Overview

URL sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip
IP31.220.2.93
ASNAmarutu Technology Ltd
Location Germany
Report completed2022-09-28 08:10:53 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 hatsheisaco.xyz/UjhjMDgzWgBdBzMFARZNIFReFQoUHVF2XGBeAUZZKwBSWww4UVAeWz5XFlR (...) Phishing
2022-09-28 2 hatsheisaco.xyz/Y3hYcGwCGjsdUwJFOlYZERRlVV4lXWo2CFEeOgYNGkBpG1gJEWteDw8XLRQ (...) Phishing
2022-09-28 2 hatsheisaco.xyz/MlRRZ1RTNjIKa1NpM0EhQDhsQmZ0cWMhMAAyMxE1S2xgDGBYPWJJN147JAM (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS sakurafile.com (16) 213734 2015-09-18 09:59:24 UTC 2022-09-26 16:03:01 UTC 31.220.2.93
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS d2fbvay81k4ji3.cloudfront.net (4) 0 2021-10-15 11:02:08 UTC 2022-09-24 21:49:34 UTC 143.204.42.51 Unknown ranking
mnemonic passive DNS s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2022-09-28 07:41:39 UTC 46.105.201.240
mnemonic passive DNS hatsheisaco.xyz (5) 0 2022-09-18 19:36:40 UTC 2022-09-28 04:32:17 UTC 143.204.55.58 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.76.226
mnemonic passive DNS e1.o.lencr.org (5) 6159 2021-08-20 07:36:30 UTC 2022-09-28 05:22:53 UTC 23.36.77.32
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-28 04:43:36 UTC 157.240.200.35
mnemonic passive DNS reswsentativ.xyz (4) 0 2022-09-18 06:49:11 UTC 2022-09-28 01:31:44 UTC 172.67.140.14 Unknown ranking
mnemonic passive DNS accounts.google.com (3) 81 2016-09-05 09:39:47 UTC 2022-09-28 05:24:42 UTC 216.58.207.237
mnemonic passive DNS pogothere.xyz (2) 0 2022-09-04 19:11:25 UTC 2022-09-28 01:31:44 UTC 172.64.199.35 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 31.220.2.93

Date UQ / IDS / BL URL IP
2022-09-28 08:10:54 +0000
0 - 0 - 3 sakurafile.com/edeynsoglt7g/3420599779.rar 31.220.2.93
2022-09-28 08:10:53 +0000
0 - 0 - 3 sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujis (...) 31.220.2.93
2022-09-28 08:10:48 +0000
0 - 0 - 3 sakurafile.com/7ibr5cphm3s5/snow.rain.rar 31.220.2.93
2022-09-28 08:10:46 +0000
0 - 0 - 3 sakurafile.com/ayfasym2alp5/Keppeki_Danshi_Ao (...) 31.220.2.93

Last 5 reports on ASN: Amarutu Technology Ltd

Date UQ / IDS / BL URL IP
2022-12-08 06:33:22 +0000
0 - 0 - 11 kittyland.ws/ 103.109.100.248
2022-12-08 01:21:11 +0000
0 - 0 - 2 31.220.3.228/ 31.220.3.228
2022-12-08 01:21:09 +0000
0 - 0 - 8 31.220.3.104/ 31.220.3.104
2022-12-05 23:20:43 +0000
0 - 0 - 9 mixdrp.to/f/dqzpqkd4iorvle 31.220.1.173
2022-12-03 07:41:21 +0000
0 - 0 - 10 kittyland.ws/ 103.109.100.248

Last 5 reports on domain: sakurafile.com

Date UQ / IDS / BL URL IP
2022-11-24 02:53:23 +0000
0 - 0 - 3 sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Mang (...) 89.249.49.147
2022-10-18 21:03:07 +0000
0 - 0 - 5 sakurafile.com/4teuskgxkztz/2086949255.rar 89.249.49.147
2022-10-18 21:03:05 +0000
0 - 0 - 5 sakurafile.com/j7a83b7utqb3/0421013400.rar 89.249.49.147
2022-10-18 21:03:04 +0000
0 - 0 - 5 sakurafile.com/7ibr5cphm3s5/snow.rain.rar 89.249.49.147
2022-10-18 21:03:02 +0000
0 - 0 - 5 sakurafile.com/55ejchfc1kgo/5016053614.rar 89.249.49.147

