Overview

URLcdn-120.bayfiles.com/d8bf7amcy0/5d526640-1663584892/idm.6.41.02.silent.kuyhaa.zip
IP 195.96.151.72 (Sweden)
ASN#41634 Svea Hosting AB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 16:50:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 108.156.28.51
bayfiles.com (20) 376602 2012-05-24 16:09:40 UTC 2022-09-23 15:30:10 UTC 45.154.253.151
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.89.20.60
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-23 12:37:00 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
djv99sxoqpv11.cloudfront.net (4) 0 2021-04-11 23:26:30 UTC 2022-09-23 14:28:17 UTC 18.165.196.223 Unknown ranking
ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:33:33 UTC 142.250.74.3
pogothere.xyz (3) 0 2022-09-04 19:11:25 UTC 2022-09-23 10:35:19 UTC 172.64.133.29 Unknown ranking
accounts.google.com (4) 81 2016-09-05 09:39:47 UTC 2022-09-23 08:18:48 UTC 216.58.207.237
cdn-120.bayfiles.com (2) 0 2020-07-17 11:23:22 UTC 2022-09-20 15:28:24 UTC 195.96.151.72 Domain (bayfiles.com) ranked at: 376602
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-23 13:41:12 UTC 93.184.220.29
fanyorgagetn.buzz (3) 0 2022-09-18 06:33:47 UTC 2022-09-23 13:37:45 UTC 104.21.49.6 Unknown ranking
www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-23 04:33:34 UTC 157.240.200.35
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 07:14:46 UTC 18.164.68.21
vjs.zencdn.net (2) 4968 2012-05-21 08:26:59 UTC 2022-09-23 05:43:17 UTC 151.101.86.217
e1.o.lencr.org (9) 6159 2021-08-20 07:36:30 UTC 2022-09-23 06:01:42 UTC 23.36.76.226
wasquite.buzz (3) 0 2022-09-19 08:20:59 UTC 2022-09-19 08:22:24 UTC 172.64.131.3 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 djv99sxoqpv11.cloudfront.net/jeWR2WXkaCxg/Rg0NEmROTFJFbk9fDgU2FwlZJgsuLlU0M (...) Malware
2022-09-23 2 djv99sxoqpv11.cloudfront.net/eYmNzclgBDB0UZxYKF09vUVRAQW1ECQAdNhJeChEtFiARI (...) Malware
2022-09-23 2 djv99sxoqpv11.cloudfront.net/aNFowdVlXNV4TZkAzVEhuB20DRmoSMEMaN0RnSEUuUz17B (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.96.151.72
Date UQ / IDS / BL URL IP
2023-02-04 00:52:29 +0000 0 - 2 - 11 cdn-120.filechan.org/1482K6J0y7/7102e672-1669 (...) 195.96.151.72
2023-01-30 20:06:00 +0000 0 - 0 - 4 cdn-120.anonfiles.com/EeIeNfP2y4/17afe705-167 (...) 195.96.151.72
2023-01-30 20:03:29 +0000 0 - 0 - 2 cdn-120.anonfiles.com/3aL397R6y6/6e2adb2b-167 (...) 195.96.151.72
2023-01-30 19:55:15 +0000 0 - 0 - 4 cdn-120.anonfiles.com/3aL397R6y6/6e2adb2b-167 (...) 195.96.151.72
2023-01-30 15:18:42 +0000 0 - 0 - 4 cdn-120.anonfiles.com/j6mcW8Jey8/4ae24e56-167 (...) 195.96.151.72


Last 5 reports on ASN: Svea Hosting AB
Date UQ / IDS / BL URL IP
2023-02-04 20:00:56 +0000 0 - 0 - 2 cdn-141.anonfiles.com/95b9q157xe/1bcc6295-167 (...) 195.96.151.34
2023-02-04 20:00:46 +0000 0 - 0 - 2 cdn-141.anonfiles.com/95b9q157xe/1bcc6295-167 (...) 195.96.151.34
2023-02-04 19:57:32 +0000 0 - 0 - 2 cdn-101.anonfiles.com/Fen7mfV0y6/0a70b034-167 (...) 195.96.151.47
2023-02-04 19:57:23 +0000 0 - 0 - 2 cdn-117.anonfiles.com/P3qed7Vby0/c956dd2d-167 (...) 195.96.151.69
2023-02-04 19:57:19 +0000 0 - 0 - 2 cdn-153.anonfiles.com/n6AeV9w9y8/4e02c3ec-167 (...) 195.96.151.46


