.upload-4ever.com/assets/js/mdb.min.js?ver=15	420 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/mdb.min.js?ver=15 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:52 Times Seen205 Hash 6463535469b0b25b75b2e7a5827ffefa ebd7735850a34a96a130fad72cb395e40772edcf b6e658cbd1f64eba1b117f37d463588e91d21469fbf2cb2332b5d68f4e4b0fee Loading...

	www.upload-4ever.com/5yix1wfx09pl	434 B	2023-03-07	2023-06-09
Pretty URL www.upload-4ever.com/5yix1wfx09pl IP 172.67.152.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2023-06-09 19:49:35 Times Seen4 Hash 360d81ad87943d04bf1fa9ab550a98f5 72251a922a9bbc163d8ee0779f8e03e72cf28e04 712204a5c7f9e940065b55b737a8d7bc512b4c28041cce54d5bf290d32fa0241 Loading...

	www.upload-4ever.com/5yix1wfx09pl	444 B	2023-03-26	2023-06-09
Pretty URL www.upload-4ever.com/5yix1wfx09pl IP 172.67.152.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:37:09 Last Seen2023-06-09 19:49:35 Times Seen3 Hash 243099c787da71513d91ed3db812ece9 63256a98af27dad0a246787bbc8cb8bebea751a2 e1ce37ee256f18b8e83fe89f6f0cac1887b6c9f356c7d1cb6dde868f07e012ba Loading...

	www.upload-4ever.com/assets/js/interface.js?ver=11	135 B	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/assets/js/interface.js?ver=11 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:51 Times Seen141 Hash 2ca9351527112fbc7dca206f84ea5524 2f3d792c91412558c7060080b72a81fd297ef64e 0a61490d8aeb374bac98abdad64f4d036b7117d850c740dc4ebd5be7c0708e22 Loading...

	www.upload-4ever.com/js/dialogs.js	2.2 kB	2023-03-07	2024-04-24
Pretty URL www.upload-4ever.com/js/dialogs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:52:11 Last Seen2024-04-24 06:57:51 Times Seen274 Hash 2f96a16e62a9d63834bbb6108f83d90b 7da8c8e56e98e99c6c891f6b44d135fb1276a32c 71fea8e764130d6d3e79297c3c69a3f30ba91e929ef79753dc6fd807d04bc03d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

HTTP Transactions (42)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2857be6f18459c7a4a7f00f6cd6076f1 570609086d72a9be57cde7bfefd25663c1035fba bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F" Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8182 Expires: Sun, 19 Mar 2023 12:57:44 GMT Date: Sun, 19 Mar 2023 10:41:22 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 443a700f85619f4fd8a548421c5c23e2 a58764a07feafb2bb4b340c020b5104c55b35195 0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D" Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20035 Expires: Sun, 19 Mar 2023 16:15:17 GMT Date: Sun, 19 Mar 2023 10:41:22 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 19 Mar 2023 10:27:04 GMT content-type: application/json age: 858 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 12cdbcb1b0785dc0423386448ac68c9c 08cff6b76fd708f0cef3c5bdb8fc72570c4536bd bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534" Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14101 Expires: Sun, 19 Mar 2023 14:36:23 GMT Date: Sun, 19 Mar 2023 10:41:22 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 3R1sTGjBCd4Eeznw7dYEigY9HkjI7GzJUtir98Dc7Y5D/tkRsKENqQvshGCLcvJSpH+8rw/0SFE= x-amz-request-id: 1ZZCFESEZADXHTYF x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 19 Mar 2023 09:52:19 GMT age: 2943 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 19 Mar 2023 10:41:22 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 922d7b113f68d783fc04a8d10979e7e2 2082a1c13e325de07130b071034894aa06277265 2d9b29d3d5546d5b6cf2bb729f6dee276b71de792de91e2ebe2171ff0008198d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2D9B29D3D5546D5B6CF2BB729F6DEE276B71DE792DE91E2EBE2171FF0008198D" Last-Modified: Sun, 19 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11396 Expires: Sun, 19 Mar 2023 13:51:19 GMT Date: Sun, 19 Mar 2023 10:41:23 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 922d7b113f68d783fc04a8d10979e7e2 2082a1c13e325de07130b071034894aa06277265 2d9b29d3d5546d5b6cf2bb729f6dee276b71de792de91e2ebe2171ff0008198d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2D9B29D3D5546D5B6CF2BB729F6DEE276B71DE792DE91E2EBE2171FF0008198D" Last-Modified: Sun, 19 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11396 Expires: Sun, 19 Mar 2023 13:51:19 GMT Date: Sun, 19 Mar 2023 10:41:23 GMT Connection: keep-alive`

