sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
89.249.49.147200 OK 12 kB URL HTTP/1.1 sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash b48af8e07124effd45a0a58da0d2af56
dc32e8c51b9cc75b5585bc4b4b21e2d797e4a13f
6f3d1df750e7106d966dd32967f7e524fded734adfbfdeb3b48a2fdcafc80c4f
GET /1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:56 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Strict-Transport-Security: max-age=0;includeSubDomains;
Expires: Wed, 23 Nov 2022 02:52:56 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html ; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3531
Expires: Thu, 24 Nov 2022 03:52:03 GMT
Date: Thu, 24 Nov 2022 02:53:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2670
Cache-Control: max-age=116554
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:12 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:15:46 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 02:17:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2159
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3413
Expires: Thu, 24 Nov 2022 03:50:05 GMT
Date: Thu, 24 Nov 2022 02:53:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NsNN5eHFIXLfUPbVHJk1qI+n9VIEZXkk/BJDAJF+rxqg7VoKQbtgH0B6QFhRkmRDgGid/XOAksQ=
x-amz-request-id: XX5AT7DB7Z7DSAVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 02:40:14 GMT
age: 778
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sakurafile.com/css/style.css
89.249.49.147200 OK 48 kB URL HTTP/1.1 sakurafile.com/css/style.css
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash ebf0d9b705a939be747e80fc5efb933e
e5e9b45ff5ef00ab97e7fb96bdec202cd144e3b7
d6196747f0e1d51259cd8f9b46749c27203bbfe0a453cc9a666ae479122d695f
GET /css/style.css HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "ba19-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 47641
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
sakurafile.com/js/jquery.cookie.js
89.249.49.147200 OK 4.0 kB URL HTTP/1.1 sakurafile.com/js/jquery.cookie.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (418)
Hash 1e16b14dcd3d882ec44ce1dfba605f33
b97d6de860c43539a1f4112fe1ab49a2f50e4688
38d424a116d57910c9d3233b1d6c0108287bd2c15f9784b0cab4f3f830913050
GET /js/jquery.cookie.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Accept-Ranges: bytes
Content-Length: 3989
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/js/paging.js
89.249.49.147200 OK 1.7 kB URL HTTP/1.1 sakurafile.com/js/paging.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document, ASCII text
Hash 43e50aa00ad654da80af8f7936afd4c6
fb5921b855cce329191077b7e93563029d703545
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
GET /js/paging.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "6ad-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 1709
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/js/jquery.paging.js
89.249.49.147200 OK 19 kB URL HTTP/1.1 sakurafile.com/js/jquery.paging.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
Hash d7a2c1c7af2a004a6d68e1e55b1cfb46
7fd6daa7076c30381880519ad06ef5639b19ee28
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
GET /js/jquery.paging.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "4ba5-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 19365
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 02:53:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sakurafile.com/js/jquery-1.9.1.min.js
89.249.49.147200 OK 93 kB URL HTTP/1.1 sakurafile.com/js/jquery-1.9.1.min.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /js/jquery-1.9.1.min.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "169d5-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/images/icon_yes_w.png
89.249.49.147200 OK 1.1 kB URL HTTP/1.1 sakurafile.com/images/icon_yes_w.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 53855d04580aedc7fd1e451411cc7013
950fff14513f96ddb27636c26bdddd16485a30ff
96691a470ea69f5f2b421a066045f0ae990867b0837d15666b304cdf68182f0d
GET /images/icon_yes_w.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "444-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1092
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
sakurafile.com/images/icon_no_w.png