Last 5 reports on domain: bayfiles.com
Date UQ / IDS / BL URL IP
2023-02-04 19:55:46 +0000 0 - 0 - 16 cdn-129.bayfiles.com/5c7cq4E1x8/97169212-1675 (...) 195.96.151.84
2023-02-03 21:36:26 +0000 0 - 0 - 16 bayfiles.com/D0A2E5J2xc 45.154.253.151
2023-01-30 19:30:43 +0000 0 - 0 - 19 cdn-111.bayfiles.com/12xey6i2y0/90f5bdfd-1675 (...) 195.96.151.60
2023-01-30 19:30:40 +0000 0 - 0 - 16 cdn-111.bayfiles.com/12xey6i2y0/90f5bdfd-1675 (...) 195.96.151.60
2023-01-29 21:15:49 +0000 0 - 0 - 17 cdn-141.bayfiles.com/mdo3ddcbyf/b71526df-1675 (...) 195.96.151.34


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-30 19:30:43 +0000 0 - 0 - 19 cdn-111.bayfiles.com/12xey6i2y0/90f5bdfd-1675 (...) 195.96.151.60
2023-01-30 19:30:40 +0000 0 - 0 - 16 cdn-111.bayfiles.com/12xey6i2y0/90f5bdfd-1675 (...) 195.96.151.60
2023-01-29 13:15:46 +0000 0 - 0 - 17 cdn-104.bayfiles.com/n3ydy7icy6/3115e423-1674 (...) 195.96.151.53
2023-01-29 13:15:30 +0000 0 - 0 - 16 cdn-104.bayfiles.com/n3ydy7icy6/3115e423-1674 (...) 195.96.151.53
2023-01-15 00:32:20 +0000 0 - 4 - 0 cdn-128.bayfiles.com/nec3g3jeyf/b33c3956-1672 (...) 195.96.151.83

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (73)


Request Response
                                        
                                            GET /d8bf7amcy0/5d526640-1663584892/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1 
Host: cdn-120.bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.96.151.72
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Content-Length: 162
Connection: close
Location: https://cdn-120.bayfiles.com/d8bf7amcy0/5d526640-1663584892/idm.6.41.02.silent.kuyhaa.zip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7779
Expires: Fri, 23 Sep 2022 18:59:39 GMT
Date: Fri, 23 Sep 2022 16:50:00 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.164.68.21
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 16:05:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 49e8093d0b1ec293275e8b264631ad18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: DSFkAPg5VGi0VNNeNnpkSc6y6-Qf-_aOC6xc2UhUKrks0Eb0Mo8e9w==
Age: 2691


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         108.156.28.51
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9e93510e33ab69af0de2f41455fbb80.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: VJEtGjQL8PS5vsaKQP9RrKu1HIS00MLqNTDHIZroVMPAiIVeeKNl5Q==
age: 45418
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 16:50:00 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /d8bf7amcy0/5d526640-1663584892/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1 
Host: cdn-120.bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         195.96.151.72
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Transfer-Encoding: chunked
Connection: close
Location: https://bayfiles.com/d8bf7amcy0
X-Cache-Host: filecache-01
X-Cache-Disk: nvme-01
Accept-Ranges: bytes

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E635CDF4A6DF3842BCCCBA0FAE52A1A37ADE82F961D0D229112623386B42A85D"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19525
Expires: Fri, 23 Sep 2022 22:15:25 GMT
Date: Fri, 23 Sep 2022 16:50:00 GMT
Connection: keep-alive

                                        
                                            GET /d8bf7amcy0 HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.154.253.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 18
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   2267
Md5:    1a8d12080421f9ce1d1117bb997ff0aa
Sha1:   9547423466391b331fbc7d060294ed9031bac4ca
Sha256: 5abfd7107bb788926f7c2a9858e813148aaa4f5871318f6f4fab20f9f513c14c
                                        
                                            GET /css/bayfiles.css?1661352192 HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 841
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65452)
Size:   25354
Md5:    896df88019eabed295bc78a2f053ab92
Sha1:   1bca351d99600fb10583eb28c638dd58482535a0
Sha256: b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0
                                        
