www.upload-4ever.com/bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt
104.21.12.131301 Moved Permanently 0 B URL HTTP/1.1 www.upload-4ever.com/bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt
IP 104.21.12.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Feb 2023 18:58:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 21 Feb 2023 19:58:51 GMT
Location: https://www.upload-4ever.com/bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikKWZABF9QhJ0Z6VeIT%2BkrdDj0MCw0w8Hr3EOlXtQzEQPIZj3H4wrg%2BgFdizLcpstjp6j2Wx5FEexEO6OB%2FSOKxNUb4SUTm9MkaAO2kVAr6%2F%2B9GZQmcUMR0e2M%2F4Zbqme%2BMBHUBTEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79d1b73d39fdb51e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03ba1c19530391f28dcb5c049ab66e99
a1b89c652e5406b1981704d1973ac1c820ec584d
9c78f93d5d5c96391e480ecad78b4a6a30fb33fdc61acc7799fe3401c62a1292
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C78F93D5D5C96391E480ECAD78B4A6A30FB33FDC61ACC7799FE3401C62A1292"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8782
Expires: Tue, 21 Feb 2023 21:25:13 GMT
Date: Tue, 21 Feb 2023 18:58:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9881
Expires: Tue, 21 Feb 2023 21:43:32 GMT
Date: Tue, 21 Feb 2023 18:58:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Feb 2023 18:38:08 GMT
content-type: application/json
age: 1243
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9709
Expires: Tue, 21 Feb 2023 21:40:40 GMT
Date: Tue, 21 Feb 2023 18:58:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: spboOeNJXrIDfC7/ZXGv2mK2FNhJ6Ogauxs8ny9Xa1/nSFJEPFJRzss4+jh2ctUZI4AQTUMg8RjVN0ButJ7uXQ==
x-amz-request-id: 28GE4PTQ91919XY6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 21 Feb 2023 18:52:57 GMT
age: 354
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67bf20f66a04fefc75b5ab03816f331b
a9f56074cb3377284450549227e928c210db5b1b
c4fa6c232364b3073966d0b3690077894c0ddd9fa26d6c8da8ccd93ef698e89b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:51 GMT
Last-Modified: Tue, 21 Feb 2023 18:14:12 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 18:58:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67bf20f66a04fefc75b5ab03816f331b
a9f56074cb3377284450549227e928c210db5b1b
c4fa6c232364b3073966d0b3690077894c0ddd9fa26d6c8da8ccd93ef698e89b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:51 GMT
Last-Modified: Tue, 21 Feb 2023 18:14:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d7aebcb86e569307f83fb9319380c49
66907b22f1beb7e1800c19298f6f31c2c301e0ca
115091a64dd3b6754af64bb94c523bf3abf58cf06297e198ce715b503ed41117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "115091A64DD3B6754AF64BB94C523BF3ABF58CF06297E198CE715B503ED41117"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3588
Expires: Tue, 21 Feb 2023 19:58:40 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Feb 2023 18:51:26 GMT
age: 446
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d7aebcb86e569307f83fb9319380c49
66907b22f1beb7e1800c19298f6f31c2c301e0ca
115091a64dd3b6754af64bb94c523bf3abf58cf06297e198ce715b503ed41117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "115091A64DD3B6754AF64BB94C523BF3ABF58CF06297E198CE715B503ED41117"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3588
Expires: Tue, 21 Feb 2023 19:58:40 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
cagothie.net/tag.min.js
139.45.197.238200 OK 29 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (18216)
Hash cbd66157380064ee2a5296b10c614bae
0ee0fa4d05fdf2a0045d66c51d047f8446c635a8
1d514d96bd42243291ebf0f3e871fe871aa670780f996116d7255635d17d3b27
GET /tag.min.js HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 23689
content-encoding: br
x-trace-id: 0e19de8d8ca7f97900d93fd9be6347d9
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 20 Feb 2023 12:22:37 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2882
Expires: Tue, 21 Feb 2023 19:46:54 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e92b7bb852b13b70a76783a804899232
7d49184483e5e2a8da350f23995917edfc0b747e
8bc7dc3017eec85ade72f43708e99aefe122941f3f81753186898fa6757d6d40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BC7DC3017EEC85ADE72F43708E99AEFE122941F3F81753186898FA6757D6D40"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7547
Expires: Tue, 21 Feb 2023 21:04:39 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.155200 OK 148 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.155:0
Size 148 kB (147868 bytes)
Hash cdad3768205cd007ef3363a51e85059b
3b924e63eec91afb0ffadd8ed40d77548b83cb0b
f17bed4fad1b9361ef0e895a2cf0169f8d29ecb19a47436c3124dc9c1dbd69b0
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116587
date: Tue, 21 Feb 2023 18:58:51 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gzaGCinH0unemTgXjvxfyVdFnCaQzEGbATUED2EfHg5O7io23dRDAQ==