89.249.49.147200 OK 1.1 kB URL HTTP/1.1 sakurafile.com/images/icon_no_w.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b0abdbb8af6b17a0679e21c942bbe13
9d438b099e679fec6b3dde696ddcfea106cd389d
97803f020d873288a2062aa9523b7fadfe40ada657480ce6f959e4ad21b9965d
GET /images/icon_no_w.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "477-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1143
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
sakurafile.com/images/icon_yes_g.png
89.249.49.147200 OK 1.1 kB URL HTTP/1.1 sakurafile.com/images/icon_yes_g.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 18e50440202016e2eb6319b82ac78e60
3d65a77c43f840ed4285d8ba37b24cfca1bf2afc
816be92d18a72a17107eb09979eafaffb4bfdf5e153dfebf7d02ed34a881c60f
GET /images/icon_yes_g.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "463-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1123
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
sakurafile.com/images/icon_no_g.png
89.249.49.147200 OK 1.2 kB URL HTTP/1.1 sakurafile.com/images/icon_no_g.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash c0cdb13a820322bfe0b6234f9a14a51d
4d84cde8ee4dec7aa3f3079b8c7a2660552cf51a
0a4d1fb78420332147b4bae4592ce9d65aa38f2c0e5de5b8d089028e1599d33c
GET /images/icon_no_g.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "4d8-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
sakurafile.com/images/homecur.cur
89.249.49.147200 OK 1.2 kB URL HTTP/1.1 sakurafile.com/images/homecur.cur
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type MS Windows cursor resource - 1 icon, 16x16, hotspot @0x0\012- data
Hash fcbb13cd43bdf87ad66570bdbf56dea9
5e36d2de4943189afd2e60e7d725f19df7add2c7
a93eee4314f9387b8c3b2c3e10a3b086fd2f8a0e704cc2b76f9495f71801ee4e
GET /images/homecur.cur HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "47e-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
sakurafile.com/images/logo.png
89.249.49.147404 Not Found 1.0 kB URL HTTP/1.1 sakurafile.com/images/logo.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d91136cb1ed8d2bd49eaaf77c893a383
06a4f366867d41b263be3e518c2e50f293606251
93853950068a3f7cf0c3a98f494f00d9aeebb7914858642ad12372f012abde92
GET /images/logo.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "3f0-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 1008
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
sakurafile.com/images/linebg.jpg
89.249.49.147200 OK 1.4 kB URL HTTP/1.1 sakurafile.com/images/linebg.jpg
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 215x2, components 3\012- data
Hash bee1d4cffbe4d4822da3bb47e492eda2
85b91213d6b32bb8e3627903b2b827c4f9dc8cdb
78f55d895106eb2248c48322b6acbefa8fc68c66d9d5fa2f41be27c25c9c9c15
GET /images/linebg.jpg HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "55d-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1373
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
sakurafile.com/1lmm9mqw4acn/favicon.ico
89.249.49.147200 OK 8.9 kB URL HTTP/1.1 sakurafile.com/1lmm9mqw4acn/favicon.ico
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 2c48ce51e695bba76ff5e226a5d096db
53a37cccaf78c33e6dfa08cde4b6d5cc643103b0
32edaf2ec223a7dcc82e95e4374e217340a303ec1500e18c2ecae1b0493f1d3d
GET /1lmm9mqw4acn/favicon.ico HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/1lmm9mqw4acn/Tensei_Slime_Manga_v18.zip
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Expires: Wed, 23 Nov 2022 02:52:57 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html ; charset=UTF-8
sakurafile.com/images/triangle.png
89.249.49.147200 OK 6.6 kB URL HTTP/1.1 sakurafile.com/images/triangle.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 241 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash d5d338ad79b7b604abe497e68b3df8ea
91998c945fa40471bf0bd1fe61a303fe9140a441
b79052980e65f93bd3b9d5529d20e47ee81e3026c9d2d3eba9e8f50a62566ce1
GET /images/triangle.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "1997-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 6551
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
sakurafile.com/images/flags.png
89.249.49.147200 OK 15 kB URL HTTP/1.1 sakurafile.com/images/flags.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7e0406e09ea913dc344ca9974ec94a