                                            GET /7.3.0/video-js.min.css HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Fri, 23 Sep 2022 16:50:00 GMT
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 2342
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35998), with no line terminators
Size:   9673
Md5:    3397ce943db8add2728dccd9a3b8b8bc
Sha1:   a57bbb7546a458fe57d72d06baab950125260cc9
Sha256: 5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
                                        
                                            GET /sw.js HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 11549
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (39060), with no line terminators
Size:   14388
Md5:    fefdeff3180d9772f08a2cadce9a55b0
Sha1:   5610f0290b7f4c81c57a65703825fc2830aeac96
Sha256: 0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
                                        
                                            GET /js/app.js?1661352192 HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 441
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (63238)
Size:   57886
Md5:    ba67ff13fd07739a7037fbc27b2a1955
Sha1:   3e253f69b2f12659c541de122c6bce0ed82ba369
Sha256: 1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
                                        
                                            GET /img/flags/24/se.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1779
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   581
Md5:    c9b1e40987c4411b4a7d13c07a8843aa
Sha1:   cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
Sha256: 8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
                                        
                                            GET /img/flags/24/br.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1319
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1115
Md5:    6a5938d2e7f7d6f4026d6eb1b4b4f2cd
Sha1:   7a038177fe4deec455d61d3e9c90019fa4727d40
Sha256: 0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
                                        
                                            GET /img/flags/24/ru.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1287
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   403
Md5:    d8df89b036e6afb48f72d2440831bad0
Sha1:   04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
Sha256: 2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
                                        
                                            GET /img/flags/24/es.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1211
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   666
Md5:    5fa381a8eb16d9e673d32980e7fd1710
Sha1:   fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
Sha256: 7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.164.68.21
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 16:33:00 GMT
Expires: Fri, 23 Sep 2022 17:25:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e07eaca13d23fcce8009fc507befcefa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: JEjf8hl9PuAIIplAfleBNtkX_LqASVjopVQHevgUZ0oOKFdWGXClwg==
Age: 1021


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/flags/24/jp.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1446
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   599
Md5:    857f6f0e0886a3729b758b7241e42e61
Sha1:   a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
Sha256: 8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
                                        
                                            GET /img/flags/24/in.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1218
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   593
Md5:    ccaf96cfc341dc9a17e24b96bef223ff
Sha1:   8791d6db6628e0fb21b847ab94484f0c615e38ac
Sha256: 728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6552
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:50:01 GMT
Last-Modified: Fri, 23 Sep 2022 15:00:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/flags/24/fi.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1242
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   456
Md5:    0ea9115d18d5210d4f1db520881faa3a
Sha1:   09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
Sha256: 544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
                                        
                                            GET /img/flags/24/kr.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 829
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   988
Md5:    cb22f00511d088a71e84f8c1c864caed
Sha1:   6599812ed106bda6017487287e12bc836570649f
Sha256: 09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
                                        
                                            GET /img/flags/24/fr.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1791
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   536
Md5:    e81efecf1a1b1d3a17d00a904c5cc3c9
Sha1:   1203894dbfc8363302dc709d852c05a4dd8bf9dc
Sha256: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
                                        
                                            GET /img/flags/24/no.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1814
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   611
Md5:    f14ac70aa6dd4d371671c0e6d7cba4e3
Sha1:   1139e3acd6e073bffb59157cbc10af72ed757218
Sha256: 9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
                                        
                                            GET /?xsvjd=737333 HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.165.196.223
HTTP/2 200 OK
                                        
content-length: 98008
date: Fri, 23 Sep 2022 16:50:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: dzQZ_68p1YUfci4vbj_Fphh2b6Wm-Y-15F2Uv04rvrsZO3ac8PA-Bg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   98008
Md5:    35a05a2628a9df3340fe0c30acdf8be0
Sha1:   a354a8aea7ab4861f5cbc492c9720c70c73a0945
Sha256: e162c48536c7bea9d32d83062112a75a976acc4d97d8fb04f43b65058da6a0ac
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WpW3WAMcp0m30x4Q9i800A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.20.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Yh0WwmTB9PP6yEtJoy2wmzp+Go4=

                                        
                                            GET /img/flags/24/us.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1796
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   656
Md5:    ae506a6c014bfeb8d8cbfdfbe94c14c9
Sha1:   f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
Sha256: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
                                        