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=dbdc702bb5a84e42be1e98f15e7b7c74
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=dbdc702bb5a84e42be1e98f15e7b7c74
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0752aabe1963e0bc50fbf48a90382e9b
68c4c9396311a8816564db5fe23a7e35dd564382
53fd309929899d55ff42a6eed144c1adf973cf71ee214ad3cd4754fdc7fe0ebf
GET /gid.js?userId=dbdc702bb5a84e42be1e98f15e7b7c74 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dbdc702bb5a84e42be1e98f15e7b7c74; expires=Wed, 21 Feb 2024 18:58:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.242.38101 Switching Protocols 127 kB URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.242.38:0
Size 127 kB (126899 bytes)
Hash 15cc5a34c6dbbcbb2ee0989639b4642d
fb44c706de8ba3503cffbccdd26c251acda1a063
f5da32bccd44af1ef7b819978b712bf741d4ea6f72adb2de56f4fd43003ea6ed
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2NYC7enjmfL7Iewd+Kixaw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OIBPa+MVa55sTCtDu1XfkQ5B3rE=
kjheamwouk.xyz/NEZ5UkwbeRohcVV0CRYfczItCgRucSEUfVAjShAvbHcNKipYC18mJVB7QGV6BXdKdDxdIkRjdBI1DTM4QTVEY2pdKB89cRIwRGNiBGhLfH8SM0RjakA2GDVxBWAJJjhYe0hkewN2SWd1B3RPZ3s
104.21.33.111204 No Content 0 B URL HTTP/2 kjheamwouk.xyz/NEZ5UkwbeRohcVV0CRYfczItCgRucSEUfVAjShAvbHcNKipYC18mJVB7QGV6BXdKdDxdIkRjdBI1DTM4QTVEY2pdKB89cRIwRGNiBGhLfH8SM0RjakA2GDVxBWAJJjhYe0hkewN2SWd1B3RPZ3s
IP 104.21.33.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NEZ5UkwbeRohcVV0CRYfczItCgRucSEUfVAjShAvbHcNKipYC18mJVB7QGV6BXdKdDxdIkRjdBI1DTM4QTVEY2pdKB89cRIwRGNiBGhLfH8SM0RjakA2GDVxBWAJJjhYe0hkewN2SWd1B3RPZ3s HTTP/1.1
Host: kjheamwouk.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7s6y7iQv3ckvSTxkJ62iHx9uqeuFH07W1gNPVEVt4Fz%2FgWOCHYPNn%2FZizUJkx7NiTGMcoqYjn5uHm58KbDpvyVGww0oNWIYH6fwS5oxiTqia%2FXeCQc5yh5Cab0sXMhqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79d1b74699330b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kjheamwouk.xyz/RmhxamxpVxIZURxZEh06ERAlMz0IGyYsOi4rNiw5E1ooIzZ3A1ceBSJVSF1ad1lDTBwvDExbSjUcEB4ZNVVATAUoDh5XSjBVQERfckZCWEJ3TgRXXWAcAQsLe1lXGhgyBExbWnFfQVpZf1tDXF9/
104.21.33.111204 No Content 0 B URL HTTP/2 kjheamwouk.xyz/RmhxamxpVxIZURxZEh06ERAlMz0IGyYsOi4rNiw5E1ooIzZ3A1ceBSJVSF1ad1lDTBwvDExbSjUcEB4ZNVVATAUoDh5XSjBVQERfckZCWEJ3TgRXXWAcAQsLe1lXGhgyBExbWnFfQVpZf1tDXF9/
IP 104.21.33.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RmhxamxpVxIZURxZEh06ERAlMz0IGyYsOi4rNiw5E1ooIzZ3A1ceBSJVSF1ad1lDTBwvDExbSjUcEB4ZNVVATAUoDh5XSjBVQERfckZCWEJ3TgRXXWAcAQsLe1lXGhgyBExbWnFfQVpZf1tDXF9/ HTTP/1.1
Host: kjheamwouk.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjhe7KZPN5peC7c%2FTPFew9wU4M99H3gl3s3xFSTMQbvBGOybJsKtfaNm0p9wXrr9UloVJAe9rIDAO34%2F9Lr7ab9HMCnM6SAVNH%2BG2%2F7yDda%2BP3r99KqiO9s30KB6q07KcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79d1b746a93e0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obeyedortostr.cc/UEJaTzYxIDkiCTF/OGlDIi5nagQWZ2gJUmEoaCVAZyAsLEUoMz1hVTwtLytQIi00Oxg+Jy5qBBYPFH0GJxZoI2MRLm4/YDsPHxl+GhMbCUUVJGsKZBJyFyh0YCYLLm43JBh+QhEAGT8OGykPGGFhDBYdcgUMGSMGBwstJ2wTJWs/chYpFQtuZRIMKFoDITZ/ZBcXGyh3Ny0+GGIjEg8dYBsIIiNwA3IPOmAWLRkcXwkEDThBBiQJd3UBNRg+YScmHB1PCQoPOHwYEh84cAgUbnhiERQ+Dm5pChh/URQGDzhwCBc5InQnBAAJbicwHyMOEQxrd3IDA3cCeAQDDCtnOi4XDXUnADx+QQoaCCNHBzU5BGADNRkYczcBGRlFGBobDRNiBA0OUjMEAn5sBRMIDH03ewMJZAZ7FjhsNAANCWwVED0BUDdkMDxZPjJnFgEmcmw/fRMJHTpvYiY
108.157.229.70200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/UEJaTzYxIDkiCTF/OGlDIi5nagQWZ2gJUmEoaCVAZyAsLEUoMz1hVTwtLytQIi00Oxg+Jy5qBBYPFH0GJxZoI2MRLm4/YDsPHxl+GhMbCUUVJGsKZBJyFyh0YCYLLm43JBh+QhEAGT8OGykPGGFhDBYdcgUMGSMGBwstJ2wTJWs/chYpFQtuZRIMKFoDITZ/ZBcXGyh3Ny0+GGIjEg8dYBsIIiNwA3IPOmAWLRkcXwkEDThBBiQJd3UBNRg+YScmHB1PCQoPOHwYEh84cAgUbnhiERQ+Dm5pChh/URQGDzhwCBc5InQnBAAJbicwHyMOEQxrd3IDA3cCeAQDDCtnOi4XDXUnADx+QQoaCCNHBzU5BGADNRkYczcBGRlFGBobDRNiBA0OUjMEAn5sBRMIDH03ewMJZAZ7FjhsNAANCWwVED0BUDdkMDxZPjJnFgEmcmw/fRMJHTpvYiY
IP 108.157.229.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash 739383258ae939ee40c7e605aa4c34fc
5569dabe59bafb4842681e31e6e72b0c7c9c7572
173c126c7484151bcd9529a8eedeb649369d0fa213cee7f2b18e9b1e7a2a6d5e
GET /UEJaTzYxIDkiCTF/OGlDIi5nagQWZ2gJUmEoaCVAZyAsLEUoMz1hVTwtLytQIi00Oxg+Jy5qBBYPFH0GJxZoI2MRLm4/YDsPHxl+GhMbCUUVJGsKZBJyFyh0YCYLLm43JBh+QhEAGT8OGykPGGFhDBYdcgUMGSMGBwstJ2wTJWs/chYpFQtuZRIMKFoDITZ/ZBcXGyh3Ny0+GGIjEg8dYBsIIiNwA3IPOmAWLRkcXwkEDThBBiQJd3UBNRg+YScmHB1PCQoPOHwYEh84cAgUbnhiERQ+Dm5pChh/URQGDzhwCBc5InQnBAAJbicwHyMOEQxrd3IDA3cCeAQDDCtnOi4XDXUnADx+QQoaCCNHBzU5BGADNRkYczcBGRlFGBobDRNiBA0OUjMEAn5sBRMIDH03ewMJZAZ7FjhsNAANCWwVED0BUDdkMDxZPjJnFgEmcmw/fRMJHTpvYiY HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Tue, 21 Feb 2023 18:58:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 4ug_V_tqPhkmja-Ynev6tTOvnn5ivMbzqT2zdGztVogS0iLLkArc6A==
X-Firefox-Spdy: h2