084fcf2d8e96661354a7e563f64801dfd13bead7
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
GET /images/flags.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:52:57 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "3b4c-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 15180
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash 2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 02:46:52 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 66454675
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:1516_2E69C9F0:0050_637EDC98_2245:115D3
x-iplb-instance: 42475
d2fbvay81k4ji3.cloudfront.net/?avbfd=930121
143.204.42.113200 OK 116 kB URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/?avbfd=930121
IP 143.204.42.113:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 116 kB (115592 bytes)
Hash 850b492f03012e6f47e4bc52d2aeb407
982bb995168c01baabad107e32f01df232113da0
945eb3022faf679293189165e27e15b6f8b4b24050e796572057ff5da560ae8b
GET /?avbfd=930121 HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
Content-Length: 115592
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:12 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bYgbdcGLS9Heyq1JOKK3IGA4K1EAYb9JyE2LvVC2K0hCS-cDp1iwww==
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f86e152e080297ee8cba39a80a13e38
f916875bce604836a95a022234321e02b375bb67
0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Thu, 24 Nov 2022 05:39:56 GMT
Date: Thu, 24 Nov 2022 02:53:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f86e152e080297ee8cba39a80a13e38
f916875bce604836a95a022234321e02b375bb67
0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Thu, 24 Nov 2022 05:39:56 GMT
Date: Thu, 24 Nov 2022 02:53:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 02:11:11 GMT
cache-control: public,max-age=3600
age: 2522
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
mantedtonisms.com/UUh3YUUwKhQMejB1FUcwIyRKRHcXbUUnIWMuFRckKHBGCnE7IURPJj0nAgUjIycZFWs/LQNEdxd4IiYtOCkvBj8TPwAxFygZNSMpAwotJy0FHxwjdxAgMiYDOAohJxcmHT4IcWYMIyhzBSAuNQ0WeS4zBAQSJwZ8NxwPUWBjCjRQfAgQHSQIEA4lLCE5PyQjLR88NRkUGg4kLAITP0MoCmF8LyIABHE1GSIQDjMWDwN5BER3ExIiOxYFDQcGFBMdNicvAAAxMzU1ERsGCBkeRggSFwYtNygTBiIyMTURGwYTEAotDB0ULBYuKwcpIgkDHhIyUBcaeUYIEhNlNgcdBgUHNHQ9BhENLR0cMhEiFT8UKgArcTk0BmgDLicpAh8iDSIGHRMDFhURNSQEJi0nGQcZHw1ULQYOEykWGRETOXQ2bh0SKj84ShYwPToxOCEbIg
13.33.141.57200 OK 1.2 kB URL HTTP/1.1 mantedtonisms.com/UUh3YUUwKhQMejB1FUcwIyRKRHcXbUUnIWMuFRckKHBGCnE7IURPJj0nAgUjIycZFWs/LQNEdxd4IiYtOCkvBj8TPwAxFygZNSMpAwotJy0FHxwjdxAgMiYDOAohJxcmHT4IcWYMIyhzBSAuNQ0WeS4zBAQSJwZ8NxwPUWBjCjRQfAgQHSQIEA4lLCE5PyQjLR88NRkUGg4kLAITP0MoCmF8LyIABHE1GSIQDjMWDwN5BER3ExIiOxYFDQcGFBMdNicvAAAxMzU1ERsGCBkeRggSFwYtNygTBiIyMTURGwYTEAotDB0ULBYuKwcpIgkDHhIyUBcaeUYIEhNlNgcdBgUHNHQ9BhENLR0cMhEiFT8UKgArcTk0BmgDLicpAh8iDSIGHRMDFhURNSQEJi0nGQcZHw1ULQYOEykWGRETOXQ2bh0SKj84ShYwPToxOCEbIg
IP 13.33.141.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash cdab6d0b12c16056a32cbc3d4a577214
15f30b8a3bef06c97702aad4af7f1b24d74baa49
4f22ee008b81e43f377cde6ab8c0e0d1dfc844d08a9e5b7a7a252f194968793b
Analyzer Verdict Alert fortinet Phishing
GET /UUh3YUUwKhQMejB1FUcwIyRKRHcXbUUnIWMuFRckKHBGCnE7IURPJj0nAgUjIycZFWs/LQNEdxd4IiYtOCkvBj8TPwAxFygZNSMpAwotJy0FHxwjdxAgMiYDOAohJxcmHT4IcWYMIyhzBSAuNQ0WeS4zBAQSJwZ8NxwPUWBjCjRQfAgQHSQIEA4lLCE5PyQjLR88NRkUGg4kLAITP0MoCmF8LyIABHE1GSIQDjMWDwN5BER3ExIiOxYFDQcGFBMdNicvAAAxMzU1ERsGCBkeRggSFwYtNygTBiIyMTURGwYTEAotDB0ULBYuKwcpIgkDHhIyUBcaeUYIEhNlNgcdBgUHNHQ9BhENLR0cMhEiFT8UKgArcTk0BmgDLicpAh8iDSIGHRMDFhURNSQEJi0nGQcZHw1ULQYOEykWGRETOXQ2bh0SKj84ShYwPToxOCEbIg HTTP/1.1
Host: mantedtonisms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1186
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C2
X-Amz-Cf-Id: EdAz6NS9Lw-I6JCcfPE_lcEE_0OMGPp_J4gJdE1d1FjSrF3OU5kUnQ==
mantedtonisms.com/RkJueW4nIA0UUSd/DF8bNC5TXFwAZ1w/CnQkDA8PP3pfElosK11XDSotGx0INC0ADUAoJxpcXAAaIBU8HyMmKzgJODc2PXYLVykoEAwsLjw2FQUsPxYrHTEpLRgePV8yADoeLzUKFkgYCDgBCyEedlsYO3IDOj0sKhUoMw8IFjcpPRQDFjcJMggsSidzBiwgIh8KWhosAClLSygcEw06OBIpHDsGABAkPSAJAzgdHggTDTY2PCVeOjgDBysUXwEQLDcDJwcvPTY8LVY7GQgEDS4eHwUFMxYnLgY/LCgyAS07InINLh4fA19BWCQuFissFBhXLgUUDTcUQz4MPEo8PiMCHikXCigLJRMXKSA2HBs2KyArIy9BPBAWVko6ExgZIwMuGDw4NCojKBU8BAU/XFwEAz8jOgsoDSg7FxM9GDguACk+PGNwLDE7LQpIEx0pLB5EOXV3Fi0aMSs3GgwFDyYUXw