                                            GET /img/flags/24/de.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1030
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   483
Md5:    9f8cc07c258bcd2de0c7900861e20ffc
Sha1:   fed97219e44693d4f3918fc4037b325732225d81
Sha256: 07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B35E8227F7C520DA49E4458B570B02F63667543FCBA03C682738431EEC08D7E"
Last-Modified: Fri, 23 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4291
Expires: Fri, 23 Sep 2022 18:01:32 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            GET /img/flags/24/dk.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1563
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   537
Md5:    b6ebe55a7d176720cd2b1003298187a8
Sha1:   930858408b9af1f79c430bbe15c185db555a7815
Sha256: 07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B35E8227F7C520DA49E4458B570B02F63667543FCBA03C682738431EEC08D7E"
Last-Modified: Fri, 23 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4291
Expires: Fri, 23 Sep 2022 18:01:32 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B35E8227F7C520DA49E4458B570B02F63667543FCBA03C682738431EEC08D7E"
Last-Modified: Fri, 23 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4291
Expires: Fri, 23 Sep 2022 18:01:32 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "FDE7177B10AE85162F9ABBFE9E78B9C66C11E03AA0B7149D8E82B8E0D08A1FB8"
Last-Modified: Fri, 23 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4004
Expires: Fri, 23 Sep 2022 17:56:45 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "FDE7177B10AE85162F9ABBFE9E78B9C66C11E03AA0B7149D8E82B8E0D08A1FB8"
Last-Modified: Fri, 23 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4004
Expires: Fri, 23 Sep 2022 17:56:45 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            GET /img/flags/24/pl.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1726
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   347
Md5:    baf3aff7caef0be58f29b41f20a0e4db
Sha1:   11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
Sha256: 0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
                                        
                                            GET /N3BUUVcYTzcialQoBSszWzoSACB9IA4EEXIxEQc+ZSUdGgYFH3IlPlNNY2JgBENndydeFGlgcUQENSUiRE1ldz5ZFjtscUFNZX9kA15maXkGViFsZhEEJDAwCkFyISNDHGlgYQFDbWRmD0BkZmQF HTTP/1.1 
Host: fanyorgagetn.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.49.6
HTTP/2 204 No Content
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfisWLzl5vpBUQMO9iYGghR9MHKMWAb1WhubPTSOw9aQbg7UimU2mRBXew52tr1q6fmFXs0Mc9efi9VIunxxXI9zOHdCN9LQYlkRU9BcNM0OkikBBDYvSzcN1HWIUP6a%2F9lGUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e86e1eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /dWdPaGNaWCwbXhQwCQECMDErPVIvBSwuDyYxGSpaIjEJOzQ9JmkcChFaeF1VRlB5ThMcA3JaWlMUOwkXABRyWUUcCSkHXlMRcllNRUl6UU1EQTpVUlMTPwkESFZpGBcBC3JZVUNUdl1STVd/X1dM HTTP/1.1 
Host: fanyorgagetn.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.49.6
HTTP/2 204 No Content
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrzHsd%2Bur9daYERBItajgxUQcDYTeallGXOCXtz%2F6%2BlEVSayI%2FLs2vUJRqOrZ0JXvF93LVR%2Bih%2Bhx6kZe33%2FSlE6tot11QayAasCFOlM9SNFmkUqn0e9wzncG4MT4q5fP0zLPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e89e34b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /RVllY3VqZgYQSAtpHVEgAAwjBkULMQYEM2BrIzdHLSAhDQUDOC0yUzEwAV5Cdm5WUEBjKQwHSHRhQxABJC0QEEh0fwwNEypkQxVIdHdVTURrakMWSHR/ERMUImRURQUxLQleRHNvVlpAdGFVU0JzaA HTTP/1.1 
Host: fanyorgagetn.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.49.6
HTTP/2 204 No Content
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmNaV7%2Bl0BXtgXnQSa5AOPGGxdxeSlTaFWFZkpIQsE9W3c3Ret%2FkQpm%2FQQTZYAISMD0VgMt5%2FmGkOe7onlugRxZfhTrs0N0qlpWg3dE5QDHs6tG65xj1XfTRuqoinCiRv5IzQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e88e31b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B35E8227F7C520DA49E4458B570B02F63667543FCBA03C682738431EEC08D7E"
Last-Modified: Fri, 23 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4291
Expires: Fri, 23 Sep 2022 18:01:32 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            GET /SkhBVEsrKiI5dCt1I3I+OCR8cXkMbXMSLyA+eG04MicwJD17eW83JyU9JTI5JSY1eiUvPGRmDSAtFgZ5HRAqNQgyL2RmDRgvcRoOJxoOAA0ADiM/ciwMJgF5DD8tDgEtOzQYJx94DAUKGgY2HSkCeDUXCiMFJQYNGBkPBiwSCXEgbngOCRYoAhtzPC0NCQABEQ95JxEKE3oEPxoCDAVkGgkwDDcHCC8WBSwHfBMWGgYMBRUdDBkXACowcQwHIBBwEmQnBwwsPAISDiJkLQ88CxcJcnsFFQ0IGgY/CRseCCQpenkiAjEYcBJkIB0JCSwABQ5wFS96JBAFHmcaMRwjPQAJABEpGzgeDisdKR4dDywxBw0yHxM+cxsLNhEaBC8HNx0gCiYAei4dFBczDxsAciE5Jy8kdhoaFgN6CCA4Ihg+Cidm HTTP/1.1 
Host: wasquite.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.64.131.3
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
content-length: 1178
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Kv0Ou19xgA2LmSB0UJV6oDC3Y0LO62JbYYxufFMoCGuoMWAMff0cA%2Bl4mNyD%2BdN6CuJGD0qXB3xTb9Y%2Bb5cnptPCcxs0P2GG1bMXjUNJWVyth8d14inH%2Bmsu15Zo1F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e899d27691-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Size:   1178
Md5:    3864da367b7497d36968b17a491c4420
Sha1:   963bb079b61355a344f60290c1a771d74f6f0e14
Sha256: 330cffeb2d949c0593d676499b5208799963fde4ec6cc11f4e98c4fa49b17a43
                                        