kjheamwouk.xyz/NU82eGsacFULVngbfBk4BQJ+OVkMe1UPMnYtfhQTdh5sEghbAhAMAlFyD09dAX8OXhtcKwtJTUY7VwweRnIHXgJbKVlFTUNyB1ZYAWEFSkUEaUNFWhM7RhkMCH4QCB9BIwtJXQJ4BkheDHwETlwB
104.21.33.111204 No Content 0 B URL HTTP/2 kjheamwouk.xyz/NU82eGsacFULVngbfBk4BQJ+OVkMe1UPMnYtfhQTdh5sEghbAhAMAlFyD09dAX8OXhtcKwtJTUY7VwweRnIHXgJbKVlFTUNyB1ZYAWEFSkUEaUNFWhM7RhkMCH4QCB9BIwtJXQJ4BkheDHwETlwB
IP 104.21.33.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NU82eGsacFULVngbfBk4BQJ+OVkMe1UPMnYtfhQTdh5sEghbAhAMAlFyD09dAX8OXhtcKwtJTUY7VwweRnIHXgJbKVlFTUNyB1ZYAWEFSkUEaUNFWhM7RhkMCH4QCB9BIwtJXQJ4BkheDHwETlwB HTTP/1.1
Host: kjheamwouk.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DNXAlTmOdjGaXceEn8U670vpPtTcwbPWyBdAJ2kt9HWYtPuGm7l8nOnxknuiWnwmlt%2BLcmY1Q28RKS4Kf6k0pXINTzy6RAPDZJBZDbLJkRNhGFHBURaZ1vkPn68g7eEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79d1b746b95f0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obeyedortostr.cc/bkQ2dFcPJlUZaA95VFIiHCgLUWUoYQQyM18uBB4hWSZAFyQWNVFaNAIrQxAxHCtYAHkAIUJRZSh9YRkBJgtgMWItLVoSNQdwez0gPCtUIhlcB3E6byo+ZCMHFzRvPwAdDmYYEl0iURwjIDNBEh09BXQRMAJ3eBMGHhxbDG8vB1oVNSkwcj47Xj5sRREGEGUxZioqRj4YLXByPQIrNnscAl8MTyVgOQdGIxwUCXw/ZgZ0VzcZFwIEMnJcAmBHNDwOXDkbJ3VvGRw7Bgc3A1YxZzwCJB1xBBsKPE4dECsGBzcENz51RxIgIHEfOTcjQhweAgpMPBAnHWc8ejsOfw0vLyB+HDAPKHQEFDYsE0YROHdSERkqL3k/FRYufjIzXQdxMiY4DFU9MyksYD0BLy5mAxoBFW4mOCd3bz4NJhZgLQIWN1cDcQQ3WRonUypkLDNaNHEtYDwP
108.157.229.70200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/bkQ2dFcPJlUZaA95VFIiHCgLUWUoYQQyM18uBB4hWSZAFyQWNVFaNAIrQxAxHCtYAHkAIUJRZSh9YRkBJgtgMWItLVoSNQdwez0gPCtUIhlcB3E6byo+ZCMHFzRvPwAdDmYYEl0iURwjIDNBEh09BXQRMAJ3eBMGHhxbDG8vB1oVNSkwcj47Xj5sRREGEGUxZioqRj4YLXByPQIrNnscAl8MTyVgOQdGIxwUCXw/ZgZ0VzcZFwIEMnJcAmBHNDwOXDkbJ3VvGRw7Bgc3A1YxZzwCJB1xBBsKPE4dECsGBzcENz51RxIgIHEfOTcjQhweAgpMPBAnHWc8ejsOfw0vLyB+HDAPKHQEFDYsE0YROHdSERkqL3k/FRYufjIzXQdxMiY4DFU9MyksYD0BLy5mAxoBFW4mOCd3bz4NJhZgLQIWN1cDcQQ3WRonUypkLDNaNHEtYDwP
IP 108.157.229.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 222066031c38b410de1825cc98e9c1c7
891211be4f1ad8cb83de7f1bbfc793cbda3c3a78
4a08404ed2eee655f827b96503d33411561ef21a5d1223fabae1d9e60b46ef71
GET /bkQ2dFcPJlUZaA95VFIiHCgLUWUoYQQyM18uBB4hWSZAFyQWNVFaNAIrQxAxHCtYAHkAIUJRZSh9YRkBJgtgMWItLVoSNQdwez0gPCtUIhlcB3E6byo+ZCMHFzRvPwAdDmYYEl0iURwjIDNBEh09BXQRMAJ3eBMGHhxbDG8vB1oVNSkwcj47Xj5sRREGEGUxZioqRj4YLXByPQIrNnscAl8MTyVgOQdGIxwUCXw/ZgZ0VzcZFwIEMnJcAmBHNDwOXDkbJ3VvGRw7Bgc3A1YxZzwCJB1xBBsKPE4dECsGBzcENz51RxIgIHEfOTcjQhweAgpMPBAnHWc8ejsOfw0vLyB+HDAPKHQEFDYsE0YROHdSERkqL3k/FRYufjIzXQdxMiY4DFU9MyksYD0BLy5mAxoBFW4mOCd3bz4NJhZgLQIWN1cDcQQ3WRonUypkLDNaNHEtYDwP HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Tue, 21 Feb 2023 18:58:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: DTcjdaqVdFSW0gvauubsp86A4UL6Fy680lMl1P_CjJMkIHKfCn0TzA==
X-Firefox-Spdy: h2
obeyedortostr.cc/ZkdDVWYHJSA4WQd6IXMTFCt+cFQgYnETAlctcT8QUSU1NhUeNiR7BQooNjEAFCgtIUgIIjdwVCAEEGcoFBRxIgkiBhYhMxx/CBFVPBElEzAHIi9sEiUVJD4nDDMmFw9WcQwBPwEAAWFDVAUUOVI/ABEYITITewIqV3IhNzcnNgcEHlQUKmEoJQ8ZMQQ3DhMeMCBicRM0NHMyADU/CgYGLycNNB8pAxQzcFQkExUhEz4pNxkuJQ4AGRERJAwQClMSNABDVAEQDQoyEC0hJQN3GQwlMyt2AB4RLgI7Vz4TLTITBCsFNytXN2ZnIDQrJB81PisXEjJXDSYWLAcicjkKM3duHxM+KTAQIg8gCx8jPB0HA1NREi8hUT4fNwYyCCsgGTcJHQ8yCQ0Ac2BTLSkzAT4LESA3NDwQJjJADDQsOxZbKiUDFDMMECcTX3IQID4D
108.157.229.70200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/ZkdDVWYHJSA4WQd6IXMTFCt+cFQgYnETAlctcT8QUSU1NhUeNiR7BQooNjEAFCgtIUgIIjdwVCAEEGcoFBRxIgkiBhYhMxx/CBFVPBElEzAHIi9sEiUVJD4nDDMmFw9WcQwBPwEAAWFDVAUUOVI/ABEYITITewIqV3IhNzcnNgcEHlQUKmEoJQ8ZMQQ3DhMeMCBicRM0NHMyADU/CgYGLycNNB8pAxQzcFQkExUhEz4pNxkuJQ4AGRERJAwQClMSNABDVAEQDQoyEC0hJQN3GQwlMyt2AB4RLgI7Vz4TLTITBCsFNytXN2ZnIDQrJB81PisXEjJXDSYWLAcicjkKM3duHxM+KTAQIg8gCx8jPB0HA1NREi8hUT4fNwYyCCsgGTcJHQ8yCQ0Ac2BTLSkzAT4LESA3NDwQJjJADDQsOxZbKiUDFDMMECcTX3IQID4D
IP 108.157.229.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash 62c115e6ba2c435eccbd4f9ab77d8d59
8a7fe8e4dd107bd15fc2fc3146b135e2b979f061
73700dc40f718a5f4ecb9f209454c8f85e5412666499334cc86e4e5b32514fa1
GET /ZkdDVWYHJSA4WQd6IXMTFCt+cFQgYnETAlctcT8QUSU1NhUeNiR7BQooNjEAFCgtIUgIIjdwVCAEEGcoFBRxIgkiBhYhMxx/CBFVPBElEzAHIi9sEiUVJD4nDDMmFw9WcQwBPwEAAWFDVAUUOVI/ABEYITITewIqV3IhNzcnNgcEHlQUKmEoJQ8ZMQQ3DhMeMCBicRM0NHMyADU/CgYGLycNNB8pAxQzcFQkExUhEz4pNxkuJQ4AGRERJAwQClMSNABDVAEQDQoyEC0hJQN3GQwlMyt2AB4RLgI7Vz4TLTITBCsFNytXN2ZnIDQrJB81PisXEjJXDSYWLAcicjkKM3duHxM+KTAQIg8gCx8jPB0HA1NREi8hUT4fNwYyCCsgGTcJHQ8yCQ0Ac2BTLSkzAT4LESA3NDwQJjJADDQsOxZbKiUDFDMMECcTX3IQID4D HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Tue, 21 Feb 2023 18:58:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: H_S5MFcwMF77YGl5zoTnIXpm3GPK5yn-Nv3RX2v59_ZfmuI9qLkE8g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 39fda20843006a5767fbc0134f280a5e
9d747b6a695b005909c9bae4d402a2800d9d0523
81e076530a2f7710a1857b260c948813210852b7d35c14d618027dda792ef866