13.33.141.57200 OK 1.2 kB URL HTTP/1.1 mantedtonisms.com/RkJueW4nIA0UUSd/DF8bNC5TXFwAZ1w/CnQkDA8PP3pfElosK11XDSotGx0INC0ADUAoJxpcXAAaIBU8HyMmKzgJODc2PXYLVykoEAwsLjw2FQUsPxYrHTEpLRgePV8yADoeLzUKFkgYCDgBCyEedlsYO3IDOj0sKhUoMw8IFjcpPRQDFjcJMggsSidzBiwgIh8KWhosAClLSygcEw06OBIpHDsGABAkPSAJAzgdHggTDTY2PCVeOjgDBysUXwEQLDcDJwcvPTY8LVY7GQgEDS4eHwUFMxYnLgY/LCgyAS07InINLh4fA19BWCQuFissFBhXLgUUDTcUQz4MPEo8PiMCHikXCigLJRMXKSA2HBs2KyArIy9BPBAWVko6ExgZIwMuGDw4NCojKBU8BAU/XFwEAz8jOgsoDSg7FxM9GDguACk+PGNwLDE7LQpIEx0pLB5EOXV3Fi0aMSs3GgwFDyYUXw
IP 13.33.141.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash 760dc41ca87c9169141c6dfc4bd13641
be99769d7e091ec1028b802f29a2c76eb954adac
86e0c377f82b311a6ca9d6d5d937218ec109dc6d68e2b1216a361bb5f927da59
Analyzer Verdict Alert fortinet Phishing
GET /RkJueW4nIA0UUSd/DF8bNC5TXFwAZ1w/CnQkDA8PP3pfElosK11XDSotGx0INC0ADUAoJxpcXAAaIBU8HyMmKzgJODc2PXYLVykoEAwsLjw2FQUsPxYrHTEpLRgePV8yADoeLzUKFkgYCDgBCyEedlsYO3IDOj0sKhUoMw8IFjcpPRQDFjcJMggsSidzBiwgIh8KWhosAClLSygcEw06OBIpHDsGABAkPSAJAzgdHggTDTY2PCVeOjgDBysUXwEQLDcDJwcvPTY8LVY7GQgEDS4eHwUFMxYnLgY/LCgyAS07InINLh4fA19BWCQuFissFBhXLgUUDTcUQz4MPEo8PiMCHikXCigLJRMXKSA2HBs2KyArIy9BPBAWVko6ExgZIwMuGDw4NCojKBU8BAU/XFwEAz8jOgsoDSg7FxM9GDguACk+PGNwLDE7LQpIEx0pLB5EOXV3Fi0aMSs3GgwFDyYUXw HTTP/1.1
Host: mantedtonisms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1200
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 0627ff40b5d116e8aeb618dfe60b85fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C2
X-Amz-Cf-Id: 2TvF3OeZs6CNKdriocamj_Um0gous1Zmc6Kma-J_TxA8sh_71boy0A==
engingsecondu.com/WFljTUF3ZgA+fAwOEwYbajFGfwcNNxcoFBAPNygHPAsGGykhD1ImZywwB3B4a2lSf3B+KQopfGl/EDkgLCwQcHB+MA0rLmV/FXBwdmpXY3Jod1VrNGVoRTkxOT5efGcoLRchfGlvVXRzbWFQdHNgbFo
104.21.55.224204 No Content 0 B URL HTTP/2 engingsecondu.com/WFljTUF3ZgA+fAwOEwYbajFGfwcNNxcoFBAPNygHPAsGGykhD1ImZywwB3B4a2lSf3B+KQopfGl/EDkgLCwQcHB+MA0rLmV/FXBwdmpXY3Jod1VrNGVoRTkxOT5efGcoLRchfGlvVXRzbWFQdHNgbFo
IP 104.21.55.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WFljTUF3ZgA+fAwOEwYbajFGfwcNNxcoFBAPNygHPAsGGykhD1ImZywwB3B4a2lSf3B+KQopfGl/EDkgLCwQcHB+MA0rLmV/FXBwdmpXY3Jod1VrNGVoRTkxOT5efGcoLRchfGlvVXRzbWFQdHNgbFo HTTP/1.1
Host: engingsecondu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zr4wppT5tVR2DmQlcWicGJd9xyj3e06dq6xsHP9Z5Qz%2FcpdalB7grRHcGbvt7%2B10biYWptMiF09fRMncL3vsMPd8ag4a%2Bcskz2ZSYmzTQJiB9DGmywvA%2FBeHFXrljEGGFoC3OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76eeda5d4f63b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
engingsecondu.com/eGtZc1FXVDoAbBpYFwM1Sw86IQcMLw0fCz0+HBcULy49IgVIU38HOBxWYEdhSVhhVSERD2RCdwsfOAckC1ZoVTgWDTZOdw5WaF1iTEVqQ39OTSxOYF4fKRI2RVp/AyUMB2RCZ05Sa0ZpS1JrS2hA
104.21.55.224204 No Content 0 B URL HTTP/2 engingsecondu.com/eGtZc1FXVDoAbBpYFwM1Sw86IQcMLw0fCz0+HBcULy49IgVIU38HOBxWYEdhSVhhVSERD2RCdwsfOAckC1ZoVTgWDTZOdw5WaF1iTEVqQ39OTSxOYF4fKRI2RVp/AyUMB2RCZ05Sa0ZpS1JrS2hA
IP 104.21.55.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eGtZc1FXVDoAbBpYFwM1Sw86IQcMLw0fCz0+HBcULy49IgVIU38HOBxWYEdhSVhhVSERD2RCdwsfOAckC1ZoVTgWDTZOdw5WaF1iTEVqQ39OTSxOYF4fKRI2RVp/AyUMB2RCZ05Sa0ZpS1JrS2hA HTTP/1.1
Host: engingsecondu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s31puH%2BM7YAiTbZFKxIl88Y5nQ8%2Bk1OXqMC5LV2dRsBwVslgHeXQZpExUMMNtSqOOirf5eANHsf8ksIy8hnfl%2FbKeyuRNF9RB7VveHJC2yGsPALGPBT1lSCk5cHrz5krGVSSGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76eeda5d4f65b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
engingsecondu.com/MXdWSVoeSDU6Z1IvBA8DXQcQGwJnJTQiMnAUEAcuYBwQewxcQ3A9M1VKb3prBUJnbypYE2t4YhcEIiguRARreHxYGTAmZxcBa3h0AVlkZ2gXAmt4fEUHNy5nAFEmPS5dSmd/bAhFY3FpCEVveGg
104.21.55.224204 No Content 0 B URL HTTP/2 engingsecondu.com/MXdWSVoeSDU6Z1IvBA8DXQcQGwJnJTQiMnAUEAcuYBwQewxcQ3A9M1VKb3prBUJnbypYE2t4YhcEIiguRARreHxYGTAmZxcBa3h0AVlkZ2gXAmt4fEUHNy5nAFEmPS5dSmd/bAhFY3FpCEVveGg
IP 104.21.55.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MXdWSVoeSDU6Z1IvBA8DXQcQGwJnJTQiMnAUEAcuYBwQewxcQ3A9M1VKb3prBUJnbypYE2t4YhcEIiguRARreHxYGTAmZxcBa3h0AVlkZ2gXAmt4fEUHNy5nAFEmPS5dSmd/bAhFY3FpCEVveGg HTTP/1.1