                                            GET /VVFuZkg0Mw0LdzRsDEA9Jz1TQ3oTdFwgLD8nV187LT4fFj5kYEAFJDokCgA6Oj8aSCYwJUtUDjAIAygyNj0JJAwXYTs8MAwaKFZxIwQ4NAkEBl8jCwQQCiggHzQtDg0hFwcnGhw7Xh4FAD4sACAMCyhWcToDL14bHRVXABoHCA0peWwCODQFbRAoUwADEl4iED1lCi8vJgEmHgZsBC0wDw0WBi4dAB8PLw4bAjgNDTQDXyAMHTsrKw4yJTYHJBwzPVYZHQcoAh8EAx4uHQAcLyojMQAjDTwgBSgoKQNjHjUKFwg8Kz9kFj8yGiQEAiwMBDwCNR05fDQnKRQAJScaNnRcJAwHJTk3CmAzODB5FjcGAi0ENkgMOzo/HlsxNiQaJSoFND00cSY HTTP/1.1 
Host: wasquite.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.131.3
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
content-length: 1154
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Blk2Qe2%2Ba6U6JCol%2BaPwzL8XY4odw%2FiaWZ8IxClNw%2FlSFXODlmBjedKsMfzgaozalofgB8HSJgp5%2B%2FD1r%2FDhYx3DgD2R4UXqkMM6d9ptfXqVM8CEkdNBl1vjOlYAHoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e899d77691-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2996), with no line terminators
Size:   1154
Md5:    9b4af96f0ece717b3ec49ca9758b22a2
Sha1:   6e8e19aa7644b4a07e9f2745502c23332dfde1de
Sha256: 4b66f9c0af60ec1026cd9531ec17627b40e63511b12cfd72f67de5649373ab5c
                                        