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-24 02:53:23 +0000
0 - 0 - 3 sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Mang (...) 89.249.49.147
2022-09-28 08:10:46 +0000
0 - 0 - 3 sakurafile.com/ayfasym2alp5/Keppeki_Danshi_Ao (...) 31.220.2.93


JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (63)


Request Response
                                        
                                            GET /f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/html ; charset=UTF-8
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=0;includeSubDomains;
Expires: Tue, 27 Sep 2022 07:11:51 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   12261
Md5:    64ae6bfff219513bef7001ae311e9bbc
Sha1:   a3f69874e6295b8f38448124e5bf41cd4a9055be
Sha256: 189e51a43be9b0d9ead158a51f6ee532d13823e687fbfbc097fa91eac607a950
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4680
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 08:10:42 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XJJqN5vSq_GhsIx6JF7cAJeddkhyKX-Dxw9IUKNJio28hTIEbjxWGw==
Age: 3303


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8-5-Jj4wJCQeH66FC-TpmrWMT36V8I3R7CJov5Q1BGV1NG68fxX6DA==
age: 81989
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /js/jquery.cookie.js HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 3989
Connection: keep-alive
Accept-Ranges: bytes
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 1 Jan 1970 00:00:00 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (418)
Size:   3989
Md5:    1e16b14dcd3d882ec44ce1dfba605f33
Sha1:   b97d6de860c43539a1f4112fe1ab49a2f50e4688
Sha256: 38d424a116d57910c9d3233b1d6c0108287bd2c15f9784b0cab4f3f830913050
                                        
                                            GET /js/paging.js HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1709
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a079f-6ad-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   1709
Md5:    43e50aa00ad654da80af8f7936afd4c6
Sha1:   fb5921b855cce329191077b7e93563029d703545
Sha256: e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
                                        
                                            GET /css/style.css HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 47641
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a15e3-ba19-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   47641
Md5:    ebf0d9b705a939be747e80fc5efb933e
Sha1:   e5e9b45ff5ef00ab97e7fb96bdec202cd144e3b7
Sha256: d6196747f0e1d51259cd8f9b46749c27203bbfe0a453cc9a666ae479122d695f
                                        
                                            GET /js/jquery.paging.js HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 19365
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a079c-4ba5-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   19365
Md5:    d7a2c1c7af2a004a6d68e1e55b1cfb46
Sha1:   7fd6daa7076c30381880519ad06ef5639b19ee28
Sha256: c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 08:10:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /js/jquery-1.9.1.min.js HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 92629
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a079b-169d5-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32089)
Size:   92629
Md5:    397754ba49e9e0cf4e7c190da78dda05
Sha1:   ae49e56999d82802727455f0ba83b63acd90a22b
Sha256: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
                                        
                                            GET /images/icon_yes_w.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1092
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a0827-444-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   1092
Md5:    53855d04580aedc7fd1e451411cc7013
Sha1:   950fff14513f96ddb27636c26bdddd16485a30ff
Sha256: 96691a470ea69f5f2b421a066045f0ae990867b0837d15666b304cdf68182f0d
                                        
                                            GET /images/icon_yes_g.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1123
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a0897-463-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   1123
Md5:    18e50440202016e2eb6319b82ac78e60
Sha1:   3d65a77c43f840ed4285d8ba37b24cfca1bf2afc
Sha256: 816be92d18a72a17107eb09979eafaffb4bfdf5e153dfebf7d02ed34a881c60f
                                        
                                            GET /images/icon_no_g.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1240
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a0894-4d8-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   1240
Md5:    c0cdb13a820322bfe0b6234f9a14a51d
Sha1:   4d84cde8ee4dec7aa3f3079b8c7a2660552cf51a
Sha256: 0a4d1fb78420332147b4bae4592ce9d65aa38f2c0e5de5b8d089028e1599d33c
                                        
                                            GET /images/icon_no_w.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1143
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a0899-477-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   1143
Md5:    7b0abdbb8af6b17a0679e21c942bbe13
Sha1:   9d438b099e679fec6b3dde696ddcfea106cd389d
Sha256: 97803f020d873288a2062aa9523b7fadfe40ada657480ce6f959e4ad21b9965d
                                        
                                            GET /?avbfd=930121 HTTP/1.1 
Host: d2fbvay81k4ji3.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/