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cec1795729da89d9949cead8c2ea18e8
588bc0d5b65eb97ff9e57e0ec6f940616bad164a
2b0c1448791f2a02c5a047b0f5e5aa8ffe868bfa3778ba03af7a7ff79b8ac5b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 13 kB IP 216.58.211.3:0
Hash b8bd8e0dab032421c17f085af19b8c1e
bbd0f8362282ed210e600402942d4ee1c1460a60
ea3f0f0ecf13d0577dbd4eb40b1ae7c6ddee492b7b33593ea41e6c4b55a30058
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cec1795729da89d9949cead8c2ea18e8
588bc0d5b65eb97ff9e57e0ec6f940616bad164a
2b0c1448791f2a02c5a047b0f5e5aa8ffe868bfa3778ba03af7a7ff79b8ac5b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e61ae0c1393c132fa9ba2d870932d5bb
b6e48d56417c1e1fb8b0f35de24498048cd3ad27
810db95221e19a26f0d919852dae36c852780f183d06d38479f827553cffd8b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5930
Cache-Control: max-age=158345
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Etag: "63f4c4cb-1d7"
Expires: Thu, 23 Feb 2023 14:57:57 GMT
Last-Modified: Tue, 21 Feb 2023 13:19:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 21 Feb 2023 18:41:40 GMT
expires: Tue, 21 Feb 2023 20:41:40 GMT
cache-control: public, max-age=7200
age: 1032
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
obeyedortostr.cc/utx?cb=HEnP7Ev1PZSH&top=www.upload-4ever.com&tid=976112
108.157.229.70204 No Content 0 B URL HTTP/2 obeyedortostr.cc/utx?cb=HEnP7Ev1PZSH&top=www.upload-4ever.com&tid=976112
IP 108.157.229.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=HEnP7Ev1PZSH&top=www.upload-4ever.com&tid=976112 HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 18:58:52 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 21 Feb 2023 18:59:52 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: KA41E5JMnbVoN-3uopCitYCRP6OQgo6yDdAY9UMZ6TfS7loWeOJXWg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 7ac4173457da8b113069e3b0b38e5953
32ec4d48d448fffd85e5fb8840bf0f45ee9d3a5a
9db851dc1ef5ea53bd09dd5db2fe2d36a4386cc4f98021cbedaef877e549019d
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 18:58:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1376312385%3A1677005932836779&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeIGfKLdpQNR5v_Lq8nTM3Yl1f4jmnE3GCXAy5a1SaG6j1g9GMkJtG6Q0NqWShEdQG_S15yng
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-Zr9Dn8CJLDG3KO2FvGGZRQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:w2IRN3s96dBfv-uQEXtyjptgPnkBQA:q9xwZ1cW_j9eDLnl;Path=/;Expires=Thu, 20-Feb-2025 18:58:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3761
Expires: Tue, 21 Feb 2023 20:01:33 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
obeyedortostr.cc/utx?cb=7lCo1hticY1E&top=www.upload-4ever.com&tid=976408
108.157.229.70204 No Content 0 B URL HTTP/2 obeyedortostr.cc/utx?cb=7lCo1hticY1E&top=www.upload-4ever.com&tid=976408
IP 108.157.229.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=7lCo1hticY1E&top=www.upload-4ever.com&tid=976408 HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 18:58:52 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 21 Feb 2023 18:59:52 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: m50nQnuFK8Hay2wgQmF79sjDLKwNEm1VYIhk20A3MDXMHr7G6TEwFw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3761
Expires: Tue, 21 Feb 2023 20:01:33 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 691103fb57f2545ceef46cab72219ebb
92235aeaa7ca948a5622683ccd25a6989523944a
fa21644f65e4607fbd0b62916daa1fcabc30d37b910becddcb3ed123f4d9341a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 18:58:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1828851426%3A1677005932848574&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHc732bDOvq4Llog5GayM6fmX7QaOtCHrnNNbofTI7C6w5k3IzC73xe0PGUWO_2O48oF6YmPMg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-azVo2vVxxapzCCvjn9lVtA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:0uL7gX7vG9tdVPssBPLXi1spivYnjQ:dTA8kysfGBG8jjQS;Path=/;Expires=Thu, 20-Feb-2025 18:58:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3761
Expires: Tue, 21 Feb 2023 20:01:33 GMT
Date: Tue, 21 Feb 2023 18:58:52 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (3649)
Hash ffb17c7cf1f511f274a4bf691642437b
5367fb63edaaee037c4db6f321d0932809dadce9
5eb2da0a25c09b55c475f1a043a07bd80c7c11ad611e9c2330a4310279386c07
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Feb 2023 18:58:52 GMT
expires: Tue, 21 Feb 2023 18:58:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3366923961549353195