                                            GET /aWs5SVoICVokZQhWW28vGwcEbGgvTgsPPgMdAHApEQRIOSxYWhcqNgYeXS8oBgVNZzQMHxx7HAglfyYtDT1VERQ/X20TMSgRbwwyHCkLeR47BlYaFywmWAdqOwVqDA8cPkN4bSs5DQseITp6AB0gPX8uHwM+fiobPBFvHxQvD3AvayxbbHkyBi5TPQ8vWWgIPCw6fwc2UAVsPmJQM2ohEiESQR8UOzJ4BhsCWGE+Yh48fRMIPCxNMDgRXn8vGzMafghrBilhcR4nWE4OOwUcWgdqLAJ/HD4ZP34AHSIGAQg8HiYKLxszGmguFFEpQToQOFhaDDkRRm8BOz8mHHscPBMNex8+AwsbaAItWC4YLApoH39bLXgiD0xZfxEJAT18MwAkDU4AIDAqc3kbLyZKCg0aTVM6NQcbBDFqHgxeAiouXm8NLRA9dg HTTP/1.1 
Host: wasquite.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.64.131.3
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
content-length: 1179
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BMK4mNeOLdGL%2BmjbFf2OcY8J6xvMTwRXzc5W%2BddM8NHJOgfeRFCq49iq8S9KYUk34sInsUyNiAOnZ1ScZQxkIaT2iSaADOr53s2Mv66ZfHSUpjqVcrLY3CHtdTTsJKB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6e8a9e37691-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Size:   1179
Md5:    f87bcdfd1f3c5b89b9c2f7af33e7d127
Sha1:   eb2b3a1ec072f7f25b00df66dfd1e09cc19799bb
Sha256: ebbce744fccb4fbbe051722eef7ae74039cd7901f4d8474ed1f539198de2c445
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "FDE7177B10AE85162F9ABBFE9E78B9C66C11E03AA0B7149D8E82B8E0D08A1FB8"
Last-Modified: Fri, 23 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4004
Expires: Fri, 23 Sep 2022 17:56:45 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            GET /img/favicon/favicon-32x32-bayfiles.png?1597323478 HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 739
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1368
Md5:    9549584e9288a5dd9d163daa26a6f34d
Sha1:   0c7a71967bd4570770aa9b1043a1d82cd8969252
Sha256: d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4835
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:50:01 GMT
Last-Modified: Fri, 23 Sep 2022 15:29:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "7C46F9B275800061A663CEA8D259540190E80C1075E2CE61FB54B10958F8FA4A"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7784
Expires: Fri, 23 Sep 2022 18:59:45 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "7C46F9B275800061A663CEA8D259540190E80C1075E2CE61FB54B10958F8FA4A"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7784
Expires: Fri, 23 Sep 2022 18:59:45 GMT
Date: Fri, 23 Sep 2022 16:50:01 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.133.29
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 23 Sep 2022 16:50:01 GMT
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1150
last-modified: Fri, 23 Sep 2022 16:30:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uID9mLzRFa%2FOFJx3X8MpVCMW4Z2YD8Au%2BByOeMlnBy0PDObD1dKL%2BCIWkgLbXvL9o2cbxyFyN0U%2FnZsL5iTIgmVWd3vN3k3S8Q7MONqXnm41TveBqi2ppjdlpDaKlG8h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f4c6ea686571bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102744
Md5:    f3d952d08933e59cbeffa273426aa259
Sha1:   54a7410e95f47b33e0dd0cced2fd9cd8f1517ee3
Sha256: 2283305880152adeade262d7d7c4caac7542da36040abc1e549808e67cbda3ca
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 16:50:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S957121861%3A1663951802040242&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqks3teWhYNDBHqu5W5tRonL1wLBmDNgMmo8LWNxcB_xlOnAkbfNo34mO1WEczLG4uPY5rZ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ox4zHC7Akj2oc_NnfHaLyw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:kzoQj15idoPmS0fD7vDbdrvwpGIAsg:bHiIMwN7KyxKRZ6I;Path=/;Expires=Sun, 22-Sep-2024 16:50:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size:   394
Md5:    0e852f5e43445d923fa4ea56b3986bed
Sha1:   b8bf72c9409e27eb8022cbc8d83d622b03479579
Sha256: 021a94097643f706457461d5e0261e4ad907897c644dd507515bf00b7b9ad61f
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 16:50:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-804798758%3A1663951802052428&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqfflR5wpeEIzuo4Yv-JROZIuUtGU9FejnIstKoQQxeSslChimngVYr_Ey_KHKJy1cqRan3
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-R40ewp0_eiVWtLOQcwT_6Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:BUFwf9OAuomcf1Sf0oT9tik9beuRiA:EWAYWxmsPjMgLDrp;Path=/;Expires=Sun, 22-Sep-2024 16:50:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Size:   392
Md5:    3391a090ce436e08b9f5e0fee6830a15
Sha1:   aaf6c52447ffa2286aefb5be93d38c1d67bbbdba
Sha256: b8b75614ee8155d57c6622bf3e9b4d82a64b710cf33a0c15cb69956693f0d2e2
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.133.29
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 23 Sep 2022 16:50:02 GMT
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1150
last-modified: Fri, 23 Sep 2022 16:30:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYMoxakTjnB%2BbVLgh%2FPJztbOE43qCVyID%2FfMe8YRuwB0zBXGLq6R0ST5BdK8jn84A0JsSyEoHtd%2BdtN7rjBUCBX0KxUDKzsfhXbQfNuZWtSzC42x8j06qIdH1qG1999K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f4c6ea686971bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102871
Md5:    93fd4a5ada2169606a9f05fb0c940bd7
Sha1:   505a6b30f006a11b66d3525022279db7ac0897d9
Sha256: 44c6e21e0f2b9e042e92a0a8147f7ae729f10c0fd47d5aaf7eed8074841cceeb
                                        