Host: engingsecondu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJRK55r8gufSdmEjHeYD9z8G9j7cZvFiQAxma4pDOIImZqY%2BuPzOmAt6WzLqM7PLMXlX4QtvgVhYXBgzryKQSmBGXznTKGMNs0KO8%2FneFswIbF%2B%2FciUbdCT2Hk1rOncaSRqXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76eeda5d4f66b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mantedtonisms.com/R2tka2omCQcGVSZWBk0fNQdZTlgBTlYtDnUNBh0LPlNVAF4tAldFCSsEEQ8MNQQKH0QpDhBOWAEhAD8oPiQ8CD0fExwNOQYtPi0NFSQ2DCwALyExPhAMIjwtFj4qLD80UipbATANJVNdEVsqIjsBJSEoLHYgNjkzIjwmADkDPTYILRUyKjoSfzwhPSAXLzIuKxI+XT4tBlI+IwYSPDEqI3cvIgcsAT4lITIwIT4jLHcyJQAkHyhUCAgVLQcnOHc6JTMrKzg2BSAfKFQIKRA5Ezs7diogJig/LTY+AgIvMiEtJAcHJzgwDyM9HShZNiooDy1UDwkBPkkqIAIpJj8tETE3OVkdKic+MAEqISYgFQclKDsrUwEpWxI+MgxTFioOOiMVWyUOOy9TJzgrAk0OGAUpG1kAGA0pHSkvPyUDWhtw
13.33.141.57200 OK 1.2 kB URL HTTP/1.1 mantedtonisms.com/R2tka2omCQcGVSZWBk0fNQdZTlgBTlYtDnUNBh0LPlNVAF4tAldFCSsEEQ8MNQQKH0QpDhBOWAEhAD8oPiQ8CD0fExwNOQYtPi0NFSQ2DCwALyExPhAMIjwtFj4qLD80UipbATANJVNdEVsqIjsBJSEoLHYgNjkzIjwmADkDPTYILRUyKjoSfzwhPSAXLzIuKxI+XT4tBlI+IwYSPDEqI3cvIgcsAT4lITIwIT4jLHcyJQAkHyhUCAgVLQcnOHc6JTMrKzg2BSAfKFQIKRA5Ezs7diogJig/LTY+AgIvMiEtJAcHJzgwDyM9HShZNiooDy1UDwkBPkkqIAIpJj8tETE3OVkdKic+MAEqISYgFQclKDsrUwEpWxI+MgxTFioOOiMVWyUOOy9TJzgrAk0OGAUpG1kAGA0pHSkvPyUDWhtw
IP 13.33.141.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash c2acc4ba0d33d53f815daebe13744bb3
a93c99f91171638f9d4eee707025e712eba2af79
f7bd617b6ed4ea220871570792c709826644f13cec9da7107b995a6c06d25609
Analyzer Verdict Alert fortinet Phishing
GET /R2tka2omCQcGVSZWBk0fNQdZTlgBTlYtDnUNBh0LPlNVAF4tAldFCSsEEQ8MNQQKH0QpDhBOWAEhAD8oPiQ8CD0fExwNOQYtPi0NFSQ2DCwALyExPhAMIjwtFj4qLD80UipbATANJVNdEVsqIjsBJSEoLHYgNjkzIjwmADkDPTYILRUyKjoSfzwhPSAXLzIuKxI+XT4tBlI+IwYSPDEqI3cvIgcsAT4lITIwIT4jLHcyJQAkHyhUCAgVLQcnOHc6JTMrKzg2BSAfKFQIKRA5Ezs7diogJig/LTY+AgIvMiEtJAcHJzgwDyM9HShZNiooDy1UDwkBPkkqIAIpJj8tETE3OVkdKic+MAEqISYgFQclKDsrUwEpWxI+MgxTFioOOiMVWyUOOy9TJzgrAk0OGAUpG1kAGA0pHSkvPyUDWhtw HTTP/1.1
Host: mantedtonisms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1175
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 360e1220d10dac057f451e8ec0e907f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C2
X-Amz-Cf-Id: JnsmaQ2LWHRIs7BaiM8uujNpMFB2NBXRLuQZKJPwG88wYaiTXnpKDg==
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f86e152e080297ee8cba39a80a13e38
f916875bce604836a95a022234321e02b375bb67
0ad073449cdc28013c246ef309c9c3792f582172d4686af74f0b737cb68df6f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0AD073449CDC28013C246EF309C9C3792F582172D4686AF74F0B737CB68DF6F1"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Thu, 24 Nov 2022 05:39:56 GMT
Date: Thu, 24 Nov 2022 02:53:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 516
Cache-Control: max-age=109336
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:15:29 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1db5a3722f73dd82c0084cfbe2e89f96
5f74860c9abaf4bcc570abc895b37cea7ceafdf7
ab88dd13690a6943086cb8425e8db1461ecf29c827633cda4cab5a7e6011eab7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AB88DD13690A6943086CB8425E8DB1461ECF29C827633CDA4CAB5A7E6011EAB7"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14895
Expires: Thu, 24 Nov 2022 07:01:28 GMT
Date: Thu, 24 Nov 2022 02:53:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Last-Modified: Thu, 24 Nov 2022 02:02:22 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 523634f5e33b64d08c05415ca377b336
27750bceb120328cf37f0a053115a9b216890885
79be1cbfccc032a1e2ac97b84217f00466649b5a715df45ece301eb3b5b94dc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 523634f5e33b64d08c05415ca377b336
27750bceb120328cf37f0a053115a9b216890885
79be1cbfccc032a1e2ac97b84217f00466649b5a715df45ece301eb3b5b94dc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2fbvay81k4ji3.cloudfront.net/0UGhiaXgzBwwPRyQBBlRBZFhTWkB2AhEGFiBVFRwUIi47DTI6ThYTHG1YRAUZPg9fTx0+C19YXjEMAFRMdhwSBhNtBxQKFSMGBw4IO04XCEU9BxgAFDwJR1s+ZUZSTEpgQBUAFjQHFRpdYlgMHV1iWFNZVmBNUStdYlgVABZmXEdaOnVaUhFOZE1RK11iWB-AfXWMpU1lNflhLTEpgDwcKEz9NUC9KYFlSWUlgWUdbSDYBEAwePxBHWz5hWFdHSHYdX1g
143.204.42.113200 OK 491 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/0UGhiaXgzBwwPRyQBBlRBZFhTWkB2AhEGFiBVFRwUIi47DTI6ThYTHG1YRAUZPg9fTx0+C19YXjEMAFRMdhwSBhNtBxQKFSMGBw4IO04XCEU9BxgAFDwJR1s+ZUZSTEpgQBUAFjQHFRpdYlgMHV1iWFNZVmBNUStdYlgVABZmXEdaOnVaUhFOZE1RK11iWB-AfXWMpU1lNflhLTEpgDwcKEz9NUC9KYFlSWUlgWUdbSDYBEAwePxBHWz5hWFdHSHYdX1g