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1918623755&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20x750%20Spotify%20Mix%20Accounts%20txt&utmhid=695767417&utmr=-&utmp=%2Fbj707c7jd9vx%2Fx750%252520Spotify%252520Mix%252520Accounts.txt&utmht=1677005932996&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1604097924.1677005933.1677005933.1677005933.1%3B%2B__utmz%3D196983016.1677005933.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568237273&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.40302 Found 371 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1918623755&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20x750%20Spotify%20Mix%20Accounts%20txt&utmhid=695767417&utmr=-&utmp=%2Fbj707c7jd9vx%2Fx750%252520Spotify%252520Mix%252520Accounts.txt&utmht=1677005932996&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1604097924.1677005933.1677005933.1677005933.1%3B%2B__utmz%3D196983016.1677005933.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568237273&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 21e91e315afa7b65058e739e7ebb3c16
adb67608ce3051afb71e8fbda4e34213b213eab6
c9c608404887e0ede9dad78856d5bbfc8465ac06af1513b683cb7e52c12b6918
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1918623755&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20x750%20Spotify%20Mix%20Accounts%20txt&utmhid=695767417&utmr=-&utmp=%2Fbj707c7jd9vx%2Fx750%252520Spotify%252520Mix%252520Accounts.txt&utmht=1677005932996&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1604097924.1677005933.1677005933.1677005933.1%3B%2B__utmz%3D196983016.1677005933.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568237273&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
access-control-allow-origin: *
date: Tue, 21 Feb 2023 18:58:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7de2008cd7683d1060f482876ff1643a
0f799cee8a6b6dd78ed322a8e70c9c27dad0d92a
fe587a066085ea6073dc5c82d4112d96d25307294011a392f369f36a7463f5f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 39fda20843006a5767fbc0134f280a5e
9d747b6a695b005909c9bae4d402a2800d9d0523
81e076530a2f7710a1857b260c948813210852b7d35c14d618027dda792ef866
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1j2jv7bvcsxqg.cloudfront.net/MN20wT2lUAl4pVkMEVHJQAFsEf1ERB0MgB0dQaXgfB1tABCp8KkUWW1NLRDUNCl0WIwhZCg1pDFkODX5PVglScl0RGUAgAgodWTsPURVKJxlFS0UuVFoCSiYFWwwVfS8CQwBqWwdFRyYHUwJHPEwFXV47TAVdAX9HB0gDDUwFXUcmBwFZFXwrEl8AN18DSA-MNTAVdQjlMBCwBf1wZXRlqWwcKVSwCWEgCCVsHXAB/WAdcFX1ZUQRCKg9YFRV9LwZdBWFZERgNfg
54.230.245.155200 OK 569 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/MN20wT2lUAl4pVkMEVHJQAFsEf1ERB0MgB0dQaXgfB1tABCp8KkUWW1NLRDUNCl0WIwhZCg1pDFkODX5PVglScl0RGUAgAgodWTsPURVKJxlFS0UuVFoCSiYFWwwVfS8CQwBqWwdFRyYHUwJHPEwFXV47TAVdAX9HB0gDDUwFXUcmBwFZFXwrEl8AN18DSA-MNTAVdQjlMBCwBf1wZXRlqWwcKVSwCWEgCCVsHXAB/WAdcFX1ZUQRCKg9YFRV9LwZdBWFZERgNfg
IP 54.230.245.155:0
File type ASCII text, with very long lines (794), with no line terminators
Hash 423a43892ee62dfe9472ca320f01e11d
d681e1f1f493e5f49b5964d6c34a8f43297b59d6
bfe4b6e974166cb42d5932da60224a41884e9950ecaaffce10e7a2b2a068993a
GET /MN20wT2lUAl4pVkMEVHJQAFsEf1ERB0MgB0dQaXgfB1tABCp8KkUWW1NLRDUNCl0WIwhZCg1pDFkODX5PVglScl0RGUAgAgodWTsPURVKJxlFS0UuVFoCSiYFWwwVfS8CQwBqWwdFRyYHUwJHPEwFXV47TAVdAX9HB0gDDUwFXUcmBwFZFXwrEl8AN18DSA-MNTAVdQjlMBCwBf1wZXRlqWwcKVSwCWEgCCVsHXAB/WAdcFX1ZUQRCKg9YFRV9LwZdBWFZERgNfg HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 569
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KpSmequRVLqM8E4z3CVe9HhZiqEL1zOb8nmeUPggNO9CJdybQGEA3A==
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.155200 OK 117 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.155:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 117 kB (116590 bytes)
Hash 5331d3d9209f4b39434abcf84cc26208
1ce75425dd52e49c6d2fb756138441d1022a79e7
577250a40503c31b10602ba5a883ee2db8cca60f303949756e2d1925dc35adf4
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116590
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vk0p1yn-OA3Dgz4f5AsVJTqgTg0wF6y3I_xdjL-caK4lDCV_ctXZYw==
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
64.233.164.157302 Found 369 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
IP 64.233.164.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 44f11011e8101d1bb26aecca01ec5e12
24b9e5038995277fc08cd4a3cd8a8888498590bc
8880da8de89c97821fbd3073025fc72d47bb8ddc045f3b773c2eb3b3bda5f637
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Feb 2023 18:58:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/CS2NrS2woDAUtUz8KD3ZVfFVael9tCRgkAjteBi06OTYgGB4+Wl4YGRMGTT8WL15bbQAqDQx2Si4NCHZdbQIPKVF/RR4qUSYMESIAJwJOeSp+TVtuXntLHCICLwwcOEl5UwU/SXlTWntCe0ZYCUl5UxwiAn1XTngublFbM1p/RlgJSXlTGT1JeCJae1llU0-JuXnsEDigHJEZZDV57Ult7XXtSTnlcLQoZLgokG055KnpTXmVcbRZWeg
54.230.245.155200 OK 189 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/CS2NrS2woDAUtUz8KD3ZVfFVael9tCRgkAjteBi06OTYgGB4+Wl4YGRMGTT8WL15bbQAqDQx2Si4NCHZdbQIPKVF/RR4qUSYMESIAJwJOeSp+TVtuXntLHCICLwwcOEl5UwU/SXlTWntCe0ZYCUl5UxwiAn1XTngublFbM1p/RlgJSXlTGT1JeCJae1llU0-JuXnsEDigHJEZZDV57Ult7XXtSTnlcLQoZLgokG055KnpTXmVcbRZWeg
IP 54.230.245.155:0
File type ASCII text, with no line terminators