                                         
                                         143.204.42.51
HTTP/1.1 200 OK
                                        
Content-Length: 115498
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:36 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mPehL5p1a6tCc4Fl26fZoKC_pd82gk5i0NrNn1CTesDm-KPqsNQ5DA==
Age: 7


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   115498
Md5:    c418eebfe8c2231486b6892f370bbbf0
Sha1:   b6464dc5615ef8fe601762f9252e6d6d3052f836
Sha256: 52c99566e83d594447fcfd81d2fbc4206586a7b999e2dc72e2852e0af347eb70
                                        
                                            GET /f69qrxl3g1gf/favicon.ico HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/f69qrxl3g1gf/Shin_Tennis_Oujisama_v20.zip

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/html ; charset=UTF-8
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 27 Sep 2022 07:11:52 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   8914
Md5:    2c48ce51e695bba76ff5e226a5d096db
Sha1:   53a37cccaf78c33e6dfa08cde4b6d5cc643103b0
Sha256: 32edaf2ec223a7dcc82e95e4374e217340a303ec1500e18c2ecae1b0493f1d3d
                                        
                                            GET /images/homecur.cur HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1150
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a07d3-47e-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 16x16, hotspot @0x0\012- data
Size:   1150
Md5:    fcbb13cd43bdf87ad66570bdbf56dea9
Sha1:   5e36d2de4943189afd2e60e7d725f19df7add2c7
Sha256: a93eee4314f9387b8c3b2c3e10a3b086fd2f8a0e704cc2b76f9495f71801ee4e
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css

                                         
                                         31.220.2.93
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1008
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a069b-3f0-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1008
Md5:    d91136cb1ed8d2bd49eaaf77c893a383
Sha1:   06a4f366867d41b263be3e518c2e50f293606251
Sha256: 93853950068a3f7cf0c3a98f494f00d9aeebb7914858642ad12372f012abde92
                                        
                                            GET /images/linebg.jpg HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 1373
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a080f-55d-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x2, components 3\012- data
Size:   1373
Md5:    bee1d4cffbe4d4822da3bb47e492eda2
Sha1:   85b91213d6b32bb8e3627903b2b827c4f9dc8cdb
Sha256: 78f55d895106eb2248c48322b6acbefa8fc68c66d9d5fa2f41be27c25c9c9c15
                                        
                                            GET /images/triangle.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 6551
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a07fa-1997-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 241 x 87, 8-bit/color RGBA, non-interlaced\012- data
Size:   6551
Md5:    d5d338ad79b7b604abe497e68b3df8ea
Sha1:   91998c945fa40471bf0bd1fe61a303fe9140a441
Sha256: b79052980e65f93bd3b9d5529d20e47ee81e3026c9d2d3eba9e8f50a62566ce1
                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/

                                         
                                         46.105.201.240
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 08:06:09 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 956957502
etag: W/"-375139978"
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:6CBA_2E69C9F0:0050_63340183_1FF2EC:16BDB
x-iplb-instance: 40743


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4547
Md5:    2b153cb2287eac49566b32fce9c385f8
Sha1:   206074b038daff8bc66d86bca0c5ff35f9f72655
Sha256: 7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
                                        
                                            GET /images/flags.png HTTP/1.1 
Host: sakurafile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css

                                         
                                         31.220.2.93
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.2
Date: Wed, 28 Sep 2022 07:11:52 GMT
Content-Length: 15180
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2016 10:30:58 GMT
ETag: "2a07fc-3b4c-53b4779ef5c80"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size:   15180
Md5:    0e7e0406e09ea913dc344ca9974ec94a
Sha1:   084fcf2d8e96661354a7e563f64801dfd13bead7
Sha256: 0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "65A57EF2098917F9D92C6BB00A4D556BF3864200C070BCC295336AD7E3C781FE"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Wed, 28 Sep 2022 09:02:25 GMT
Date: Wed, 28 Sep 2022 08:10:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3667
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:10:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3667
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:10:43 GMT
Connection: keep-alive

                                        
                                            GET /utx?cb=UIG1lABZC9Rp&top=sakurafile.com&tid=930121 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.58
HTTP/2 204 No Content
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:11:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qZmOqTSRTi9golg5MqCjvpCjZNvfSRrBgl-Jo7rv279-Q6oh5otywQ==
X-Firefox-Spdy: h2