IP 143.204.42.113:0
File type ASCII text, with very long lines (661), with no line terminators
Hash 4e7661ae921bfd4d5ce755a78a154c7a
3f2b4484194c021ea1eb8cb800ca7a0307367c0d
9adb7c8852d4fb436b535e541563e3a78565cd0082d4da94cb54455c3740a44a
GET /0UGhiaXgzBwwPRyQBBlRBZFhTWkB2AhEGFiBVFRwUIi47DTI6ThYTHG1YRAUZPg9fTx0+C19YXjEMAFRMdhwSBhNtBxQKFSMGBw4IO04XCEU9BxgAFDwJR1s+ZUZSTEpgQBUAFjQHFRpdYlgMHV1iWFNZVmBNUStdYlgVABZmXEdaOnVaUhFOZE1RK11iWB-AfXWMpU1lNflhLTEpgDwcKEz9NUC9KYFlSWUlgWUdbSDYBEAwePxBHWz5hWFdHSHYdX1g HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mantedtonisms.com/
HTTP/1.1 200 OK
Content-Length: 491
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gzhhwXCgNLQ5VZifxQJaKadkTfJhtTCR5YMsQLv8h8SYRbD1sVrDdw==
d2fbvay81k4ji3.cloudfront.net/XNlRYaHRVOzYOS0I9PFVNBWRpWkUQPisHGkZpD1tBTgAsHx1vNzorOX45aU4ATDBlWFJaNTYPSRAxNgtJB3I5DBYLYH4cBFk/ZQcCVTkrBhFRJDNOAVdpNQcOXzg0CVEEEm1GRBNmaEADXzo8BwNFcWpYGkJxalhFBnpoTUd0cWpYA186blxRBRZ9WkROYm-xNR3RxalgGQHFrKUUGYXZYXRNmaA8RVT83TUZwZmhZRAZlaFlRBGQ+AQZTMjcQUQQSaVhBGGR+HUkH
143.204.42.113200 OK 486 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/XNlRYaHRVOzYOS0I9PFVNBWRpWkUQPisHGkZpD1tBTgAsHx1vNzorOX45aU4ATDBlWFJaNTYPSRAxNgtJB3I5DBYLYH4cBFk/ZQcCVTkrBhFRJDNOAVdpNQcOXzg0CVEEEm1GRBNmaEADXzo8BwNFcWpYGkJxalhFBnpoTUd0cWpYA186blxRBRZ9WkROYm-xNR3RxalgGQHFrKUUGYXZYXRNmaA8RVT83TUZwZmhZRAZlaFlRBGQ+AQZTMjcQUQQSaVhBGGR+HUkH
IP 143.204.42.113:0
File type ASCII text, with very long lines (668), with no line terminators
Hash e42672e4df574769a877fe3194d4f5d4
43df6a28672358df869eff934e2d9090607b970a
c225862de35dd4475135746602bbaa54319f18b8eddb9db46f2aad6a59c94ebc
GET /XNlRYaHRVOzYOS0I9PFVNBWRpWkUQPisHGkZpD1tBTgAsHx1vNzorOX45aU4ATDBlWFJaNTYPSRAxNgtJB3I5DBYLYH4cBFk/ZQcCVTkrBhFRJDNOAVdpNQcOXzg0CVEEEm1GRBNmaEADXzo8BwNFcWpYGkJxalhFBnpoTUd0cWpYA186blxRBRZ9WkROYm-xNR3RxalgGQHFrKUUGYXZYXRNmaA8RVT83TUZwZmhZRAZlaFlRBGQ+AQZTMjcQUQQSaVhBGGR+HUkH HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mantedtonisms.com/
HTTP/1.1 200 OK
Content-Length: 486
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cTd8dgucv1g-adhX66jaJuD69816c9y5xsYwk6cuQ6TRV9kgtxPsiQ==
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 958bcd38789cdb9e9bbdab3ee7eeb097
f6f84303417663d93cc55b6424a5557870323d1e
289bb18414c3a4358fd7562b5e773bc05032fe30d05720baf918a62d053403ee
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 02:53:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1779257952%3A1669258393449934&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu2xemg2fgrxx3aoc7ieO5t1AFgAL2a3vF85913DrWUCWyknr_glXhgnEr0KMRKg4oIe23vPA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-hTX-xKxeif0o66PXRlEepA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:zZvfo3dEUMSLrZeCNmeAcpJRvHrHAg:BRBTvxiOMVf-nPCA;Path=/;Expires=Sat, 23-Nov-2024 02:53:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1db5a3722f73dd82c0084cfbe2e89f96
5f74860c9abaf4bcc570abc895b37cea7ceafdf7
ab88dd13690a6943086cb8425e8db1461ecf29c827633cda4cab5a7e6011eab7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "AB88DD13690A6943086CB8425E8DB1461ECF29C827633CDA4CAB5A7E6011EAB7"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14895
Expires: Thu, 24 Nov 2022 07:01:28 GMT
Date: Thu, 24 Nov 2022 02:53:13 GMT
Connection: keep-alive
mantedtonisms.com/utx?cb=4NUtKE3373S7&top=sakurafile.com&tid=940138
13.33.141.57204 No Content 0 B URL HTTP/2 mantedtonisms.com/utx?cb=4NUtKE3373S7&top=sakurafile.com&tid=940138
IP 13.33.141.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=4NUtKE3373S7&top=sakurafile.com&tid=940138 HTTP/1.1
Host: mantedtonisms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 02:53:13 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 24 Nov 2022 02:54:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ff92636be9eff8fae7e0e3e03ff6ef1c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: BKjFTcAK2nMggLoUNf68MupnD6N9KHf8DL-dHHm6dsMZxIGaWT5cKw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash dde3960cc7694ee80eb8963644a68993
0e84881b06f64cd44cf9d32cb96d761e0eb414cf
436e80a7e8900002fda961352e18ba8a003e2df353f11d1112a0f881271bc479