Hash 3a80d2e1e3ab07c203d53f3d42381bff
b097efbdec866dc6e724540443b5578cbd7b4121
307f10757068f9c430089732eebcd9e14293b834d8d833583741cfae9a8ec7bc
GET /CS2NrS2woDAUtUz8KD3ZVfFVael9tCRgkAjteBi06OTYgGB4+Wl4YGRMGTT8WL15bbQAqDQx2Si4NCHZdbQIPKVF/RR4qUSYMESIAJwJOeSp+TVtuXntLHCICLwwcOEl5UwU/SXlTWntCe0ZYCUl5UxwiAn1XTngublFbM1p/RlgJSXlTGT1JeCJae1llU0-JuXnsEDigHJEZZDV57Ult7XXtSTnlcLQoZLgokG055KnpTXmVcbRZWeg HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Tue, 21 Feb 2023 18:58:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H6OcNQRGnnROULrd1HRAxfw1KlzueFYz8i-sUyU5e6J7_RFWid4Skg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e61ae0c1393c132fa9ba2d870932d5bb
b6e48d56417c1e1fb8b0f35de24498048cd3ad27
810db95221e19a26f0d919852dae36c852780f183d06d38479f827553cffd8b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5930
Cache-Control: max-age=158345
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:52 GMT
Etag: "63f4c4cb-1d7"
Expires: Thu, 23 Feb 2023 14:57:57 GMT
Last-Modified: Tue, 21 Feb 2023 13:19:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3760
Expires: Tue, 21 Feb 2023 20:01:33 GMT
Date: Tue, 21 Feb 2023 18:58:53 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230215/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Mon, 20 Feb 2023 22:28:44 GMT
expires: Mon, 06 Mar 2023 22:28:44 GMT
cache-control: public, max-age=1209600
age: 73809
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/9WmVHOVE5Cilfbi4MIwRobVN2CGN8DzRWPypYKWsJPlE3fghtNwwfJSABegl3NgQpXmx8AClabGtDJl0zZ1FhTSE1DnpJOC4DIUErMhU1HyQ7WCpWKzMJK1h0aCNyF2F/V3cRJjMLI1YmKUB1CT8uQHUJYGpLdxxiGEB1CSYzC3ENdGknYgthIlNzHGIYQH-UJIyxAdHhgalBpCXh/V3deNDkOKBxjHFd3CGFqVHcIdGhVIVAjPwMoQXRoI3YJZHRVYUxsaw
54.230.245.155200 OK 507 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/9WmVHOVE5Cilfbi4MIwRobVN2CGN8DzRWPypYKWsJPlE3fghtNwwfJSABegl3NgQpXmx8AClabGtDJl0zZ1FhTSE1DnpJOC4DIUErMhU1HyQ7WCpWKzMJK1h0aCNyF2F/V3cRJjMLI1YmKUB1CT8uQHUJYGpLdxxiGEB1CSYzC3ENdGknYgthIlNzHGIYQH-UJIyxAdHhgalBpCXh/V3deNDkOKBxjHFd3CGFqVHcIdGhVIVAjPwMoQXRoI3YJZHRVYUxsaw
IP 54.230.245.155:0
File type ASCII text, with very long lines (679), with no line terminators
Hash 9c6de42922f0cefaa65ba5acf99ec41d
204d7b952baa769fb0947496dbd9bd63e5a40708
9a77a4dd61d02a50634db51832ebbc424e5bd15aa957dddf6b5b4c144a5e0c6f
GET /9WmVHOVE5Cilfbi4MIwRobVN2CGN8DzRWPypYKWsJPlE3fghtNwwfJSABegl3NgQpXmx8AClabGtDJl0zZ1FhTSE1DnpJOC4DIUErMhU1HyQ7WCpWKzMJK1h0aCNyF2F/V3cRJjMLI1YmKUB1CT8uQHUJYGpLdxxiGEB1CSYzC3ENdGknYgthIlNzHGIYQH-UJIyxAdHhgalBpCXh/V3deNDkOKBxjHFd3CGFqVHcIdGhVIVAjPwMoQXRoI3YJZHRVYUxsaw HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 507
date: Tue, 21 Feb 2023 18:58:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4p4lnqNnvkger5suun5vcON4k977MMxb4rWd0WE7Z138G0T8bTiy2Q==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1f140e8f749fa7cf108c3b76d8abeaa0
f9c44d53ee0abc753a0b756bc28e56c4ce0b03a3
8d10d695c1b4fc822ba94acbdf74fb68e84acad5be1355a897a3bb132a9dd954
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:58:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755&slf_rd=1&random=2110315039
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ce8e5fba8709f67e2c5b3c3523c24b80
db1b90b51eb420201387c9c04d18082b18bac6dd
72c536799d33ae68baee04709767468effb16f11ef6b3e1b8f5fee2a592550e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755&slf_rd=1&random=2110315039
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755&slf_rd=1&random=2110315039
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1604097924.1677005933&jid=1568237273&_v=5.7.2&z=1918623755&slf_rd=1&random=2110315039 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:58:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ce8e5fba8709f67e2c5b3c3523c24b80
db1b90b51eb420201387c9c04d18082b18bac6dd
72c536799d33ae68baee04709767468effb16f11ef6b3e1b8f5fee2a592550e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 18:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Tue, 21 Feb 2023 19:35:26 GMT
Date: Tue, 21 Feb 2023 18:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Tue, 21 Feb 2023 19:35:26 GMT
Date: Tue, 21 Feb 2023 18:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Tue, 21 Feb 2023 19:35:26 GMT
Date: Tue, 21 Feb 2023 18:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Tue, 21 Feb 2023 19:35:26 GMT
Date: Tue, 21 Feb 2023 18:58:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed326d529c042fe3fdad8b863a59f256
d6cd1c7d26167d2721481c48674431cb211eb9e4
760c22e84957fc06e33e9181ad983bc496e4053bf04b1db9403e832448783f36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8808
x-amzn-requestid: 089af23d-dada-4921-a4fb-d7aa01b7de42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AsvaLGcLIAMFqgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f4f90d-2aae520828a83a1967d5d41a;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 17:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b14XymmsQrVe7GCLYuwgwiEeCYg_DQt8citdJxK9xnvhbxq9V-mtIw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 17:06:34 GMT