                                        
                                            GET /UjhjMDgzWgBdBzMFARZNIFReFQoUHVF2XGBeAUZZKwBSWww4UVAeWz5XFlReIFcNRBY8XRcVChRqAltIFHY0BHIYaxdkbQAMCXlpOmA7Xkhieg9qdRt8OVF5EEhQfQglXzZYcRxpGgh3H1IidG4oUwR6QB9ZJnMNZno2V38ZQRdjbWJPFXsJCGw0Ak85bTJIYDRVLXJwNW0LVX4TWSRjfTtvBENwHWsUZH8lTFB7fj1tIklhIm4mRGEWcCJSYDkBV1RqYm80A0w1egpIaDdwNWp6JWlGAn4CaiFTbzhyWnFCFFsFXXkVdCYJDDZtAGlsYVMmdH46fQZdFSVpO3ZXJnElaX4Qb1oDW2NAAlULB347AUhlYSJUXRZ7LgNtE18lfVUTcCh2dmpZFGZxGgsHAB44SwxeSG9OGn4ACnAVcVwqTVUJazha HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1

                                         
                                         143.204.55.58
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 1182
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4bj1i_Z-jJgFUldXZgtCWoZiow8Dne9L4IpR-_qATcRGn1MdASCr3A==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Size:   1182
Md5:    51ed5a40074655c1e8aad863548d53a3
Sha1:   999e6040be2835479f9cd0d918103f627fe41c73
Sha256: 604bd1efd74a1d0c053274eb3f2b5eb270836eee878d37ce7bf8044f88d4e565

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /Y3hYcGwCGjsdUwJFOlYZERRlVV4lXWo2CFEeOgYNGkBpG1gJEWteDw8XLRQKERc2BEINHSxVXiUvDxwEKCkPQFktAQkeOQpMIDwCGy05JwRUG2kIVC4SMwUtGgg0MgIPHRUZCzo0Px86Lz8vQSoZTTQVAQA6Fwo1Fx4dA0lRPhYZAFsgEAdZLxEWIQ4NTH1CLi4pEQg2MEBpOAYmXWo2JjApGTs4JQsWMRQNNgslWyE8AUAnUSo+OCtSEzslBAwZHzlZOz8sSQkyNhERKwQVEzEhFTEfSRY7KxIXCiFNOhICUk0ZQAQMGRwXXzA/MyoPUBwcEQIlDjtBXFooC10HEjk2SR0nMBYUDVEQbhMqUgo+KAQbOyI9HS8BOzMlDUlsMl0xCzweHA0/HxQcRRIrHwITRRRIXwsICh8LLAw HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1

                                         
                                         143.204.55.58
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 1172
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xyg8jTDj2lbCNOHpX_uhPzZjqKgQCtoSDZ6rugrGjKaGHRev9-eM7g==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Size:   1172
Md5:    dbbc42e7c61a01a36bf170707ad29bb8
Sha1:   db5eaca8e8a28d350b244301a5fd8ae1b0010751
Sha256: 7e07667a13737e83d16fefc7f9f5955adb47d139cc20ec6a33fa8cd6505bca4a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /MlRRZ1RTNjIKa1NpM0EhQDhsQmZ0cWMhMAAyMxE1S2xgDGBYPWJJN147JAMyQDs/E3pcMSVCZnQ+MCASBzA7Phh2PDI2F2AjGC8BQQQGVhZ8BSYDG3EjPj0DcDwyIwcKEBwjMHMcAFMWdgYiVBVVN2MrOHAXFAACdwY5JhFzFjI1FwJgFCEsZxgGMjdrET01AmQCaSMCAwEcITNKMhMmZGsBJjYhZBI1IBEDJAMyBQYcBjIGeRoTKTVnBgQBA3BkCz8RYxMUIThiHwAlN2ARPlcRAyQDJCNzAAYeFnMFEw8NYRIpIhZVbBQgPAMOBTEZF2YXNRVoDgQyeV4cEws4dwdhPQVzBhwEEXQ/ADURQSMVVmFiBwclEGQCEEE+QTs/F2lGDWQ/Ags/aQ44UBVlCANl HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1