                                            GET /jeWR2WXkaCxg/Rg0NEmROTFJFbk9fDgU2FwlZJgsuLlU0MQAPNwIbH0tCAiMdRFRQNRgXA0t/HBcHS2hfGAAUZE1fEAY2EkQHDD0QCxMcLBgWQgM4RBQLDDAVFQVTaz9MSkZ8S0lMDmhIXFc0fEtJCB83DAFBRGkBQVIpb01cVzR8S0kWAHxKOF1Ad0lQQU-RpHhwHHTZcSyJEaUhJVEdpSFxWRj8QCwEQNgFcVjBgT1dUUCxESA HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wasquite.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.165.196.223
HTTP/2 200 OK
                                        
content-length: 454
date: Fri, 23 Sep 2022 16:50:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: ehpLptNOf6qle95BDCZPudZlMP7rOgoFd3aoEKi7hxAQsn5qy_s7bA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RAGE Package Format (RPF),\012- , ASCII text, with very long lines (594), with no line terminators
Size:   454
Md5:    fc7c7f3a1929e75e8d6eec0ddb41fd5b
Sha1:   7382eb248d242b72b1fc43449b673ba9ea4d1eed
Sha256: 60d43d241a075c44b9e438c5a283409d8156c79e974083fca472fd14266e14ca

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /eYmNzclgBDB0UZxYKF09vUVRAQW1ECQAdNhJeChEtFiARIj0xMUoBfhYZF09oRA8SHD9fRRYcO19SVRM8AF5HVC0DXh4dIgsPHxN9UCVGXGhHUUNaIFNSVkEaR1FDHjEMFgtXalIbS0QHVFdWQRpHUUMALkdQMktuTFNaV2pSBBYRMw1GQTRqUlJDQmlSUl-ZAaAQKARc+DRtWQB5bVV1CfhdeQg HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wasquite.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.165.196.223
HTTP/2 200 OK
                                        
content-length: 187
date: Fri, 23 Sep 2022 16:50:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: G50pP7X8SnYMnry2-mcYqypd50kHsCZFzYhQsbGj1rgvu9wNk2griQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   187
Md5:    96d54dc862f997c32e5e31bfbfbfdc41
Sha1:   8a09b01e80b86bb916fbc3c910ac7096dc736b0c
Sha256: 3ba4f480d02ae227ca9e5fdb969f613db028f9df070c35daab5cb0c2b7390b93

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /aNFowdVlXNV4TZkAzVEhuB20DRmoSMEMaN0RnSEUuUz17BR4BDHQCIGIVFgEjUGcAUzVVNFdIf1E0U0hoEjtUF2QAfEQFNl9nUw89XShHHyxVNRYAOAk3Xw8wWDZRUGtybx5FfAZqGA1oBX8DN3wGalwcN0EiFUdpTGIGKm8AfwM3fAZqQgN8BxsJQ3cEcx-VHaVM/Ux42EWh2R2kFagBEaQV/AkU/XShVEzZMfwIzYAJ0AFMsCWs HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wasquite.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.165.196.223
HTTP/2 200 OK
                                        
content-length: 553
date: Fri, 23 Sep 2022 16:50:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: 8OlmMGZ7_BQmSvWkXqHUXubZGam7rJp9tRpmYiHQvYBSuEgp-pALTg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (767), with no line terminators
Size:   553
Md5:    db8472109859f1f05a11d939443e6329
Sha1:   3314cc923fe62088d6daef2ecf5146d159944e48
Sha256: 0859d45e769c955f9d6d1f1d4c19ee791ca742a2e68ffe94ad91371437b4f369