	cagothie.net/5/2726715/?oo=1&aab=1	139.45.197.238	200 OK	784 B
URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1 IP 139.45.197.238:0 ASN #9002 RETN Limited File type data Size 784 B (784 bytes) Hash 4031ce29d0eff4326a0e9cdf86ea2416 86decef7011b7e6940de031c841b67d278588989 9a5b34a8ce609203ee4e3725321db641c709ba77aac44f52e13a5a32d7a6392c HTTP Headers `GET /5/2726715/?oo=1&aab=1 HTTP/1.1 Host: cagothie.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.upload-4ever.com Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Sun, 19 Mar 2023 10:41:23 GMT content-type: application/json content-length: 97 x-trace-id: 67b497b557ecb693a85f3cacdf68611a link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" access-control-allow-origin: https://www.upload-4ever.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=e45a8a7f31da44a29e721ebca275bcaf; expires=Mon, 18 Mar 2024 10:41:23 GMT; path=/; secure; SameSite=None oaidts=1679222483; expires=Mon, 18 Mar 2024 10:41:23 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT X-Firefox-Spdy: h2

	cagothie.net/tag.min.js	139.45.197.238	200 OK	38 kB
URL HTTP/2 cagothie.net/tag.min.js IP 139.45.197.238:0 ASN #9002 RETN Limited File type ASCII text, with very long lines (50758) Size 38 kB (37762 bytes) Hash 0be5d1f400a64edfb67641661395275e 0aef4dbeac35c7cb818e7e016e88d4b77df92756 48e688f05cd2f30fd192639fe468ea453adbaa43708952cd31791b9418500b00 HTTP Headers `GET /tag.min.js HTTP/1.1 Host: cagothie.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Sun, 19 Mar 2023 10:41:23 GMT content-type: text/javascript; charset=utf-8 content-length: 23299 content-encoding: br x-trace-id: 2efd7309b629a3f15e083b13d5632124 cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 accept-ranges: bytes last-modified: Wed, 15 Mar 2023 07:54:05 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 pragma: no-cache expires: Tue, 11 Jan 1994 10:00:00 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 19 Mar 2023 10:14:32 GMT age: 1611 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7c8dfa805163cbe39595d31e72da716e 34a2c4ac208f5f9d77302b67f556203d539388d7 874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash db7a51fe853d91ea7990bb3c41ba3cb4 f416e7ea87e2ac443e81afac853a3d05071d88e4 a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ssl.google-analytics.com/ga.js	142.250.74.104	200 OK	17 kB
URL HTTP/2 ssl.google-analytics.com/ga.js IP 142.250.74.104:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1305) Size 17 kB (17168 bytes) Hash 01d5892e6e243b52998310c2925b9f3a 58180151b6a6ee4af73583a214b68efb9e8844d4 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d HTTP Headers `GET /ga.js HTTP/1.1 Host: ssl.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 17168 date: Sun, 19 Mar 2023 09:53:14 GMT expires: Sun, 19 Mar 2023 11:53:14 GMT cache-control: public, max-age=7200 age: 2889 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	superfastcdn.com/script/tailwind.js	104.21.234.172	200 OK	83 kB
URL HTTP/2 superfastcdn.com/script/tailwind.js IP 104.21.234.172:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (37853), with NEL line terminators Size 83 kB (83331 bytes) Hash 5e87f5b1ab5af44b14e66b0d8fe3c8da fae8f8aa435e04c3ac272cd8279261fc470980ff 2fb2c79609fc50a56d5f0f4428ca7495bec9e0d2d25d984bf375495842176bf9 HTTP Headers `GET /script/tailwind.js HTTP/1.1 Host: superfastcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 19 Mar 2023 10:41:23 GMT content-type: application/javascript x-guploader-uploadid: ADPycduJ_S-2Bi4SakUdgClOVxPdc1FrG8knmIcuubRTk4F0--Lrnpxp1saykwGY-qThmBYK0EIPIO_h-Fv1vl6a0XvqBA x-goog-generation: 1678266168518656 x-goog-metageneration: 2 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 101870 x-goog-hash: crc32c=uGt4EA==, md5=OUByvVcJcdXkAT4t4eyMrQ== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * expires: Sun, 19 Mar 2023 10:54:07 GMT cache-control: public, max-age=14400 last-modified: Wed, 08 Mar 2023 09:02:48 GMT etag: W/"394072bd570971d5e4013e2de1ec8cad" age: 2526 alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3O5YuvuOAqkHVPQayIOhLTz1Ixynbm1U5hEp48exT8SH0WsY68%2BhOTITrP%2BY98QSVxN1UrGpXXQNmMlQc4TSfZAiXPRiTz8Owo3Tb7J5J8WxW1nFDJCwb3bHdRjYC6QCmZY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7aa51a495a787309-LHR content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash db7a51fe853d91ea7990bb3c41ba3cb4 f416e7ea87e2ac443e81afac853a3d05071d88e4 a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash aa2b2a0a7234e0be3e0babb33fca7aa7 8851dfb9b0a5caac00fa683d798fd53fa78d7c8e c365ce2606f05a56d7d2a1d81e61bb1faed105a86d6e3b7d972fe1b1c2e67544 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C365CE2606F05A56D7D2A1D81E61BB1FAED105A86D6E3B7D972FE1B1C2E67544" Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13953 Expires: Sun, 19 Mar 2023 14:33:56 GMT Date: Sun, 19 Mar 2023 10:41:23 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7c8dfa805163cbe39595d31e72da716e 34a2c4ac208f5f9d77302b67f556203d539388d7 874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	my.rtmark.net/gid.js	139.45.195.8	200 OK	65 B
URL HTTP/2 my.rtmark.net/gid.js IP 139.45.195.8:0 ASN #9002 RETN Limited File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash be9c5e2dfd0a1b74cbe0174257ae456a 5f9fae25a14a96089b1f9b38ed6ae284893ee488 0a9a18f1a3cf36020cb4f1efdb99baf01d4730a40fc1ea77147500f98accd902 HTTP Headers `GET /gid.js HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.upload-4ever.com Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Sun, 19 Mar 2023 10:41:23 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://www.upload-4ever.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=1ff148f8dbbc410ebe3a7e1f5f3e4fed; expires=Mon, 18 Mar 2024 10:41:23 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0a4b141e90b0fb22cf6d10a6a4fd360d 37b081be1a69edb97a7c562b71474f4d7405d94e 5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF" Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5845 Expires: Sun, 19 Mar 2023 12:18:48 GMT Date: Sun, 19 Mar 2023 10:41:23 GMT Connection: keep-alive`

	googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html	142.250.74.130	200 OK	4.5 kB
URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html IP 142.250.74.130:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205) Size 4.5 kB (4549 bytes) Hash bad17ab9662318e8927e5009c83c2ad1 53ded630f95abe04b7b77d43076bf71b9ea71c02 68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260 HTTP Headers GET /pagead/html/r20230315/r20190131/zrt_lookup.html HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.upload-4ever.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff content-encoding: br server: cafe content-length: 4549 x-xss-protection: 0 date: Sun, 19 Mar 2023 01:32:39 GMT expires: Sun, 02 Apr 2023 01:32:39 GMT cache-control: public, max-age=1209600 age: 32924 etag: 2378337311435320485 content-type: text/html; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	youradexchange.com/ut/hb.php?cb=0.27463003468278224	172.67.205.72	204 No Content	0 B
URL HTTP/2 youradexchange.com/ut/hb.php?cb=0.27463003468278224 IP 172.67.205.72:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /ut/hb.php?cb=0.27463003468278224 HTTP/1.1 Host: youradexchange.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain; charset=utf-8 Content-Length: 1085 Origin: https://www.upload-4ever.com Connection: keep-alive Referer: https://www.upload-4ever.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 204 No Content date: Sun, 19 Mar 2023 10:41:23 GMT access-control-allow-origin: * via: 1.1 google cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLmFYa5gEYUJh5JHXF3SaMIVBAhvQlQn4xQE7dgdtT%2BPy6F6ENCey3KXUt23QvCg15p6wLyXXP6v886H9j1fKaX199hAFmmvI1rw69jSQKIe6FJ3nv%2Brwz0tXCsaykg7jDu1k8o%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aa51a4b2d750b49-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958	108.177.14.157	302 Found	368 B
URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958 IP 108.177.14.157:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size 368 B (368 bytes) Hash 5d7cab02c9384583cc94070995947457 fa8300cb73d4a89815d3cae17443385b1b223797 8921b7b83211b75de8933f2002925da493aa573a084c294b227391a1190e0c48 HTTP Headers `GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload-4ever.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 302 Found location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958 access-control-allow-origin: * strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sun, 19 Mar 2023 10:41:23 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT cross-origin-resource-policy: cross-origin content-type: text/html; charset=UTF-8 server: Golfe2 content-length: 368 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 19c14f58184c7e690016123d3ef7a534 2c72fde2182255e717fb88abf38f3d4cdfdefafd cdac56c85e414c7934436cc5347cdf356ad82b3fbfd2e6bac40a4156382442ad HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958	216.58.211.4	302 Found	0 B
URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958 IP 216.58.211.4:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload-4ever.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 302 Found p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 19 Mar 2023 10:41:24 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958&slf_rd=1&random=1294709234 content-type: text/html; charset=UTF-8 x-content-type-options: nosniff server: cafe content-length: 0 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fe99fbfafe932798d008a24a9e6083c5 f4525c21f1da0a2c15ae3c36598d0e243bea4f32 7042c657b1b57b5a441341628450ea07042994316089b30653df49a8ded66fe2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	52.43.13.62	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.43.13.62:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: TEdiKyUm1P3NY7mcTmp4Sg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Y6S7q2gDzE/1BHEhMdg5VdDFX5A=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 73af20327f0f4938b7c375ac8a34466a e108c5c8cd69ca4d7c3441bc2806e2a44eea6056 d23a6378cdd4c7f9ba0924e4d11fdb96267bdfacd7faa4c060d0a6cd2eefcff5 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958&slf_rd=1&random=1294709234	142.250.74.163	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958&slf_rd=1&random=1294709234 IP 142.250.74.163:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1114909089.1679222492&jid=2004646441&_v=5.7.2&z=499766958&slf_rd=1&random=1294709234 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload-4ever.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 19 Mar 2023 10:41:24 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 73af20327f0f4938b7c375ac8a34466a e108c5c8cd69ca4d7c3441bc2806e2a44eea6056 d23a6378cdd4c7f9ba0924e4d11fdb96267bdfacd7faa4c060d0a6cd2eefcff5 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 19 Mar 2023 10:41:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash de95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36" Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13029 Expires: Sun, 19 Mar 2023 14:18:34 GMT Date: Sun, 19 Mar 2023 10:41:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash de95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36" Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13029 Expires: Sun, 19 Mar 2023 14:18:34 GMT Date: Sun, 19 Mar 2023 10:41:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash de95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36" Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13029 Expires: Sun, 19 Mar 2023 14:18:34 GMT Date: Sun, 19 Mar 2023 10:41:25 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg	34.120.237.76	200 OK	6.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.2 kB (6219 bytes) Hash 7e58e6553fe8e5d936a911080cec36dc 75dd9bdbaf7f19102036d27e69a011f4c37942a9 0c565b97125e28b8183baab26baf7c703e70f82fad13117c5780259e6d91a89d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6219 x-amzn-requestid: 61b80920-2ba3-4688-80ee-848d68031908 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BwlmnG0KoAMFd0A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64101c90-17c159767df548c4672b7365;Sampled=0 x-amzn-remapped-date: Tue, 14 Mar 2023 07:04:48 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: ACswRkub0RlODaxJHJGsGkACkMQKk85qY3VxYPscNccAMYdpkQ9evA== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google date: Sun, 19 Mar 2023 07:35:38 GMT age: 11147 etag: "75dd9bdbaf7f19102036d27e69a011f4c37942a9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10338 bytes) Hash 78453ba98b72eff3879ef163b59c86ed 80519bb3726ee1f9f211344cd433cefaed3a7f2e 61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10338 x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BvSgFGENoAMFuVw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0 x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google date: Sun, 19 Mar 2023 04:25:44 GMT age: 22541 etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg	34.120.237.76	200 OK	6.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.3 kB (6265 bytes) Hash c70e6317e3ccd8783db05f712ab8b319 ae05abedca84094ff077fdfb6b5ea0e6148a086b 9d3edfaeab32dfa522cd0eac659b93eb561b33a91149428e7a5d7ec84431bb72 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae7f77f1-adab-464f-87e7-4a15dcd322ba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6265 x-amzn-requestid: a40c18f5-e26f-48d0-982a-ebfc9fa92b9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_wYuEa7IAMFneQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162dd1-42b70f637dc3b2d222d98f9b;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: ZmsbBsj6OhviPejWpo3ld4giqw8nZQPh3Yg48h5msviylixHC93ULA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 21:45:46 GMT etag: "ae05abedca84094ff077fdfb6b5ea0e6148a086b" content-type: image/jpeg age: 46539 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10913 bytes) Hash 925c6d8d9b0bd170303c785824f842f6 74127f320b41464959c3d1881aa7056a2bb7c3db 7c87a48bbff78f9f302c77508a3899709dc146ff6a095c548398e710aa6119c7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10913 x-amzn-requestid: 71cd1b59-f51f-47af-aab3-523716b6b34f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Bp_4XGugIAMFtkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640d79ce-2494be625549a22d410f4aa7;Sampled=0 x-amzn-remapped-date: Sun, 12 Mar 2023 07:05:50 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: r9hbB7S9Fi4bfJuPdSnSbInXAGuk2frr-b5qftWJQgFJFDUlCibvew== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 22:12:23 GMT age: 44942 etag: "74127f320b41464959c3d1881aa7056a2bb7c3db" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg	34.120.237.76	200 OK	7.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.9 kB (7930 bytes) Hash 790ee76f4db86cd0cc555f6d7beada2c fea1a6b2a38be6a09e086def71f521cc88509a0f f7641b9e414006ee96daa82fd9d6aa1463d47c0388a9f3b289c563af76a3d2ef HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7930 x-amzn-requestid: 276e0768-3943-40ba-9d6c-4f13ab08da51 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_wqXFwvoAMF1zA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162e42-6f9e6903248d187d5d4a8544;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 1xxK7FkBf2ZJFQ7x4Z7iWtLvxQIpB2YZwy4SsgbIsUwgvkQ4dOIf7w== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 21:45:47 GMT age: 46538 etag: "fea1a6b2a38be6a09e086def71f521cc88509a0f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg	34.120.237.76	200 OK	8.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.2 kB (8189 bytes) Hash 6645ef8b7e2b10326cc1cb7c76f82769 cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced 1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8189 x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_wqgGsdIAMFi6g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: n-Dbnb07Rsh0y_T4UW0VQSyRcV96MehdMiFlhdUtcrCiqZVL5ZVJxg== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 21:45:47 GMT etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced" content-type: image/jpeg age: 46538 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.upload-4ever.com/5yix1wfx09pl	172.67.152.107	200 OK	0 B
