bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
45.154.253.152200 OK 3.1 kB URL User Request GET HTTP/1.1 bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (949)
Hash 428db03713e645698635a455141ebd4b
27899dd4314e99dbde59fffd417833dea7a912a6
a720f3bcf859abe99b10ed668c6e223ce4c01aa6d8e4fbd6156aada2454b17bf
GET /gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: Y
x-oh: 3
Content-Encoding: gzip
bayfiles.com/css/bayfiles.css?1685109493
45.154.253.152200 OK 25 kB URL GET HTTP/1.1 bayfiles.com/css/bayfiles.css?1685109493
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type ASCII text, with very long lines (65452)
Hash ad2fc3a94b18b0d847b8a34290c2e44b
a42e3bb0e977567c31c8f87dbd0f7459aa2956f1
63a1082d343a42417dadd69a17738eeb7e3b05badd961c13661387abfde2737e
GET /css/bayfiles.css?1685109493 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1157
Content-Encoding: gzip
bayfiles.com/sw.js
45.154.253.152200 OK 14 kB IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type ASCII text, with very long lines (39060), with no line terminators
Hash 964007d2c849e80c42f0598d126ee512
de282c1ab3319bdd9a72d83474115c778a36dc62
f9890628478a7fe67fd6a3a14e8a1a3dfe7d8df69b6c513d2c58331cabf8725b
GET /sw.js HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 15954
Content-Encoding: gzip
bayfiles.com/js/app.js?1685109493
45.154.253.152200 OK 58 kB URL GET HTTP/1.1 bayfiles.com/js/app.js?1685109493
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type ASCII text, with very long lines (63238)
Hash fe2ca28edff9bbe292e8ad65115dfcfb
8bcf6e44843e1c4b5239ab463deabfc5c7eec8d5
2382ae43e653914c77c691b477cc0e6151d2183cba4cd4f51218fefa121c02be
GET /js/app.js?1685109493 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1099
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.2.217200 OK 9.7 kB URL GET HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.2.217:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT
File type ASCII text, with very long lines (35998), with no line terminators
Hash 895e6b29db41953ef6197815c6be59d3
065ac8dbb45ff81cf4a079f342c4022d5fbcbe7e
9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Mon, 29 May 2023 16:33:41 GMT
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 6279
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/kr.png
45.154.253.152200 OK 988 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/kr.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 198
accept-ranges: bytes
bayfiles.com/img/flags/24/dk.png
45.154.253.152200 OK 537 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/dk.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2150
accept-ranges: bytes
bayfiles.com/static/logo.png
45.154.253.152200 OK 39 kB URL GET HTTP/1.1 bayfiles.com/static/logo.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash d39dfc9566d5264e198224dc249dd6bb
67ec60e7df6257a32f41e45e6877dc65f036ef0f
0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a
GET /static/logo.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:41 GMT
Content-Type: image/png
Content-Length: 38607
Connection: keep-alive
last-modified: Wed, 16 Nov 2022 12:55:21 GMT
etag: "6374ddb9-96cf"
bayfiles.com/img/flags/24/in.png
45.154.253.152200 OK 593 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/in.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 528
accept-ranges: bytes
vjs.zencdn.net/7.3.0/video.min.js
151.101.2.217200 OK 132 kB URL GET HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.2.217:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF1:9D:59:01:F6:51:96:37:CE:E1:24:CD:15:E5:5E:AA:56:F0:05:7E
ValidityTue, 30 Aug 2022 21:42:19 GMT - Sun, 01 Oct 2023 21:42:18 GMT
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash 057f19acd50fc7e3ad917dd600889ee5
479d8baad992ec24bf4c3ac8365014be01565219
963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Mon, 29 May 2023 16:33:41 GMT
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/fi.png
45.154.253.152200 OK 456 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/fi.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 48