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Fri, 23 Sep 2022 17:58:03 GMT
Date: Fri, 23 Sep 2022 16:50:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Fri, 23 Sep 2022 17:58:03 GMT
Date: Fri, 23 Sep 2022 16:50:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Fri, 23 Sep 2022 17:58:03 GMT
Date: Fri, 23 Sep 2022 16:50:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Fri, 23 Sep 2022 17:58:03 GMT
Date: Fri, 23 Sep 2022 16:50:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Fri, 23 Sep 2022 17:58:03 GMT
Date: Fri, 23 Sep 2022 16:50:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 68500
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 67354
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 67094
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14579
Md5:    f10a12719b387d176497669ba75f0acc
Sha1:   16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 67116
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6505
x-amzn-requestid: bc9cc556-8897-4484-ac07-f18e4f5250ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvrfiFl4oAMF_Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295930-7a627b7d7683919e41ca599b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNlx91pOuttpN-IrQs_g-PRI8C_NmZDKdnOpfayCJ719fa6FwnOIGg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 67091
etag: "265d3e98bcbf5f14f214102279a7911d6fd64048"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6505
Md5:    ff021fa15adb0d3a24158bc00cf0980a
Sha1:   265d3e98bcbf5f14f214102279a7911d6fd64048
Sha256: 211d709fb1851a62f856a78e3b115ef816f78ab9a28f870d48fa3d1912eac16a
                                        
                                            GET /static/logo.png HTTP/1.1 
Host: bayfiles.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:50:01 GMT
Content-Length: 38607
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 19:34:48 GMT
etag: "6324cfd8-96cf"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8497
Md5:    7606ff88f05062b66970d9805f38987a
Sha1:   d47db5fcd83023b4a8de40a47d4510e183de387a
Sha256: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.133.29
HTTP/2 200 OK
content-type: text/plain
                                        
date: Fri, 23 Sep 2022 16:50:02 GMT
set-cookie: csu=113152543292789@1@1663951802; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UnVsWKdB%2BiOIiVFSJW05UY%2BRZcDRyVTJFFIZbjUxD81vu5e74y%2BvQ7pRfT8%2Fyr1hWehD%2BXcCYJhQ3Dm79vILSH%2FcVgRgaoCQJ0SghJgg1IoDEI2ORK%2F5b9aNTDfx1Zu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4c6ea686a71bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S957121861%3A1663951802040242&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqks3teWhYNDBHqu5W5tRonL1wLBmDNgMmo8LWNxcB_xlOnAkbfNo34mO1WEczLG4uPY5rZ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 16:50:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-qVlqro7cgrm5aV34uIO2tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=V6HF7LImp6hI4Vv5GcN-6MwGXansJ3AIRNXb46nFLuE9gJJj2E3xefWdX9B7sCFp0v_rXql66cz2NccIN-PW0jHK_ChtVT3vOfZnaEDt5PjkdA9EV7m6FTmqu3KL57ZJR6MN0AZY6HNYFrVueKwGiDrOaQN4BD_n7NP5oY0RLl4; expires=Sat, 25-Mar-2023 16:50:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S-804798758%3A1663951802052428&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqfflR5wpeEIzuo4Yv-JROZIuUtGU9FejnIstKoQQxeSslChimngVYr_Ey_KHKJy1cqRan3 HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 16:50:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-cGlfo_rAESJpOcveXuBgYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=dHaqqOsimLxCf5dKd-WxdzkYenWjqumtOXLMYUPghhOQYDYse7HDvxDM8hlCaYEd-BZjZprCTxfj0kVeZNGBcVpjdF0HjRW3QOn4oxAdUShe3743xNHqEQjp3CyU88d4KW3QIQf58kD66uQb-KtLMZvHHpnxyuskFEZhyF91Rk4; expires=Sat, 25-Mar-2023 16:50:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /7.3.0/video.min.js HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Fri, 23 Sep 2022 16:50:00 GMT
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: waY7gq1JhsRjWgdQsk2VWz56oCYrD9UwXeM+qd0ucTN+hkv45yhLZ5wyFVUVWf7RFPy3qqn7ba+OyR7fLY4o4g==
date: Fri, 23 Sep 2022 16:50:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---