                                         
                                         143.204.55.58
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 1160
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ah0VoKu1Pp69RaavLWTL8Zsfw1hLXsz_juz6WKeMj_g1T4TdQXHPlw==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3006), with no line terminators
Size:   1160
Md5:    450757bcbf626feb3b3e3f9c0a8d793a
Sha1:   f6df7a7886afe89c98f11529ef4b221a3ec92f21
Sha256: a2250d8b91784aa4f8c24c58cd67e5094331481c10a39aef80a7ab7279a5459d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3667
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:10:43 GMT
Connection: keep-alive

                                        
                                            GET /UEI4SU5/fVs6cwZych0UYQxNLXw0EGIkDCgbbgcjCnFyIBs9Bx49JzR/AX1+YXEAbz45JgV4aCM2WT07I38Jbyc+JFd0aCZ/CWd9ZGwKcWBhZE10f3Y2SCgpbXMeOTokLgV4eGZ2C3x8ZnYIcXtl HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jru78iswJ6stf8O7AHRzwgq5ygg17lewKx%2B1pEyQR6YQY1r97%2BLnW%2FSgN%2FgYf0nZGj%2Fr49D5yd80eNq0EwpqWinV8AdBvTJFW3MC9UVGQMo4ayKbG25huImzYBcijoucuZB%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b01152c980b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /OVYwM2oWaVNAV10CdgA+fwR+cQFdblJmM3wHAwIBazF6cQ9uGxZHA11rCQBaCGQBFRpQMg0CTEoiUUcfSmsBFQNXMF8OTE9rAR1ZDXgCC0QIcEUOWx8iQFINBGcWQx5NOg0CXA9iAwZYD2IAC1kO HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRiSCA2qPKkmIJiZ4vSq5jPoSB4QTBZWaoA%2Frge%2Flk6Iz3qPwcx8a3s5%2FqcY%2BcmhdkrEDNICXfVU1X%2Ft%2Ft8h4Twbs0nzWF5DAiwuExL42n3qKLHfhbBdqfxaxcfrzx6UhIiV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b01152c940b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NzNRcVEYDDICbHl2GwIEBVAQEhdDXwkWG05kPDsAdmsXEAthUHcFOFMOaEJgAwZgVyFeV2xAaRFAJRAlQkBsQHdeXTcebBFFbEB/Bx1gX2IRRmxAd0NDMBZsBhUhBSVbDmBHZwMAZENnAwNpR2c HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD777IiVLjNkhVz6c0%2F9Xczv6t0FkNTbXlhwhRFqplYUn2sJYdlYWHq9FPdc43Xbww5tqafPiYY7yQKY%2FDYFcK%2BeXj%2FjoXD7PVou1%2FRtg9YAoKy8umrzBAX0qwzmgSKcGJCM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b01153ca70b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "65A57EF2098917F9D92C6BB00A4D556BF3864200C070BCC295336AD7E3C781FE"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Wed, 28 Sep 2022 09:02:25 GMT
Date: Wed, 28 Sep 2022 08:10:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LfPlvQLSyEU0o-XMqa5ncMsnG9q2VcefjNrwrZf0NuwPx8golCGUPA==
Age: 2470


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6223
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 08:10:43 GMT
Last-Modified: Wed, 28 Sep 2022 06:27:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 08:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 08:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /utx?cb=UbE8vFJi95jA&top=sakurafile.com&tid=940138 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.58
HTTP/2 204 No Content
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:11:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4ry2wo8Fq7UsG5ZzXDwLmmxkhEQmuAL3TmelaKdsjb4nyQwr37STzw==
X-Firefox-Spdy: h2

                                        
                                            GET /RakpFNW4JJStTUR4jIQhXXnp0BlZMIDZaABp3M0wgUhINQy8OMjADVzkgJxMaEC54BUgGKytSU0wvK1ZTW2wkUQxXfmNBHgUheFAaGSEiWgsHOSwTGwt3KFoUAyYpVEtYDHAbXk94dR0WW3tgBixPeHVZBwQ/PRBcWjJ9AzFcfmAGLE94dUcYT3kEDFhEem-wQXFotIFYFBW93c1xae3UFX1p7YAdeDCM3UAgFMmAHKFN8awVIH3d0 HTTP/1.1 
Host: d2fbvay81k4ji3.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hatsheisaco.xyz/

                                         
                                         143.204.42.51
HTTP/1.1 200 OK
                                        
Content-Length: 485
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lOWwDdwWtS8V-DNgu9N_ulqGyM4Vcgi3w3d2kTu0DEp1JAngTpw4LA==