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 02:53:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1912448822%3A1669258393484209&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvc3k5TntTB_OLTHLKXZYALJ10_Sh9KkHaoR6vmaFQQijNW3lUhcqPAYN080nLd2opGVA07qg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jG1oimJPOB6G1ZaXKbehog' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:SMJLQAZIfx0N5U9qWuItwF8EI3wJLw:cGVhT31JCCSYdYQH;Path=/;Expires=Sat, 23-Nov-2024 02:53:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mantedtonisms.com/utx?cb=PaBYUSsCNl1C&top=sakurafile.com&tid=930121
13.33.141.57204 No Content 0 B URL HTTP/2 mantedtonisms.com/utx?cb=PaBYUSsCNl1C&top=sakurafile.com&tid=930121
IP 13.33.141.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=PaBYUSsCNl1C&top=sakurafile.com&tid=930121 HTTP/1.1
Host: mantedtonisms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 02:53:13 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 24 Nov 2022 02:54:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ff92636be9eff8fae7e0e3e03ff6ef1c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: TH3yX80QOg_r6mbS9TymxO0Do4W1fJV2lwXP5PtqJ3O537wqHHJ0Eg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2fbvay81k4ji3.cloudfront.net/JdTByOXcWXxxfSAFZFgRORgFGDEZTWgFWGQUNGUs9N0kwfA87V0NIQFNECF1KRRYeWBkSDVRcGRYNQx8WEVJPDVEAUU9UGA9ZHlUWUAI0DFlFFUAJXwJZHF0YAkNXC0cbRFcLR0QAXAlSRnJXC0cCWRwPQ1ADMBxFRUhEDVJGclcLRwdGVwo2RABHF0dcFU-AJEBBTGVZSR3ZACUZFAEMJRlACQl8eB1UUVg9QAjQIR0AeQh8CSAE
143.204.42.113200 OK 191 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/JdTByOXcWXxxfSAFZFgRORgFGDEZTWgFWGQUNGUs9N0kwfA87V0NIQFNECF1KRRYeWBkSDVRcGRYNQx8WEVJPDVEAUU9UGA9ZHlUWUAI0DFlFFUAJXwJZHF0YAkNXC0cbRFcLR0QAXAlSRnJXC0cCWRwPQ1ADMBxFRUhEDVJGclcLRwdGVwo2RABHF0dcFU-AJEBBTGVZSR3ZACUZFAEMJRlACQl8eB1UUVg9QAjQIR0AeQh8CSAE
IP 143.204.42.113:0
File type ASCII text, with no line terminators
Hash c4fbcb28eb92a7a81ca1ff8a10d12cc8
cf45f759f183a369ded680b27192241134c6b77c
5d889dc6eae6bd89bc5d945d8d8c411c3fc1a5c8a3c26c0155b119de525acf80
GET /JdTByOXcWXxxfSAFZFgRORgFGDEZTWgFWGQUNGUs9N0kwfA87V0NIQFNECF1KRRYeWBkSDVRcGRYNQx8WEVJPDVEAUU9UGA9ZHlUWUAI0DFlFFUAJXwJZHF0YAkNXC0cbRFcLR0QAXAlSRnJXC0cCWRwPQ1ADMBxFRUhEDVJGclcLRwdGVwo2RABHF0dcFU-AJEBBTGVZSR3ZACUZFAEMJRlACQl8eB1UUVg9QAjQIR0AeQh8CSAE HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mantedtonisms.com/
HTTP/1.1 200 OK
Content-Length: 191
Connection: keep-alive
Date: Thu, 24 Nov 2022 02:53:13 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iRBVcE7zC6JHOy5LI0sm2HBsL-2SwmFa9dPnIDeEfnZFR_pvGGhKOA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 02:53:13 GMT
Last-Modified: Thu, 24 Nov 2022 02:02:22 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3A1z3m3ypvwhw/BJgCZZHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5OuMwjywPLSVYfRKNOCMK5rTw6k=
engingsecondu.com/popunder.gif
104.21.55.224200 OK 86 B URL HTTP/1.1 engingsecondu.com/popunder.gif
IP 104.21.55.224:0
Hash 2ab874078c509008bcb7c56efc51b511
ec49abbe53be34a30f9c415c0deddc98b4ed3243
33499456d48d77242daa8e2d50a1b3dc371e82a145af584a4897d00aab8a1391
GET /popunder.gif HTTP/1.1
Host: engingsecondu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 02:53:13 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 31092
Last-Modified: Wed, 23 Nov 2022 18:15:01 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCp88vyRClPBOLU4WkQOoWk0neqkk9QZIJ951jAyu0xx8zezg2wYRPnX2z8IemV6Y3WaCZF6BcQrXbiXwGAQ57Ukj0pemhN%2BdSFwz6YIQ2AXjrZwnaXVTYEIwA%2BfB8B0ulMtlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76eeda605ddb0b59-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12898
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 02:53:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12898
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 02:53:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12898
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 02:53:14 GMT
Connection: keep-alive
pogothere.xyz/
172.64.173.27200 OK 7.5 kB IP 172.64.173.27:0
File type ASCII text, with no line terminators
Hash 7ebd01d0ba6223fca2cd7159aa6dde2f
ff063ff5b13fe0ce30c36c668967e1e266953c47
c4c6361f27b68ab140098ca49da56ac72363df3227dc5d1d06fba889ce49a7b8
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 02:53:13 GMT
content-type: text/plain