age: 6739
etag: "d6cd1c7d26167d2721481c48674431cb211eb9e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82deb326eb0c337b11049eaa06ab6fc5
d6066ccfc2035d17b1e99b1794c49cb48169889c
1612e8f3c8b8250c10ee8a92a37845d229c9cbeec96f5a68061f129a5c078551
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 3b0cb8b9-7603-4e7e-b93d-0187199b7ab3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoGVhFjIIAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31dbc-1d01d5416ff15f40518be204;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:14:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9NHoW87jZe1S6XiHqudUOhUKLiVuQDS1kGRSU4dY4Pwyg4LsBrhfmA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 06:59:38 GMT
age: 43155
etag: "d6066ccfc2035d17b1e99b1794c49cb48169889c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 09:13:17 GMT
age: 35136
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83e6132f67f7260c438854ee306526a4
da52ad870b7961e0dffb76cb204c1634c1045bcc
9375c53e5d6519f5d765dcd4a4c2e24e372d9dc507fc3331ba122c7d08babc34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 11509d28-5502-4a01-8991-96d6cf2efd4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ARBMIGeqoAMFkpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e9e24d-77c90ef925dc9b1c7ff6561b;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 07:10:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3CuK8nOPRT8XXDy3SROYVosiN-o4BFEFJCZYqwr5Y6SLhydHcobdg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 08:23:41 GMT
age: 38112
etag: "da52ad870b7961e0dffb76cb204c1634c1045bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d5b1f36b0fce0c27bc55b1b565fc036
b6b3c4f523346bcad001b251c984d18aee522d33
d03c32dc9a6ffce9b147d6db39df6a7bd3a3a47f778242e3194aa82357138d6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13379
x-amzn-requestid: 304b3dbc-34c8-45f6-bc57-0cb24d8bcd71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkTwpHiPoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1999d-428a7455204ae54c4383071b;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 03:38:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wEimr3MFrSkUXiNK08bsd0FgzCvyhJyigthdZRTpH6-V1t88W6pNNQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 21:54:43 GMT
age: 75850
etag: "b6b3c4f523346bcad001b251c984d18aee522d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f4f15374ec09bd3d657f2c8f0fa886c
fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c
a63f93c3413c34897706ede836bf8aaf186a7002a901df0dc5481d381af5b849
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7349
x-amzn-requestid: 76a8d55e-1e03-44d3-8c54-189007f4cf2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AhffeElfIAMFWOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f0792f-30cb18357e326d222d1078b8;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 07:07:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P3dZrSGiPAoOHVLkQ1Rd_-MUgd4yxlME-w_DWNPII1qfmoCFgoh-Kw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 11:21:10 GMT
age: 27463
etag: "fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cagothie.net/5/2726715/?oo=1&aab=1
139.45.197.238200 OK 0 B URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1
IP 139.45.197.238:0
GET /5/2726715/?oo=1&aab=1 HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: application/json
x-trace-id: 99f09b815c079571bbb15934e73016c2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=dbdc702bb5a84e42be1e98f15e7b7c74; expires=Wed, 21 Feb 2024 18:58:52 GMT; path=/; secure; SameSite=None
oaidts=1677005932; expires=Wed, 21 Feb 2024 18:58:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5135
last-modified: Tue, 21 Feb 2023 17:33:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNLAjmRXgyyWnTpAGa4dmylAxZJwknwjstDCxpqlcQtIuxH7nymoiltc83d5RzdizLX1RF1Wi5WIaHZul4HWc25aEWonmH%2Bs3exvLLgppUeQAaBDzuCvPUR6j41Ju%2Btl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79d1b7488e0c71aa-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1376312385%3A1677005932836779&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeIGfKLdpQNR5v_Lq8nTM3Yl1f4jmnE3GCXAy5a1SaG6j1g9GMkJtG6Q0NqWShEdQG_S15yng
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1376312385%3A1677005932836779&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeIGfKLdpQNR5v_Lq8nTM3Yl1f4jmnE3GCXAy5a1SaG6j1g9GMkJtG6Q0NqWShEdQG_S15yng
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S1376312385%3A1677005932836779&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeIGfKLdpQNR5v_Lq8nTM3Yl1f4jmnE3GCXAy5a1SaG6j1g9GMkJtG6Q0NqWShEdQG_S15yng HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 18:58:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-KBR9UcPmWONibWPI7mw9ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: lLUh05Wjh/oiH01KXD+igim9iPDu1JfnVbb20iJ7d9PkVZpFe+zVAVOspH49cWTPWwAKEdzbGcKs7g9J9Gh/kA==