accept-ranges: bytes
bayfiles.com/img/flags/24/es.png
45.154.253.152200 OK 666 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/es.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 786
accept-ranges: bytes
bayfiles.com/img/flags/24/us.png
45.154.253.152200 OK 656 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/us.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2577
accept-ranges: bytes
bayfiles.com/img/file/filetypes/ext/zip.png?1668605455
45.154.253.152200 OK 874 B URL GET HTTP/1.1 bayfiles.com/img/file/filetypes/ext/zip.png?1668605455
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c3cc26839c5afb066f3d34cc293bf8c9
6a8cd435ef460872a2862098c3d2e060c425b5db
fa774f82fa9b5df9f5223894fc678f9a62191fdaeaba1b2231ba83d44a105618
GET /img/file/filetypes/ext/zip.png?1668605455 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 874
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 39
accept-ranges: bytes
bayfiles.com/img/flags/24/de.png
45.154.253.152200 OK 483 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/de.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 291
accept-ranges: bytes
bayfiles.com/img/flags/24/ru.png
45.154.253.152200 OK 403 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/ru.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2184
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737333
54.230.245.59200 OK 96 kB URL GET HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333
IP 54.230.245.59:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 52c8c9abc0fdd030520fe40a5713f211
e1f700499bef8b13db2e87d482a862770cc67e56
4ecc3636f8b4af1c8d4b37f1917f73e3307c9fd92457abe2b6c93477d1479d6b
GET /?xsvjd=737333 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 96125
date: Mon, 29 May 2023 16:33:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GItl6xpVFJIfoqZk_cUogr4r0as_whQEBP-ssBiAM8bTlPNn7MxDlg==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/fr.png
45.154.253.152200 OK 536 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/fr.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 422
accept-ranges: bytes
gforanythingamgl.info/cHlRbGJfRjIfXxFLPSkwNRECNFEyAzQqFhUdCSZUJy85FgYeQXcYCxREZl9VQ0piShIZHWxdRAMNMBgXA0RgSgseHz5RRAZEYEJRRFdiXkxCXyRRU1YNIQ0FTUh3HBYEFWxdVEhMYltaQEtjWFpI
172.67.216.177204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/cHlRbGJfRjIfXxFLPSkwNRECNFEyAzQqFhUdCSZUJy85FgYeQXcYCxREZl9VQ0piShIZHWxdRAMNMBgXA0RgSgseHz5RRAZEYEJRRFdiXkxCXyRRU1YNIQ0FTUh3HBYEFWxdVEhMYltaQEtjWFpI
IP 172.67.216.177:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cHlRbGJfRjIfXxFLPSkwNRECNFEyAzQqFhUdCSZUJy85FgYeQXcYCxREZl9VQ0piShIZHWxdRAMNMBgXA0RgSgseHz5RRAZEYEJRRFdiXkxCXyRRU1YNIQ0FTUh3HBYEFWxdVEhMYltaQEtjWFpI HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 29 May 2023 16:33:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI%2BN7XKSayHQulCVZbVkYwj5ZLwQai0WXz6Mw6S89PSylojN5lRRBiw3utHn1A5Dk59%2FoVsawtME5K%2B2aiajSJrEPn%2FNUuPVl%2BdkumAC0WTbng491dY%2F8c2qFl7b5WHaGglNyVPUrKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf02402d938b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adthereissome.info/RHRha1IlFgIGbSVJA00nNhhcTmACUVMtNi4CWFIhPBsQGyR1RU8IPisBBQ0gKxoVRTwhAERZFC0QUyEKEiAkPhYQHxsvNQk4LFk1AyYnPTkeEys5EQclVzMlIBIsAzUFPRg9PwwlKCgeLgcYOQNxMSgSaxInDSEqCyIgMRATBBs9EC82AAYDHDIGMmMlNTc5FC0XVzw5KyQrPyYFMgYAJw0hKC0ABz1RLxArOi0/KiAzFiUrHkcFKAYDEBYqYiA/LVkDBSENLgQnNS8jFi5AVjkTfTw7PAQOIFA6Gx0DNzgHFiIWKmInJSgzEwc6DSU8JjZYIwF3WSsFExY1KSUWcRE0BxMWLhYtFREZBQATES4pMQUSLCkDEz05UF8CFkY0PxMBLjUOBREsIAdrKVILGD0qBFwOH3UgJloadwEtBzUwDQ
54.230.111.6200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/RHRha1IlFgIGbSVJA00nNhhcTmACUVMtNi4CWFIhPBsQGyR1RU8IPisBBQ0gKxoVRTwhAERZFC0QUyEKEiAkPhYQHxsvNQk4LFk1AyYnPTkeEys5EQclVzMlIBIsAzUFPRg9PwwlKCgeLgcYOQNxMSgSaxInDSEqCyIgMRATBBs9EC82AAYDHDIGMmMlNTc5FC0XVzw5KyQrPyYFMgYAJw0hKC0ABz1RLxArOi0/KiAzFiUrHkcFKAYDEBYqYiA/LVkDBSENLgQnNS8jFi5AVjkTfTw7PAQOIFA6Gx0DNzgHFiIWKmInJSgzEwc6DSU8JjZYIwF3WSsFExY1KSUWcRE0BxMWLhYtFREZBQATES4pMQUSLCkDEz05UF8CFkY0PxMBLjUOBREsIAdrKVILGD0qBFwOH3UgJloadwEtBzUwDQ