set-cookie: csu=684466809251333@1@1669258393; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh8PoPiA%2FZI56bpNIQopKNzHhKTKJZsx%2FI%2BjZKtHaIDv7KIRsM1CPLAH1mgNnpdx5UF5dpQvp7wENSJAaUZ%2Fyl6JbemM8%2BvxX2t6IH5Fw5GqNUlZ34aHn6hyI0dG4IPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76eeda5ec89f71c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:15 GMT
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
age: 70679
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 12 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
Hash e9bd0bd5476ddbf065874b9671ed757e
685ed489f1b15e310814310c3b2ada739b3f20f5
67b0a158070dd0f99df48858c444ef75306068fc6f29b21fe24d291649ac1204
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: O7xPCyXO3wdXY7TMrkdsWgOoJI533+zvZFFAxKhm2NzGkc3EkLWZUPfOJkw8APCQz5YglTWb0PzlwS7q1ZsqjA==
date: Thu, 24 Nov 2022 02:53:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdebbc7d6d2f262afe69e6f2d97d58b
e62b4e08c2813f67fa0f466b4f66d5d4c609526f
decdfd76f2b382026f13ba2cd07fceae8a8964b4157c0f4dcef6bcd061817b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6404
x-amzn-requestid: 5a69edc8-b240-4c21-ba0d-dc175b8ff3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvY6HfnoAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d2-4fd0613627b92d636337cbad;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JBcELEHpSjhEJpgL7NWxlolY0Vt_b5RYE9zJyiBgIIZvf2re37TnaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:11:33 GMT
age: 70901
etag: "e62b4e08c2813f67fa0f466b4f66d5d4c609526f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 110 kB IP 172.64.173.27:0
Size 110 kB (110489 bytes)
Hash 2dffa204c21606492db6125e3f40f0ff
9bce42dbd667a5b4d68bb2c4a60c94337cd5887b
663ab6ad0e0868fd24213711e6494223eac990f38136ddbe93a8a86b2dacfc6d
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 24 Nov 2022 02:53:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6877
last-modified: Thu, 24 Nov 2022 00:58:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sotyxp0%2BBRuhqM%2FNlcZWPNSScUcpQYiB9C%2BK2JRlTUAQrroNFYLXfdpJvwOzlBbbLuIp6D%2BrX8A7%2Fu5nb0cGzrAS8SF8T5%2FCFVQt0vkETqnIMM8RijwK%2F0bXn%2FJGBEs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76eeda5ec89871c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 18207
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1779257952%3A1669258393449934&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu2xemg2fgrxx3aoc7ieO5t1AFgAL2a3vF85913DrWUCWyknr_glXhgnEr0KMRKg4oIe23vPA
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1779257952%3A1669258393449934&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu2xemg2fgrxx3aoc7ieO5t1AFgAL2a3vF85913DrWUCWyknr_glXhgnEr0KMRKg4oIe23vPA
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1779257952%3A1669258393449934&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu2xemg2fgrxx3aoc7ieO5t1AFgAL2a3vF85913DrWUCWyknr_glXhgnEr0KMRKg4oIe23vPA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 02:53:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-o-ld1KtEPQjvVQY1fW3p6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1912448822%3A1669258393484209&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvc3k5TntTB_OLTHLKXZYALJ10_Sh9KkHaoR6vmaFQQijNW3lUhcqPAYN080nLd2opGVA07qg
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1912448822%3A1669258393484209&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvc3k5TntTB_OLTHLKXZYALJ10_Sh9KkHaoR6vmaFQQijNW3lUhcqPAYN080nLd2opGVA07qg
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1912448822%3A1669258393484209&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvc3k5TntTB_OLTHLKXZYALJ10_Sh9KkHaoR6vmaFQQijNW3lUhcqPAYN080nLd2opGVA07qg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 02:53:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-3B7NI-9VM6oqE6ErfR9cFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 24 Nov 2022 02:53:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6877
last-modified: Thu, 24 Nov 2022 00:58:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BanofCC31fU5wo%2FQb1uEHDdN%2BDVTVKGtB8Adk6QT6fo33ihANXyabf488PzH%2BJPzKBGvs1A4MvaXoWoemRS%2B0hupevEAOC9vA3P0lmIy1S6afBNaikdisZPetqxGT4Zh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76eeda5ed8a371c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2