--- Additional Info ---
Magic:  ASCII text, with very long lines (664), with no line terminators
Size:   485
Md5:    56b33a3ea54190343c25b2eb45f96702
Sha1:   998683e2e836c7a26f528192816923748bf1ff52
Sha256: 5f7e3aef7ae5dd12f4024af41a6e1f357650b8651bda02105c1ccfde9d41a4ca
                                        
                                            GET /WWlhKQW05NyQnUi4xLnxUaWh7c1x8MjkuAyplBnleMigYLgoVLGw1Fz5lemcBOzYtfEs/Nil8XHw5LiNQbn4+MQIxZS81HjE/JSQAKTFsNAxnNSU7BDY0K2RfHG1kcUhoaGI5XGt9eQNIaGgmKAMvIG9zXSJgfB5bbn15A0hoaDg3SGkZc3dDanFvc109PS-kqAn9qDHNda2h6cF1rfXhxCzMqLycCIn14B1RsdnpnGGdp HTTP/1.1 
Host: d2fbvay81k4ji3.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hatsheisaco.xyz/

                                         
                                         143.204.42.51
HTTP/1.1 200 OK
                                        
Content-Length: 468
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 91_3sh-xEBsFshC54DLeVOQy2IimKpJlT5UEYhjw3eKystj84O2NmA==


--- Additional Info ---
Magic:  ASCII text, with very long lines (658), with no line terminators
Size:   468
Md5:    52bb0781ce61246d796a5a0442e6caf4
Sha1:   2cf9b1a40099da64d7cab5ca8227314d36957961
Sha256: 0068d770f1b447fa4ee835047d77e9f8112ca9bb1bc793271054dbef00fb0f8d
                                        
                                            GET /jaGF5djYLDhcQCRwIHUsPW1BNQwdOCwoZWBhcDS8DMDdAHQ4BDRs3Agc2LlBCEgVERhAEABcRC04EFxULWUcYElRVVV8DV1UMFgxfBA0YUwQuVFdGE1pRUQ4HWURKNBNaURUfWB0ZXEQGEFlPKQBcREo0E1pRCwATWyBAQBhYSFxEBg8EGh1ZTVM/RAZZUU-lHBllES0ZQARMcEFkQREswD15PSVBDVVA HTTP/1.1 
Host: d2fbvay81k4ji3.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hatsheisaco.xyz/

                                         
                                         143.204.42.51
HTTP/1.1 200 OK
                                        
Content-Length: 192
Connection: keep-alive
Date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cSakAQ9LIKgO9GQZYCJCvLWi9TsH-EojkkvKOKMfsXD1v6l-XP0apQ==


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   192
Md5:    b8fab00ffd33fed914290bf766a45392
Sha1:   f20d2fabb82c7f68ab88a07235a587b9a3a73c6b
Sha256: 3ddee60cc12a473e137a7a36490a87cfaccc71f2110db0d5c65fa9491d6f656f
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:10:43 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-419373102%3A1664352643648320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWohkyX8ef8uAszkOXOXmWUEmvpU-_22itfq9IGEKCFvYxkgmIymioftDUBWLzbz5Q0qN-Pgsw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-8VJBTBbIaIo9SgpgO2mB6g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:pGgmtitzFrIz6S42bI_haA2F2gp8bQ:Ju0UmXiGjY5ONQWe;Path=/;Expires=Fri, 27-Sep-2024 08:10:43 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size:   391
Md5:    e4891f2cce10c805e1a1e799edb30471
Sha1:   5f9e64bc3e187515f827568b7e2644bb5eaea515
Sha256: 18f5f30cbd0c85d66a2a6d25541cff04d6b03081f3f677b5772c24745dea2652
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:10:43 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1410019516%3A1664352643662481&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpznJoip-1S4onwcsvV_8E5DY6mf_jpEGwcEhIKUfI-p6WWt596i2ShwYb8CQvs9QVO9dTD-A
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-k7bkiHGHcdxc5SdoTq9AEQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:l8SbnjDtozTzglKaYL48APKuD9fYOQ:fFMbJWAtRXHurctv;Path=/;Expires=Fri, 27-Sep-2024 08:10:43 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size:   394
Md5:    622de940da72b812678c48717a2b3d3a
Sha1:   f393e280d71f0d016d9212a495806f50f9fc1ba0
Sha256: f763675a9d79a3bc7be35ba81f899bfb8ec2eb895666a64a2c40ab9dee30238a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 08:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6223
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 08:10:43 GMT
Last-Modified: Wed, 28 Sep 2022 06:27:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1582
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 08:10:43 GMT
Last-Modified: Wed, 28 Sep 2022 07:44:21 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /popunder.gif HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/