date: Tue, 21 Feb 2023 18:58:52 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5135
last-modified: Tue, 21 Feb 2023 17:33:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaEgp7gIZjtMvgiM4OOVuIwvaHHL9x%2Bu1TevFQylCcrERXKcDljsjZTxDTk%2FBTPx8p17kjaPM5ORLFdyzZ7hJsk3xXC%2FuIkzSDKc3g49vvXC0gegjoDr3LNThBbAkkQG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79d1b748ae2371aa-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.upload-4ever.com/bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt
104.21.12.131200 OK 0 B URL HTTP/2 www.upload-4ever.com/bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt
IP 104.21.12.131:0
GET /bj707c7jd9vx/x750%20Spotify%20Mix%20Accounts.txt HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 21 Feb 2023 18:58:51 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Mon, 20 Feb 2023 18:58:51 GMT
set-cookie: aff=1280594; domain=.upload-4ever.com; path=/; expires=Tue, 07-Mar-2023 18:58:51 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CE9Vr7O7%2FzXiuHDAAr2ZIK0E9LZeF%2BdUbTXC5IfDlGpTz9pIW9DhqNKV1YHzyioX8o3bQbExrlPVHT4ubMArRdq2R4LVaoFvmG1zUiWLX1O1JIzErRfhxHjwhB1CObsRhKDUimONvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79d1b73f592a0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/?rb=AFSEO82O_ilUNKLTjgl5x25Jm6qLXKcHSkv3xz-ElE7_etlIonKeZjBu32CiYbzxOmLM6Ff2iFYOlAfKSPYqibXyRIdy13DtD1558a_cmr6Np2anlwLjIVCOnu2Ov1qPi1EgZcZyD857lZ3_T8rUP1iYedO71iceQagorC2f8X5xr8AtddW1MT6WIZGFPFWIVliit9qi8zzdqdjIkRJ6NkkJYVXhOw6Nibq9aMUnl2XhhXwU&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fbj707c7jd9vx%2Fx750%2520Spotify%2520Mix%2520Accounts.txt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=733c070c-f7c5-4058-a223-311c55a85959&userId=dbdc702bb5a84e42be1e98f15e7b7c74&m=link
139.45.197.238200 OK 0 B URL HTTP/2 cagothie.net/?rb=AFSEO82O_ilUNKLTjgl5x25Jm6qLXKcHSkv3xz-ElE7_etlIonKeZjBu32CiYbzxOmLM6Ff2iFYOlAfKSPYqibXyRIdy13DtD1558a_cmr6Np2anlwLjIVCOnu2Ov1qPi1EgZcZyD857lZ3_T8rUP1iYedO71iceQagorC2f8X5xr8AtddW1MT6WIZGFPFWIVliit9qi8zzdqdjIkRJ6NkkJYVXhOw6Nibq9aMUnl2XhhXwU&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fbj707c7jd9vx%2Fx750%2520Spotify%2520Mix%2520Accounts.txt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=733c070c-f7c5-4058-a223-311c55a85959&userId=dbdc702bb5a84e42be1e98f15e7b7c74&m=link
IP 139.45.197.238:0
GET /?rb=AFSEO82O_ilUNKLTjgl5x25Jm6qLXKcHSkv3xz-ElE7_etlIonKeZjBu32CiYbzxOmLM6Ff2iFYOlAfKSPYqibXyRIdy13DtD1558a_cmr6Np2anlwLjIVCOnu2Ov1qPi1EgZcZyD857lZ3_T8rUP1iYedO71iceQagorC2f8X5xr8AtddW1MT6WIZGFPFWIVliit9qi8zzdqdjIkRJ6NkkJYVXhOw6Nibq9aMUnl2XhhXwU&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fbj707c7jd9vx%2Fx750%2520Spotify%2520Mix%2520Accounts.txt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=733c070c-f7c5-4058-a223-311c55a85959&userId=dbdc702bb5a84e42be1e98f15e7b7c74&m=link HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: OAID=dbdc702bb5a84e42be1e98f15e7b7c74; oaidts=1677005932
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 18:58:52 GMT
content-type: application/json
x-trace-id: 1c4dabbad53227d35ac36d1e435c4dea
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=dbdc702bb5a84e42be1e98f15e7b7c74; expires=Wed, 21 Feb 2024 18:58:52 GMT; path=/; secure; SameSite=None
oaidts=1677005932; expires=Wed, 21 Feb 2024 18:58:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 28 Feb 2023 18:58:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1828851426%3A1677005932848574&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHc732bDOvq4Llog5GayM6fmX7QaOtCHrnNNbofTI7C6w5k3IzC73xe0PGUWO_2O48oF6YmPMg
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1828851426%3A1677005932848574&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHc732bDOvq4Llog5GayM6fmX7QaOtCHrnNNbofTI7C6w5k3IzC73xe0PGUWO_2O48oF6YmPMg
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S1828851426%3A1677005932848574&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHc732bDOvq4Llog5GayM6fmX7QaOtCHrnNNbofTI7C6w5k3IzC73xe0PGUWO_2O48oF6YmPMg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 18:58:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-JHgX4B0lcxfhG2Qq6kZLKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Feb 2023 18:58:53 GMT
content-type: text/plain
set-cookie: csu=42044920613990@1@1677005933; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SsZC19eBhfBJBnI%2BnpKgEhp4h%2FgJabOwH1mGlD3rAxPGHtZMXvxgjIvu%2BZdAjmvKeLmrB%2FW7GbyEz0E1QXcX400oESn5uEAjcSuo3CeYkdUORHOOjQEOTMrCfIAQCYl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79d1b7494f1271aa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2