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 3976c480fe9f659d25aff5728e9a68cc
9c45cb1c638839ead66d5347f6afbabee2d8fd31
d84fa58fccd13963ccefef620f2c084a599f45312ed4c20be556f34799a4befe
GET /RHRha1IlFgIGbSVJA00nNhhcTmACUVMtNi4CWFIhPBsQGyR1RU8IPisBBQ0gKxoVRTwhAERZFC0QUyEKEiAkPhYQHxsvNQk4LFk1AyYnPTkeEys5EQclVzMlIBIsAzUFPRg9PwwlKCgeLgcYOQNxMSgSaxInDSEqCyIgMRATBBs9EC82AAYDHDIGMmMlNTc5FC0XVzw5KyQrPyYFMgYAJw0hKC0ABz1RLxArOi0/KiAzFiUrHkcFKAYDEBYqYiA/LVkDBSENLgQnNS8jFi5AVjkTfTw7PAQOIFA6Gx0DNzgHFiIWKmInJSgzEwc6DSU8JjZYIwF3WSsFExY1KSUWcRE0BxMWLhYtFREZBQATES4pMQUSLCkDEz05UF8CFkY0PxMBLjUOBREsIAdrKVILGD0qBFwOH3UgJloadwEtBzUwDQ HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Mon, 29 May 2023 16:33:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nlGaBfzjlHUpFr0tJg9PSQ0cssCjkTglKaCOVF3aPT2dmkWZ3BnYfA==
X-Firefox-Spdy: h2
adthereissome.info/Uk85OFYzLVpVaTNyWx4jICMEHWQUagt+Mjg5AAElKiBISCBjfhdbOj06XV4kPSFNFjg3OxwKEGUebFwDHwhKUR0WP25uEgc6dHlnMStxfjgQfghWGgErX3oCFHl3TxMADWsBOjQobE8yGgV8fQUEeWN6DxoGelMsFhoJUx0GLHdvOzEidH4cBStufTEDDmhJMzgjenoCEyJpCD00AlNuLwAeSQAdODtyeT9iPXdqAAgNCnJgEwoMQjJhN3BvOBAmYwscHSwKW2IFHmwIBmEKem8sPmoLfg8/dl1cARghWlNjKCtAYhEGIXB/DAMNalplNnZ/bjoqBn0VEAYOeg0/CCFjYjUKFVJ5ECI3XVYTERhAWyMYI2x2Gjh2QXk/YzhdVQM3GAtbLzMefB48ISBXSGsxfkN8DmMBV0ll
54.230.111.6200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/Uk85OFYzLVpVaTNyWx4jICMEHWQUagt+Mjg5AAElKiBISCBjfhdbOj06XV4kPSFNFjg3OxwKEGUebFwDHwhKUR0WP25uEgc6dHlnMStxfjgQfghWGgErX3oCFHl3TxMADWsBOjQobE8yGgV8fQUEeWN6DxoGelMsFhoJUx0GLHdvOzEidH4cBStufTEDDmhJMzgjenoCEyJpCD00AlNuLwAeSQAdODtyeT9iPXdqAAgNCnJgEwoMQjJhN3BvOBAmYwscHSwKW2IFHmwIBmEKem8sPmoLfg8/dl1cARghWlNjKCtAYhEGIXB/DAMNalplNnZ/bjoqBn0VEAYOeg0/CCFjYjUKFVJ5ECI3XVYTERhAWyMYI2x2Gjh2QXk/YzhdVQM3GAtbLzMefB48ISBXSGsxfkN8DmMBV0ll
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators
Hash 21a970c778d6e67ebbbd5f5434d51de6
e52ce76ebc92b5b7c542bfe6b99ef3b3d7453876
ab71b73a4a332ab80ba53a73e079bbba3eccfcf447970f77f3493b1614f09db2
GET /Uk85OFYzLVpVaTNyWx4jICMEHWQUagt+Mjg5AAElKiBISCBjfhdbOj06XV4kPSFNFjg3OxwKEGUebFwDHwhKUR0WP25uEgc6dHlnMStxfjgQfghWGgErX3oCFHl3TxMADWsBOjQobE8yGgV8fQUEeWN6DxoGelMsFhoJUx0GLHdvOzEidH4cBStufTEDDmhJMzgjenoCEyJpCD00AlNuLwAeSQAdODtyeT9iPXdqAAgNCnJgEwoMQjJhN3BvOBAmYwscHSwKW2IFHmwIBmEKem8sPmoLfg8/dl1cARghWlNjKCtAYhEGIXB/DAMNalplNnZ/bjoqBn0VEAYOeg0/CCFjYjUKFVJ5ECI3XVYTERhAWyMYI2x2Gjh2QXk/YzhdVQM3GAtbLzMefB48ISBXSGsxfkN8DmMBV0ll HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Mon, 29 May 2023 16:33:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2wvmPt1DjVKq0O3CSq8oquG2hPJMQvxsKvdY9XldzhjOC5YseIts2A==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/br.png
45.154.253.152200 OK 1.1 kB URL GET HTTP/1.1 bayfiles.com/img/flags/24/br.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:42 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1824
accept-ranges: bytes
adthereissome.info/ZnJieWcHEAEUWAdPAF8SFB5fXFUgV1A/AwwEW0AUHh0TCRFXQ0waCwkHBh8VCRwWVwkDBkdLIQ88NwEkMTcwLi4fBUdLJQNCJxUtCyQYOwkSCgNKIjI4CDxULRk0AStUBQ0hVBVAMjgLHhQqLFQqKjAIKQ87BTovHhksOjEEOVFAQlQwKy8UEBRQFQ4wMQUePT4zNjY0KB4pLwhUORgoCDA1Dg4vCDcAHyACAwY7V1YRUBUPJBVXFwYIIDgzNBEGMjslQ0AgGg4kSiMBKVYQJTwgIh8GCAMjEVQjVRU0IDEfURYMKAQHKiAWLlczFDIzAhogDhcREyosIQA6TzcIAiAgXFUkEQhNEzQLCRIpHAUzHwA0AgYoNQ8RDE0fJTpSXw0VHQwJWgtGDhNQEhYvPVdRHQs4
54.230.111.6200 OK 1.2 kB URL GET HTTP/2 adthereissome.info/ZnJieWcHEAEUWAdPAF8SFB5fXFUgV1A/AwwEW0AUHh0TCRFXQ0waCwkHBh8VCRwWVwkDBkdLIQ88NwEkMTcwLi4fBUdLJQNCJxUtCyQYOwkSCgNKIjI4CDxULRk0AStUBQ0hVBVAMjgLHhQqLFQqKjAIKQ87BTovHhksOjEEOVFAQlQwKy8UEBRQFQ4wMQUePT4zNjY0KB4pLwhUORgoCDA1Dg4vCDcAHyACAwY7V1YRUBUPJBVXFwYIIDgzNBEGMjslQ0AgGg4kSiMBKVYQJTwgIh8GCAMjEVQjVRU0IDEfURYMKAQHKiAWLlczFDIzAhogDhcREyosIQA6TzcIAiAgXFUkEQhNEzQLCRIpHAUzHwA0AgYoNQ8RDE0fJTpSXw0VHQwJWgtGDhNQEhYvPVdRHQs4
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3003), with no line terminators
Hash d1d8208e21cdf06a683e9ebc67aced51
8a4838961916227daa16a98109ba6e092873f166
c71ab199685219c7c8153dfc090ad40432e9dc855c3d2a19fad72090b4088931
GET /ZnJieWcHEAEUWAdPAF8SFB5fXFUgV1A/AwwEW0AUHh0TCRFXQ0waCwkHBh8VCRwWVwkDBkdLIQ88NwEkMTcwLi4fBUdLJQNCJxUtCyQYOwkSCgNKIjI4CDxULRk0AStUBQ0hVBVAMjgLHhQqLFQqKjAIKQ87BTovHhksOjEEOVFAQlQwKy8UEBRQFQ4wMQUePT4zNjY0KB4pLwhUORgoCDA1Dg4vCDcAHyACAwY7V1YRUBUPJBVXFwYIIDgzNBEGMjslQ0AgGg4kSiMBKVYQJTwgIh8GCAMjEVQjVRU0IDEfURYMKAQHKiAWLlczFDIzAhogDhcREyosIQA6TzcIAiAgXFUkEQhNEzQLCRIpHAUzHwA0AgYoNQ8RDE0fJTpSXw0VHQwJWgtGDhNQEhYvPVdRHQs4 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1161
date: Mon, 29 May 2023 16:33:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d6vXKsOkUcY9Q5InA67OBOzou9q_ixAoWEzQVJwafunTf0Gltuh3qQ==
X-Firefox-Spdy: h2
gforanythingamgl.info/SUwzTTRmc1A+CR4UeSR6eBpBHwU6CmkgDQ0bVHhcKHx5GXZ7OxU5XS1xBHgCensFa0QgKA5/DW8/RyxAPD8OfBIgIlUiCW86DnwaeWIFfRp6akZwBW84QyxTdH0VPUA9IA58AnF5AHoMeX4BeQ1w
172.67.216.177204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/SUwzTTRmc1A+CR4UeSR6eBpBHwU6CmkgDQ0bVHhcKHx5GXZ7OxU5XS1xBHgCensFa0QgKA5/DW8/RyxAPD8OfBIgIlUiCW86DnwaeWIFfRp6akZwBW84QyxTdH0VPUA9IA58AnF5AHoMeX4BeQ1w
IP 172.67.216.177:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /SUwzTTRmc1A+CR4UeSR6eBpBHwU6CmkgDQ0bVHhcKHx5GXZ7OxU5XS1xBHgCensFa0QgKA5/DW8/RyxAPD8OfBIgIlUiCW86DnwaeWIFfRp6akZwBW84QyxTdH0VPUA9IA58AnF5AHoMeX4BeQ1w HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 May 2023 16:33:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OULLdl1qBaXar3aznAubxUeobnMgo4VONTaypVXsfPQ2Z3k18kpubXMocyQCIOGWy0FhV%2FKZZATXkdhcYtNm3o1poW2Wnv1aZ89rS0KLDbjYnEZks9w%2F2yl1kT2axnXH%2FcU%2B%2F8vbcX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf02402f98db517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gforanythingamgl.info/Z3lMSWNIRi86XjI+JBg5VQ08HDQlLhl7OQMgfQMHPRV1IDUxQWo9CgNEe3pUVEp5bxMOHXF4W0EKOCgXEgpxeEUOFyomXkEPcXhNV1d+Z1BBDHF4RRMJLS5eVl88PRcLRH1/W1JKe3FTVUt5eFU
172.67.216.177204 No Content 0 B URL GET HTTP/2 gforanythingamgl.info/Z3lMSWNIRi86XjI+JBg5VQ08HDQlLhl7OQMgfQMHPRV1IDUxQWo9CgNEe3pUVEp5bxMOHXF4W0EKOCgXEgpxeEUOFyomXkEPcXhNV1d+Z1BBDHF4RRMJLS5eVl88PRcLRH1/W1JKe3FTVUt5eFU
IP 172.67.216.177:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Z3lMSWNIRi86XjI+JBg5VQ08HDQlLhl7OQMgfQMHPRV1IDUxQWo9CgNEe3pUVEp5bxMOHXF4W0EKOCgXEgpxeEUOFyomXkEPcXhNV1d+Z1BBDHF4RRMJLS5eVl88PRcLRH1/W1JKe3FTVUt5eFU HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 May 2023 16:33:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5CAPXLajbhfsQlq2PKt6bi1cPw34e4dR5eMnHy9Gwkq5xPhgIp3S9%2FLW7sSekBc6VmL1UapphEROJFKQLjQzgwa4FsfYbVreoM5QNtONjc65xqlSdSd9N1gSpqF4HHrnZpAnaxlF%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf0240309b6b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/se.png
45.154.253.152200 OK 581 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/se.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:43 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 881
accept-ranges: bytes
bayfiles.com/img/flags/24/no.png
45.154.253.152200 OK 611 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/no.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:43 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1446
accept-ranges: bytes
bayfiles.com/img/flags/24/pl.png
45.154.253.152200 OK 347 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/pl.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:43 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 201
accept-ranges: bytes
bayfiles.com/img/flags/24/jp.png
45.154.253.152200 OK 599 B URL GET HTTP/1.1 bayfiles.com/img/flags/24/jp.png
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:43 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 713
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/iNUxCWERWIyw+e0ElJmVzBntxa3ETJjE3KkVxL2woX3s2PAlxfHU3LXRqNiIgCHxkNCVbK39+IVsvf2liVCggZXATOSNlKVo2KzQoVGlwHnEbfGdqdB00c2lhBg5nanRZJSwtPBB+ciB8AxN0bGEGDmdqdEc6Z2sFBHx7dnQcaXBoI1AvKTdhBwpwaHUFfH-NodRB+cj4tRykkNzwQfgRpdQRicn4xCH0
54.230.245.59 195 B URL djv99sxoqpv11.cloudfront.net/iNUxCWERWIyw+e0ElJmVzBntxa3ETJjE3KkVxL2woX3s2PAlxfHU3LXRqNiIgCHxkNCVbK39+IVsvf2liVCggZXATOSNlKVo2KzQoVGlwHnEbfGdqdB00c2lhBg5nanRZJSwtPBB+ciB8AxN0bGEGDmdqdEc6Z2sFBHx7dnQcaXBoI1AvKTdhBwpwaHUFfH-NodRB+cj4tRykkNzwQfgRpdQRicn4xCH0
IP 54.230.245.59:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ca156a8e94c9c079708e3cf31ef2f77a
c3a44486ef51d55a9d62a8e9f7418f0d1ebeb860
e075025080e581edd2ed1beeae4c8fd1c717fefa55f71e8d26773f0ff41d63bc
GET /iNUxCWERWIyw+e0ElJmVzBntxa3ETJjE3KkVxL2woX3s2PAlxfHU3LXRqNiIgCHxkNCVbK39+IVsvf2liVCggZXATOSNlKVo2KzQoVGlwHnEbfGdqdB00c2lhBg5nanRZJSwtPBB+ciB8AxN0bGEGDmdqdEc6Z2sFBHx7dnQcaXBoI1AvKTdhBwpwaHUFfH-NodRB+cj4tRykkNzwQfgRpdQRicn4xCH0 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 195
date: Mon, 29 May 2023 16:33:43 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y57kgw7AtyVt3Pe8wkR9soQ9rHljF1WFw69YQLSAbN2_j0s-fRJ66A==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/7QUdUMGsiKDpWVDUuMA1cdHFnB11nLSdfBTF6NwERBR9lfgUwdHJEESV6ZBYHICkzDU0kKTcNWmcmMFJWdWEgQAQqejlCBTAmP0kfMjVyRQp8KjtKAi0rNRVZB3J6AE5zd3xIWnBiZ3JOc3c4WQU0P3ECWzl/Ym9ddWJnck5zdyZGTnIGZQBSb3d9FVlxID-FTAC5iZnZZcXZkAFpxdnECWycuJlUNLj9xAi1wdmUeW2cyaQE
54.230.245.59 444 B URL djv99sxoqpv11.cloudfront.net/7QUdUMGsiKDpWVDUuMA1cdHFnB11nLSdfBTF6NwERBR9lfgUwdHJEESV6ZBYHICkzDU0kKTcNWmcmMFJWdWEgQAQqejlCBTAmP0kfMjVyRQp8KjtKAi0rNRVZB3J6AE5zd3xIWnBiZ3JOc3c4WQU0P3ECWzl/Ym9ddWJnck5zdyZGTnIGZQBSb3d9FVlxID-FTAC5iZnZZcXZkAFpxdnECWycuJlUNLj9xAi1wdmUeW2cyaQE
IP 54.230.245.59:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (598), with no line terminators
Hash d26c44895a53f06cb66d5022401e7a05
e935bbc0396b99cdd4892ff33d090bf5442df1ae
b4276f041fb6d44ccb339fcec5502225d658b632e3c5a210c07c94f4e74e3217
GET /7QUdUMGsiKDpWVDUuMA1cdHFnB11nLSdfBTF6NwERBR9lfgUwdHJEESV6ZBYHICkzDU0kKTcNWmcmMFJWdWEgQAQqejlCBTAmP0kfMjVyRQp8KjtKAi0rNRVZB3J6AE5zd3xIWnBiZ3JOc3c4WQU0P3ECWzl/Ym9ddWJnck5zdyZGTnIGZQBSb3d9FVlxID-FTAC5iZnZZcXZkAFpxdnECWycuJlUNLj9xAi1wdmUeW2cyaQE HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 444
date: Mon, 29 May 2023 16:33:43 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BTgEKkXMiLT43_omUQ6eiPgGXOJwIPfcyrcCoiLijrOU3thvB8OEPA==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/id2JXVTEUDTkzDgMLM2gGRFVkZgJRCCQ6XwdfMhgAIyVmHQICLjsyRQ5EIy9VSlJxOVAZBWpzVBkBamQXFgY1aAVRFic6WkoPJTtAFgkuIUIFRCI0DBoNLTxdGwNyZ3dCTGdwA0dKL2QAUlEVcANHDj47RA9HZWVJT1QIYwVSURVwA0cQIXACNlNnbB9HS3-JnARAHND5eUlARZwFGUmdkAUZHZWVXHhAyM14PR2UTAEZTeWUXAl9m
54.230.245.59 565 B URL djv99sxoqpv11.cloudfront.net/id2JXVTEUDTkzDgMLM2gGRFVkZgJRCCQ6XwdfMhgAIyVmHQICLjsyRQ5EIy9VSlJxOVAZBWpzVBkBamQXFgY1aAVRFic6WkoPJTtAFgkuIUIFRCI0DBoNLTxdGwNyZ3dCTGdwA0dKL2QAUlEVcANHDj47RA9HZWVJT1QIYwVSURVwA0cQIXACNlNnbB9HS3-JnARAHND5eUlARZwFGUmdkAUZHZWVXHhAyM14PR2UTAEZTeWUXAl9m
IP 54.230.245.59:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (782), with no line terminators
Hash fc8dcc7a3905c1602a429385912a410d
be2ffd849fb13dfb19066dbf608503f452ba0dc9
2cd4b5e1b76d7c8a467f2415d3a657d562601334aaa9eb88bf8bcedbc34c3025
GET /id2JXVTEUDTkzDgMLM2gGRFVkZgJRCCQ6XwdfMhgAIyVmHQICLjsyRQ5EIy9VSlJxOVAZBWpzVBkBamQXFgY1aAVRFic6WkoPJTtAFgkuIUIFRCI0DBoNLTxdGwNyZ3dCTGdwA0dKL2QAUlEVcANHDj47RA9HZWVJT1QIYwVSURVwA0cQIXACNlNnbB9HS3-JnARAHND5eUlARZwFGUmdkAUZHZWVXHhAyM14PR2UTAEZTeWUXAl9m HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adthereissome.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 565
date: Mon, 29 May 2023 16:33:43 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZYE4BCMJoWApWK3XsevbhxHS_0pWT94DeEGMlmRYpaaWZ9UB5aS6hw==
X-Firefox-Spdy: h2
bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1668605455
45.154.253.152200 OK 1.4 kB URL GET HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1668605455
IP 45.154.253.152:443
ASN #41634 Svea Hosting AB
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerLet's Encrypt
Subjectbayfiles.com
FingerprintEC:46:24:7B:3F:73:62:F2:AD:87:23:B1:AD:4B:A2:46:55:E1:2A:B4
ValiditySun, 26 Mar 2023 09:32:46 GMT - Sat, 24 Jun 2023 09:32:45 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9549584e9288a5dd9d163daa26a6f34d
0c7a71967bd4570770aa9b1043a1d82cd8969252
d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
GET /img/favicon/favicon-32x32-bayfiles.png?1668605455 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 16:33:43 GMT
Content-Type: image/png
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 602
accept-ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 870874c65469898c8f735d9b6897fe6d
989c74395339abdcfe7d93489cb81ea5be80d885
9a29505a8768ed4f7ca03b062896dd03dec8329d9aab38e5f92c2b0174dc28bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 16:33:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 870874c65469898c8f735d9b6897fe6d
989c74395339abdcfe7d93489cb81ea5be80d885
9a29505a8768ed4f7ca03b062896dd03dec8329d9aab38e5f92c2b0174dc28bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 16:33:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adthereissome.info/utx?cb=OnpHSuGSi6fg&top=bayfiles.com&tid=737333
54.230.111.6204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=OnpHSuGSi6fg&top=bayfiles.com&tid=737333
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=OnpHSuGSi6fg&top=bayfiles.com&tid=737333 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 May 2023 16:33:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 May 2023 16:34:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ke-NV-Ty1VS12miwswb1hzQFuWDRAnob9qAAGrX5a9bC1qeMywqGvA==
X-Firefox-Spdy: h2
adthereissome.info/utx?cb=jjXWaiZcNWzu&top=bayfiles.com&tid=756376
54.230.111.6204 No Content 0 B URL GET HTTP/2 adthereissome.info/utx?cb=jjXWaiZcNWzu&top=bayfiles.com&tid=756376
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=jjXWaiZcNWzu&top=bayfiles.com&tid=756376 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 May 2023 16:33:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 May 2023 16:34:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mgNXtoBkN9hzAAywMRRwQSuXzYYGnIDbplDB6uixZRRlN2n68WKT1g==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.45302 Found 471 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash dfd5ad02f4f42dfda06a983cde156afc
22aa6b74534fcf3dea8b9baf4578d94e7d668e18
885fcb0b62d31ffaccbc95a3ff7a2478fe67a28f62917c980555911e11717d36
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:lW94krGu8_JkG2QrvHvaPe9miWsp5g:gWlD8X3GA633d2gu; Expires=Wed, 28-May-2025 16:33:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGlVJ3rUjkg-1_ngtNkbwSR39iOaNoYvXU9yhV6TYU3a4KdP5FLUy6sM4_WJ3KU6or61kzUWg
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-AnotnwCkysVikToSOE1lqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGlVJ3rUjkg-1_ngtNkbwSR39iOaNoYvXU9yhV6TYU3a4KdP5FLUy6sM4_WJ3KU6or61kzUWg
142.250.74.45302 Found 392 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGlVJ3rUjkg-1_ngtNkbwSR39iOaNoYvXU9yhV6TYU3a4KdP5FLUy6sM4_WJ3KU6or61kzUWg
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 4a1bdd3f4dc878eb5372f61d9203d059
268c2e468b9cd572d2e91b66e8ced3703f0d2f8f
affbdadb93475e96d096db2720def059d1894ca99ddc0d16e3979bce5be81702
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGlVJ3rUjkg-1_ngtNkbwSR39iOaNoYvXU9yhV6TYU3a4KdP5FLUy6sM4_WJ3KU6or61kzUWg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:awxXqGlf9CxL-dc-GhSc4Nvu0YcXdQ:cfCkqxDcC3wXmM1z;Path=/;Expires=Wed, 28-May-2025 16:33:43 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S152001177%3A1685378023793798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGSwucJx3ZUZjKgaoaHxoAT70vU6wXKlhi1j0RzAoUuDpZNtZXSGZ4Tx1KTpcExwyL9xYsTiQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-RUNdNPewLy4kLGjTz-3ksw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHQARQ4IIsjOrQvOBNb7E1cZ80lKtXItQ_zymyq0CjZ-ARn0fdDFN_DgmVjzjRD4ob5DLVORw
142.250.74.45302 Found 397 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHQARQ4IIsjOrQvOBNb7E1cZ80lKtXItQ_zymyq0CjZ-ARn0fdDFN_DgmVjzjRD4ob5DLVORw
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 558ae00dddf80010c0c036ce030bac25
73931ed52734a9958ea534f03e50d98d08c15227
a327be1231465c4f0a99202f3c411e941126bca79464ca2e53621b28ac7c8e1a
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHQARQ4IIsjOrQvOBNb7E1cZ80lKtXItQ_zymyq0CjZ-ARn0fdDFN_DgmVjzjRD4ob5DLVORw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ulHXAXpZC_kyarM3wvFFfwlaAtB4EQ:Z2q9WVc9otLQaRHt;Path=/;Expires=Wed, 28-May-2025 16:33:43 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1644328871%3A1685378023800185&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFqBBQtAKhxhCrBY2XU8LKV463ATifIkZAgHq7Co60pu2D41EcsI57Z0qrgd_sTWNIGxddxHA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-7yB_0yKIV15EpkizrdV7dw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adthereissome.info/multi?cs=S3pHTjB5T358A31Lf3cEeUp2fgk&abt=0&red=1&sm=76&k=&v=1.0.60.3&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2FgcEfFet9z0%2F2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_vEWh=1685378023303&crc=1
54.230.111.6200 OK 1.5 kB URL GET HTTP/2 adthereissome.info/multi?cs=S3pHTjB5T358A31Lf3cEeUp2fgk&abt=0&red=1&sm=76&k=&v=1.0.60.3&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2FgcEfFet9z0%2F2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_vEWh=1685378023303&crc=1
IP 54.230.111.6:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerAmazon
Subjectadthereissome.info
Fingerprint21:40:7C:A8:E9:22:33:8E:6F:E6:0A:C2:79:2F:18:FD:76:73:C9:7E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (3283), with no line terminators
Hash d5300c623ea2dbc875d30f10f83914eb
54a877819db6a23c9ac6350034af9e7f263ec151
ea2a43a1453bdcb6c249a7461e87b9b2c858a19a035d20c82a16a2f344fefe48
GET /multi?cs=S3pHTjB5T358A31Lf3cEeUp2fgk&abt=0&red=1&sm=76&k=&v=1.0.60.3&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2FgcEfFet9z0%2F2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_vEWh=1685378023303&crc=1 HTTP/1.1
Host: adthereissome.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1512
date: Mon, 29 May 2023 16:33:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8a9929dc-813f-46a4-ae34-fc4f9551236c
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -1O7vVQ0D-_lrda1RzC_xxG5GOWT6OUy9YTF0IEY-wIbPR-orTMbgw==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 102 kB IP 172.64.107.19:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:33:43 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5076
last-modified: Mon, 29 May 2023 15:09:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM6JOJNOPvHnQI07jdUQSUaAvQ%2B3cbuxOqVER7on1xxiDnENLTSaEaAUguQgiUf%2FdSx2lzFj6VV%2FvoEyhdefmZxMH14TeN2XeGjd3t01CRYIdJPorWUe3KYw1fR3D45c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf02408189f71ed-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 25 B IP 172.64.107.19:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e2b84d20ebf24b227c2a53e369805337
30076cd9339d2ca781b986330139ec6054320e1c
3d3b82accfbd1b4ed9b6701fe660f35062cc983b1a23e2fe109f222bc80ff426
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:33:43 GMT
content-type: text/plain
set-cookie: csu=20776534939821@1@1685378023; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY8sYfs4jZtwIFa4vPLxXG%2BCkPMkH2m1hL0K41vnuiZDBKtlgJQ1u2jWI%2BVwv4yZ4pp4d4BfWlWATZl1Cg8nVC51PXV7fLV%2BA69n8btGeeya2MRbRYRjEBrp9PZq9M%2BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf0240818a171ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1644328871%3A1685378023800185&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFqBBQtAKhxhCrBY2XU8LKV463ATifIkZAgHq7Co60pu2D41EcsI57Z0qrgd_sTWNIGxddxHA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.45403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S1644328871%3A1685378023800185&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFqBBQtAKhxhCrBY2XU8LKV463ATifIkZAgHq7Co60pu2D41EcsI57Z0qrgd_sTWNIGxddxHA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S1644328871%3A1685378023800185&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFqBBQtAKhxhCrBY2XU8LKV463ATifIkZAgHq7Co60pu2D41EcsI57Z0qrgd_sTWNIGxddxHA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-amoczeG3IZku-dlJN9PTOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
policityseriod.info/Vk5iVjUtbBEhaiM8DnQPdCYWIkUldE15Vzc3BD9ZMz1MNVo7YREhGzw9QHoXJSMEdA9nYkAiVDERCzIXbGxVZQJlfFR0GXQ9FzRqPypQdA90LABmVjN3ATAYZnsENxhiLVZjGG92VGcYYHkEbwE3eVc1BDAtQCs
0.0.0.0 0 B URL GET policityseriod.info/Vk5iVjUtbBEhaiM8DnQPdCYWIkUldE15Vzc3BD9ZMz1MNVo7YREhGzw9QHoXJSMEdA9nYkAiVDERCzIXbGxVZQJlfFR0GXQ9FzRqPypQdA90LABmVjN3ATAYZnsENxhiLVZjGG92VGcYYHkEbwE3eVc1BDAtQCs
IP 0.0.0.0:0
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /Vk5iVjUtbBEhaiM8DnQPdCYWIkUldE15Vzc3BD9ZMz1MNVo7YREhGzw9QHoXJSMEdA9nYkAiVDERCzIXbGxVZQJlfFR0GXQ9FzRqPypQdA90LABmVjN3ATAYZnsENxhiLVZjGG92VGcYYHkEbwE3eVc1BDAtQCs HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
pogothere.xyz/asd100.bin
172.64.107.19200 OK 102 kB IP 172.64.107.19:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:33:43 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5076
last-modified: Mon, 29 May 2023 15:09:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IlwtM5x8Ui6OglpZXy3oXBpRUwHnQDcLsAHnahDmImkfC4JYYOeVO2%2Fd62C40Wdsc5K7NkAL1pOf2PbJBfaIsUGFsQ%2BKclhq%2BeY%2FRp5IgrIhzplxy0kvz5BXFvvV75h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf02408189c71ed-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 27 B IP 172.64.107.19:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 490e03dbd8701ea316a7a9f0cf997710
8d25dd64951a2c548ddd227731700e4ebbd26c13
ff64d571f4521481de43f97eba12034e8dc31edae5e4593bcdaeea54b6af95d8
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 16:33:43 GMT
content-type: text/plain
set-cookie: csu=1587911261545431@1@1685378023; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qJyTZ7lYNczqE7QWo%2BSiJjIPq9a17SajMHNT4mAhmk42bqNaPlFt1%2FM%2BhbexTzk9z9s8ekUmGiNQlmO6Qm8vfDJaDec%2FL2w3E4Pfq0Q57inFDeNPg%2BH64DRyPJCiPRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf02408189971ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
policityseriod.info/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST / HTTP/1.1
Host: policityseriod.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 403
Origin: https://bayfiles.com
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
gforanythingamgl.info/popunder.gif
172.67.216.177200 OK 35 B URL GET HTTP/3 gforanythingamgl.info/popunder.gif
IP 172.67.216.177:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 16:33:43 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 59359
last-modified: Mon, 29 May 2023 00:04:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIMN%2BKes9%2F0UzwEJz0WdBECEqQOh%2FIg%2F3JcJl6mpmhvLf1UdK8kk0YhqLURLsWK9ROnbQX0ho7rUkE2r2qiUhyNLPcjjxXt08CXNEY4wB719WInL3rTkkq0iETh5DMskFyk%2Fx7BSJck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf02407ac1d1c02-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?dsh=S152001177%3A1685378023793798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGSwucJx3ZUZjKgaoaHxoAT70vU6wXKlhi1j0RzAoUuDpZNtZXSGZ4Tx1KTpcExwyL9xYsTiQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.45403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S152001177%3A1685378023793798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGSwucJx3ZUZjKgaoaHxoAT70vU6wXKlhi1j0RzAoUuDpZNtZXSGZ4Tx1KTpcExwyL9xYsTiQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S152001177%3A1685378023793798&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGSwucJx3ZUZjKgaoaHxoAT70vU6wXKlhi1j0RzAoUuDpZNtZXSGZ4Tx1KTpcExwyL9xYsTiQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-30YKxUBPd7KgUmWtl7sjHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.45302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.45:443
Requested by https://bayfiles.com/gcEfFet9z0/2_1_MILLION_FULLZ_CVV_HACKED_DATABASE_LEAK_04_MAY_2023_zip
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:Usu5hrQ6QPluLWGGCE9pZLqFegZGLQ:Rt_QbjeEtt2RKM_J; Expires=Wed, 28-May-2025 16:33:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 16:33:43 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHQARQ4IIsjOrQvOBNb7E1cZ80lKtXItQ_zymyq0CjZ-ARn0fdDFN_DgmVjzjRD4ob5DLVORw
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-rMeWKTdbJXKQJ4YF2B5exg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2