                                         
                                         172.67.140.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 28 Sep 2022 08:10:43 GMT
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 135613
Last-Modified: Mon, 26 Sep 2022 18:30:30 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgj77m5R87Nf1WCZX%2F0eWNGR7a4rp2tn1Qv2pB16exGB8xs0Po5K7y58%2FVB1u4Pt6UeL5lwcF3KeAeydwj%2BhRIyKLrMwEZtrzd%2FM1NAwQ4qTmC%2B9LL6CHYkfRtBpYkXdy9CP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751b0117fe54fabc-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   58
Md5:    79c15b369d32d2f0f17c116f541b6df3
Sha1:   3039289d4d1f5bc7385a81621deb2614423b769b
Sha256: e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.199.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6679
last-modified: Wed, 28 Sep 2022 06:19:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2N6ewjQqnuAvw%2FbYcP0GtWa9GNKAwuxN6MXZ5Q3wHIqYK%2FLjl6H9bGV7wsgBlfyq9OJPCqg%2F%2Bc5OfOlqO6fkD7FcQd%2Bq9fpNW9URpSGXwCoWMPHZZOSywJY1siXS30C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b01153f677320-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102400
Md5:    4c6426ac7ef186464ecbb0d81cbfcb1e
Sha1:   5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
Sha256: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12834
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12834
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12834
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12834
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12834
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:10:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: t_uz9vKifWkMj014gCS83STU-fnM39a49_LB5By3j9NqLpqfl8tKSA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:38 GMT
age: 36787
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7359
Md5:    46dc8f1499f4de5f03bd87a68c3c6c7b
Sha1:   0cd28a243f9704140ccb9eb1415a77fcccc7cf87
Sha256: 3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 35525
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TEv_Z7_1FsPBC2ugxBvTbts1ubHFeZjRhrSFAGt2liOt-Z5GQhmu-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:53 GMT
age: 34912
etag: "2afdfb716192540a61327137706462c53588bf23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c301dff6ddda16fd64692c19173cfa8c
Sha1:   2afdfb716192540a61327137706462c53588bf23
Sha256: fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 37307
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 37485
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 35350
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5944
Md5:    1fa8cb4f4be5057788cd1a2a4d0e76d6
Sha1:   1aec1d67a36867bee8069a144fb1b0d95ff2cb54
Sha256: 5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.199.35
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 28 Sep 2022 08:10:43 GMT
set-cookie: csu=1394028977583255@1@1664352643; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAnpR4uoXaAv97KSKX3U1XMKFEAk7RqIskQA6HN%2F2A4QwvEpfzOl%2FJ%2Bekhx%2FCeegbWtmUCupfC%2FGE61GroKz8RH5Nb2Kt3ogf2iT8N%2Fy%2BXocXXiUHa2pPBIb9ZIMSUTs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b01153f6b7320-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S-419373102%3A1664352643648320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWohkyX8ef8uAszkOXOXmWUEmvpU-_22itfq9IGEKCFvYxkgmIymioftDUBWLzbz5Q0qN-Pgsw HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:10:43 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-qYMTt1MtKFglMiyTnXPIxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=sKO7kHCuLk2HsVmrFY4qqAoICP5tB7DY0Szl-yoN94Gxv-yPGGxF8buIGKEq5gxmstW0EH32dSwsB9XXxDG2W8UO5cPYkzglRcjTThxopicak9UNNHrurZwkhp3yijA0s9krVNdRZbzUbJX-Y9ST4IjPKn0aAx05DZ1_wNDSwGg; expires=Thu, 30-Mar-2023 08:10:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: 7X0zQNA322rGPNhh/d+h/ictfGL0C70M5iQnxbJomR9DDYu4mggUAU0nn6dzlvcXoWGuSgh5f/kI+q6H+O55PQ==
date: Wed, 28 Sep 2022 08:10:43 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---