URL HTTP/2 www.upload-4ever.com/5yix1wfx09pl IP 172.67.152.107:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /5yix1wfx09pl HTTP/1.1 Host: www.upload-4ever.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Sun, 19 Mar 2023 10:41:22 GMT content-type: text/html; charset=UTF-8 strict-transport-security: max-age=0;includeSubDomains; expires: Sat, 18 Mar 2023 10:41:22 GMT set-cookie: aff=1097249; domain=.upload-4ever.com; path=/; expires=Sun, 02-Apr-2023 10:41:22 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNLRwXyDbmPipvUc056DHxXIpd7zUprtFwOrEX1rSeH1el9Y9wIXIQ971wPxdPSUPloL4NNjW4HF7i8e7yaD6C45EArpV2h8b2ScwyDSKmjYEky5XXQUoHeI2PUqjOeLZ79owIcFiw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aa51a44abe90afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	youradexchange.com/script/suurl4.php?r=6683946&cbur=0.8087864205808428&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Download%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbpage=https%3A%2F%2Fwww.upload-4ever.com%2F5yix1wfx09pl&cbref=&cbdescription=Download%20File%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbkeywords=%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%2C%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%2C%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%2C%20rar&cbcdn=superfastcdn.com&aggr=0	172.67.205.72	200 OK	0 B
URL HTTP/2 youradexchange.com/script/suurl4.php?r=6683946&cbur=0.8087864205808428&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Download%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbpage=https%3A%2F%2Fwww.upload-4ever.com%2F5yix1wfx09pl&cbref=&cbdescription=Download%20File%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbkeywords=%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%2C%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%2C%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%2C%20rar&cbcdn=superfastcdn.com&aggr=0 IP 172.67.205.72:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /script/suurl4.php?r=6683946&cbur=0.8087864205808428&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Download%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbpage=https%3A%2F%2Fwww.upload-4ever.com%2F5yix1wfx09pl&cbref=&cbdescription=Download%20File%20%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%20rar&cbkeywords=%D8%AA%D8%B3%D8%B1%D9%8A%D8%B9%2C%20%D9%85%D8%AD%D8%A7%D9%83%D9%8A%2C%20%D8%AC%D9%8A%D9%85%D9%84%D9%88%D8%A8%2C%20rar&cbcdn=superfastcdn.com&aggr=0 HTTP/1.1 Host: youradexchange.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload-4ever.com/ Origin: https://www.upload-4ever.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Sun, 19 Mar 2023 10:41:23 GMT content-type: application/json; charset=utf-8 access-control-allow-origin: * via: 1.1 google cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjRVAXzJgpt3rbTwzzTAup0wN04ZY02%2B3Ta18E9DzJh33SGiZjaQo1G9mfKnV2aGSPy%2FTr3hlp9VEiQ4IC8dczFzFfoF3fT8WqsqIu2085S9VVJbiw2y3JPuVwLi%2FFQcjUMsEUs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7aa51a4a6f1bb51d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cagothie.net/5/2726715/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.508.0&userId=1ff148f8dbbc410ebe3a7e1f5f3e4fed	139.45.197.238	200 OK	0 B
URL HTTP/2 cagothie.net/5/2726715/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.508.0&userId=1ff148f8dbbc410ebe3a7e1f5f3e4fed IP 139.45.197.238:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash HTTP Headers GET /5/2726715/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.508.0&userId=1ff148f8dbbc410ebe3a7e1f5f3e4fed HTTP/1.1 Host: cagothie.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.upload-4ever.com Connection: keep-alive Referer: https://www.upload-4ever.com/ Cookie: OAID=e45a8a7f31da44a29e721ebca275bcaf; oaidts=1679222483 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx date: Sun, 19 Mar 2023 10:41:23 GMT content-type: application/json x-trace-id: d7e36a2b254b19ffbb2c8f235352d0da link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" access-control-allow-origin: https://www.upload-4ever.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=1ff148f8dbbc410ebe3a7e1f5f3e4fed; expires=Mon, 18 Mar 2024 10:41:23 GMT; path=/; secure; SameSite=None oaidts=1679222483; expires=Mon, 18 Mar 2024 10:41:23 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Sun, 26 Mar 2023 10:41:23 GMT; path=/; secure; SameSite=None pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML