cdn-136.bayfiles.com/d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip
195.96.151.91301 Moved Permanently 162 B URL HTTP/1.1 cdn-136.bayfiles.com/d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip
IP 195.96.151.91:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1
Host: cdn-136.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 29 Sep 2022 21:14:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-136.bayfiles.com/d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3103
Expires: Thu, 29 Sep 2022 22:06:23 GMT
Date: Thu, 29 Sep 2022 21:14:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 20:15:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: caFk-BVQORmVb981sM1oZrKTFLfAYOOj3c1DaPB8FSS7PSurWoaihg==
Age: 3525
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Mi-G7YRe-0vzhvqtXXLPDgy7n1tgs7y75PIjLMCb-ZDkZ788zGWSHQ==
age: 56773
X-Firefox-Spdy: h2
cdn-136.bayfiles.com/d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip
195.96.151.91301 Moved Permanently 0 B URL HTTP/1.1 cdn-136.bayfiles.com/d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip
IP 195.96.151.91:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d8bf7amcy0/5fe4d89a-1664456221/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1
Host: cdn-136.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 29 Sep 2022 21:14:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://bayfiles.com/d8bf7amcy0
X-Cache-Host: filecache-01
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae4bbcfde056333d66d586bd215dccdf
601c1919ea3e3f489749431269e2ffe5240793fb
67de542b1e680f1f917f21dbd3723f42651972fdc09f11815a8d16ad8592a6db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67DE542B1E680F1F917F21DBD3723F42651972FDC09F11815A8D16AD8592A6DB"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16338
Expires: Fri, 30 Sep 2022 01:46:58 GMT
Date: Thu, 29 Sep 2022 21:14:40 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 21:14:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bayfiles.com/d8bf7amcy0
45.154.253.150404 Not Found 2.3 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 68499a08690ff3db3e0e1cd70050c583
e28b2ea1757a38abfcdfc15dd592a57da175ccfc
121464413af9e15fe56cf645c1797c25480f09cce3ee699e41473298f03c7fb4
GET /d8bf7amcy0 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 29 Sep 2022 21:14:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: N
Content-Encoding: gzip
bayfiles.com/css/bayfiles.css?1661352192
45.154.253.150200 OK 25 kB URL HTTP/1.1 bayfiles.com/css/bayfiles.css?1661352192
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash 896df88019eabed295bc78a2f053ab92
1bca351d99600fb10583eb28c638dd58482535a0
b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0
GET /css/bayfiles.css?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1207
Content-Encoding: gzip
bayfiles.com/js/app.js?1661352192
45.154.253.150200 OK 58 kB URL HTTP/1.1 bayfiles.com/js/app.js?1661352192
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 423
Content-Encoding: gzip
bayfiles.com/sw.js
45.154.253.150200 OK 14 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 11215
Content-Encoding: gzip
bayfiles.com/img/flags/24/pl.png
45.154.253.150200 OK 347 B URL HTTP/1.1 bayfiles.com/img/flags/24/pl.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1905
accept-ranges: bytes
bayfiles.com/img/flags/24/fi.png
45.154.253.150200 OK 456 B URL HTTP/1.1 bayfiles.com/img/flags/24/fi.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1985
accept-ranges: bytes
bayfiles.com/static/logo.png
45.154.253.150200 OK 39 kB URL HTTP/1.1 bayfiles.com/static/logo.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash d39dfc9566d5264e198224dc249dd6bb
67ec60e7df6257a32f41e45e6877dc65f036ef0f
0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a
GET /static/logo.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 38607
Connection: keep-alive
last-modified: Thu, 13 Aug 2020 11:36:54 GMT
etag: "5f3525d6-96cf"
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.86.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.86.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Thu, 29 Sep 2022 21:14:41 GMT
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1942
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/se.png
45.154.253.150200 OK 581 B URL HTTP/1.1 bayfiles.com/img/flags/24/se.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 281
accept-ranges: bytes
bayfiles.com/img/flags/24/dk.png
45.154.253.150200 OK 537 B URL HTTP/1.1 bayfiles.com/img/flags/24/dk.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 350
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 20:31:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: w-SBS5_X4TqRRkphrkCeJ8Tz21apnEKY7Gvs7H16RbvBXY3aupcjwg==
Age: 2708
bayfiles.com/img/flags/24/us.png
45.154.253.150200 OK 656 B URL HTTP/1.1 bayfiles.com/img/flags/24/us.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 315
accept-ranges: bytes
bayfiles.com/img/flags/24/fr.png
45.154.253.150200 OK 536 B URL HTTP/1.1 bayfiles.com/img/flags/24/fr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1495
accept-ranges: bytes
bayfiles.com/img/flags/24/jp.png
45.154.253.150200 OK 599 B URL HTTP/1.1 bayfiles.com/img/flags/24/jp.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 362
accept-ranges: bytes
bayfiles.com/img/flags/24/kr.png
45.154.253.150200 OK 988 B URL HTTP/1.1 bayfiles.com/img/flags/24/kr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1881
accept-ranges: bytes
bayfiles.com/img/flags/24/br.png
45.154.253.150200 OK 1.1 kB URL HTTP/1.1 bayfiles.com/img/flags/24/br.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1477
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:41 GMT
Last-Modified: Thu, 29 Sep 2022 21:01:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
bayfiles.com/img/flags/24/de.png
45.154.253.150200 OK 483 B URL HTTP/1.1 bayfiles.com/img/flags/24/de.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1796
accept-ranges: bytes
bayfiles.com/img/flags/24/ru.png
45.154.253.150200 OK 403 B URL HTTP/1.1 bayfiles.com/img/flags/24/ru.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 294
accept-ranges: bytes
bayfiles.com/img/flags/24/in.png
45.154.253.150200 OK 593 B URL HTTP/1.1 bayfiles.com/img/flags/24/in.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1438
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737333
54.230.245.208200 OK 98 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333
IP 54.230.245.208:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash a77a923291637338c922e96ef22dbeb3
2eccc5a6bd520449b7f13a6f8c499081810d6db0
25a8f8eae0f5f4315d98960725ad41683f50c92b4e61d04df09bd5a06cf41339
GET /?xsvjd=737333 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 98023
date: Thu, 29 Sep 2022 21:14:41 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WnG6gmsmvArrqaUnm63IrjRjXsKP9UT-Hry5lldgSnxg4A3ann9clw==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/es.png
45.154.253.150200 OK 666 B URL HTTP/1.1 bayfiles.com/img/flags/24/es.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1977
accept-ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10433
Expires: Fri, 30 Sep 2022 00:08:34 GMT
Date: Thu, 29 Sep 2022 21:14:41 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10433
Expires: Fri, 30 Sep 2022 00:08:34 GMT
Date: Thu, 29 Sep 2022 21:14:41 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IsUN5mOGLKNu9PXnRbVbSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 18pz1RxqeVM0gCiA/t+uArzg/W4=
bayfiles.com/sw.js?a29HQmMwTXBxVFhdcWBPSU1rYAEJXyQnWggJanJWDQ5qdgBfWmp7W11eanRUDVZzI1ReDHYkAElDZXAGWAx%2BJFcJQiJ0V1NCc3FSWUJ%2BdVcPQn9xWwlefiQCWV0mdkFHTTQ1QUdNNy0PAgwuNhoYCjUrDA9BLiwFBE1rYFZFXWUf
45.154.253.150200 OK 14 kB URL HTTP/1.1 bayfiles.com/sw.js?a29HQmMwTXBxVFhdcWBPSU1rYAEJXyQnWggJanJWDQ5qdgBfWmp7W11eanRUDVZzI1ReDHYkAElDZXAGWAx%2BJFcJQiJ0V1NCc3FSWUJ%2BdVcPQn9xWwlefiQCWV0mdkFHTTQ1QUdNNy0PAgwuNhoYCjUrDA9BLiwFBE1rYFZFXWUf
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js?a29HQmMwTXBxVFhdcWBPSU1rYAEJXyQnWggJanJWDQ5qdgBfWmp7W11eanRUDVZzI1ReDHYkAElDZXAGWAx%2BJFcJQiJ0V1NCc3FSWUJ%2BdVcPQn9xWwlefiQCWV0mdkFHTTQ1QUdNNy0PAgwuNhoYCjUrDA9BLiwFBE1rYFZFXWUf HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 11216
Content-Encoding: gzip
medadelem.xyz/eEJCanRXfSEZSSkaABggPwRxOxg2dRcyEDkVCl8mGwcEORIUJWQeHRx/dVlDS3FxTAQRJn9bUgs2Ix4BC39zTB0WJC1XUg5/c0RHTGxwU1pIZDdXRV42MgsTRXNkGgAMLn9bQk52dlJCSHV6U0VN
172.67.189.15204 No Content 0 B URL HTTP/2 medadelem.xyz/eEJCanRXfSEZSSkaABggPwRxOxg2dRcyEDkVCl8mGwcEORIUJWQeHRx/dVlDS3FxTAQRJn9bUgs2Ix4BC39zTB0WJC1XUg5/c0RHTGxwU1pIZDdXRV42MgsTRXNkGgAMLn9bQk52dlJCSHV6U0VN
IP 172.67.189.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eEJCanRXfSEZSSkaABggPwRxOxg2dRcyEDkVCl8mGwcEORIUJWQeHRx/dVlDS3FxTAQRJn9bUgs2Ix4BC39zTB0WJC1XUg5/c0RHTGxwU1pIZDdXRV42MgsTRXNkGgAMLn9bQk52dlJCSHV6U0VN HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqHhZ7AnZ7%2BV%2FVeJFju9XDWzdHmdY0FH4NAJf9GFCrEzU9GHpG4MElbufYjFTtyyTNd7ydZdnnXg9e1DEHCiYW6ox3gzTVsl1TwVk3GtrxQ3M149Z6tFIa4TYB2INAsk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7527badc1a59b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ehasnoconve.xyz/bXVzcmQMFxAfWwxIEVQRHxlOV1YrUEE0AAcDSksXFRoCAhJcRF0RCAIAFxQWAhsHXAoIAVZAIgwmQjhXOyMUHTQ/HgkoHlVCNkAMGxMeICE0GEYGKywkRTwOGQM0CA8ZOjIzITQNQzQ0XDAbOw1UAyFBKV0+GQU1DD1HBzQvJxwTM10PNggAARNAIyAnIRAVBhUwCT0eBgc7MTFUOAoGNiQxH0A0FRIFPzcOUEEwIgM3AjYzCS8pKlVYLB9KEAwtA0E2LxFKFzMkFyM2PUhHMTkIJxsSNiocJCICEQtGFzciXkRGKwM4HxUqAzkhHjxWCEYHIT5fEgA8HEAkVkAmI0dGFSk6ERwXCSc9KTUMWxFDJAg9HDoVIQc4QD9XCTM2QCJUEzYWHiEtKRhCBwYcHBRQGR8HFz8GRTcqAA
143.204.55.54200 OK 1.2 kB URL HTTP/2 ehasnoconve.xyz/bXVzcmQMFxAfWwxIEVQRHxlOV1YrUEE0AAcDSksXFRoCAhJcRF0RCAIAFxQWAhsHXAoIAVZAIgwmQjhXOyMUHTQ/HgkoHlVCNkAMGxMeICE0GEYGKywkRTwOGQM0CA8ZOjIzITQNQzQ0XDAbOw1UAyFBKV0+GQU1DD1HBzQvJxwTM10PNggAARNAIyAnIRAVBhUwCT0eBgc7MTFUOAoGNiQxH0A0FRIFPzcOUEEwIgM3AjYzCS8pKlVYLB9KEAwtA0E2LxFKFzMkFyM2PUhHMTkIJxsSNiocJCICEQtGFzciXkRGKwM4HxUqAzkhHjxWCEYHIT5fEgA8HEAkVkAmI0dGFSk6ERwXCSc9KTUMWxFDJAg9HDoVIQc4QD9XCTM2QCJUEzYWHiEtKRhCBwYcHBRQGR8HFz8GRTcqAA
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Hash ae90d99804ea4d6e08377998820e002c
e5438bb75a2888e9b5cebd87d3465b03771875af
db29ff38e7ad905469257a9971fa57749b7b3819c895fa10d60d42a42421e457
GET /bXVzcmQMFxAfWwxIEVQRHxlOV1YrUEE0AAcDSksXFRoCAhJcRF0RCAIAFxQWAhsHXAoIAVZAIgwmQjhXOyMUHTQ/HgkoHlVCNkAMGxMeICE0GEYGKywkRTwOGQM0CA8ZOjIzITQNQzQ0XDAbOw1UAyFBKV0+GQU1DD1HBzQvJxwTM10PNggAARNAIyAnIRAVBhUwCT0eBgc7MTFUOAoGNiQxH0A0FRIFPzcOUEEwIgM3AjYzCS8pKlVYLB9KEAwtA0E2LxFKFzMkFyM2PUhHMTkIJxsSNiocJCICEQtGFzciXkRGKwM4HxUqAzkhHjxWCEYHIT5fEgA8HEAkVkAmI0dGFSk6ERwXCSc9KTUMWxFDJAg9HDoVIQc4QD9XCTM2QCJUEzYWHiEtKRhCBwYcHBRQGR8HFz8GRTcqAA HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1170
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zc000-scWOF27JnAtmFVP2ELNFxc4HG9-YVeqDbdOnHpXhhpVjJQMg==
X-Firefox-Spdy: h2
ehasnoconve.xyz/b014N1YOLxtaaQ5wGhEjHSFFEmQpaEpxMgU7QQ4lFyIJRyBefFZUOgA4HFEkACMMGTgKOV0FEDoZFW0fNSYtQxU8FDlSPAAdNHEiFisucWE5FTpYEis+MnwsWi8zTRcJHTp+LyQZDwUHKzobfg4hGhpQOQQEOXFnPg45UBQ3GyBuL1cOM1siFyw6eiY4NB9fHiwIM3wFVgkdXhQYFD5tIjkFLloeASEgbh5fJhphBF4EHw87KjdJRQAnKh1RDgh4HlscCCsrZSI5BS0PEyh8LnUeCxwiWwwcLEllYi4eOUMSPCk8UyEHGB1xMl4rFFNiOX86DwAGYExnGBY+OX0uWioedBQXGD9Dc10PKXNnDSk5ETwcIhZHawwbIkUiFQIBTw
143.204.55.54200 OK 1.2 kB URL HTTP/2 ehasnoconve.xyz/b014N1YOLxtaaQ5wGhEjHSFFEmQpaEpxMgU7QQ4lFyIJRyBefFZUOgA4HFEkACMMGTgKOV0FEDoZFW0fNSYtQxU8FDlSPAAdNHEiFisucWE5FTpYEis+MnwsWi8zTRcJHTp+LyQZDwUHKzobfg4hGhpQOQQEOXFnPg45UBQ3GyBuL1cOM1siFyw6eiY4NB9fHiwIM3wFVgkdXhQYFD5tIjkFLloeASEgbh5fJhphBF4EHw87KjdJRQAnKh1RDgh4HlscCCsrZSI5BS0PEyh8LnUeCxwiWwwcLEllYi4eOUMSPCk8UyEHGB1xMl4rFFNiOX86DwAGYExnGBY+OX0uWioedBQXGD9Dc10PKXNnDSk5ETwcIhZHawwbIkUiFQIBTw
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2989), with no line terminators
Hash b263c7271f7151c8ad146f2456ad2744
c2ba3c01834f6a2374e6a20be330b0f8b88b8534
6a4798b9d881fba0bf3b592f43e0bd9ca721116a4dc41d2a7d0c395fc99c4eb8
GET /b014N1YOLxtaaQ5wGhEjHSFFEmQpaEpxMgU7QQ4lFyIJRyBefFZUOgA4HFEkACMMGTgKOV0FEDoZFW0fNSYtQxU8FDlSPAAdNHEiFisucWE5FTpYEis+MnwsWi8zTRcJHTp+LyQZDwUHKzobfg4hGhpQOQQEOXFnPg45UBQ3GyBuL1cOM1siFyw6eiY4NB9fHiwIM3wFVgkdXhQYFD5tIjkFLloeASEgbh5fJhphBF4EHw87KjdJRQAnKh1RDgh4HlscCCsrZSI5BS0PEyh8LnUeCxwiWwwcLEllYi4eOUMSPCk8UyEHGB1xMl4rFFNiOX86DwAGYExnGBY+OX0uWioedBQXGD9Dc10PKXNnDSk5ETwcIhZHawwbIkUiFQIBTw HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1151
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LLAOSligTZlHIwZKS9Xaokh0QvGgfNXOvrPGp7M861fA4XKJq2ODFw==
X-Firefox-Spdy: h2
medadelem.xyz/bFpJaTBDZSoaDTk0CF19JAwuO3ELHh0uRC4eGAFzNR8YK3I5E28dWQhnfloHX2l8T0AFPnRYCEopPQhEGSl0WBYFNC8GDUosdFgeXHR7RwBKL3RYFhgqKA4NXXw5HUQAZ3hfBlhucV8AW2JwXQQ
172.67.189.15204 No Content 0 B URL HTTP/2 medadelem.xyz/bFpJaTBDZSoaDTk0CF19JAwuO3ELHh0uRC4eGAFzNR8YK3I5E28dWQhnfloHX2l8T0AFPnRYCEopPQhEGSl0WBYFNC8GDUosdFgeXHR7RwBKL3RYFhgqKA4NXXw5HUQAZ3hfBlhucV8AW2JwXQQ
IP 172.67.189.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bFpJaTBDZSoaDTk0CF19JAwuO3ELHh0uRC4eGAFzNR8YK3I5E28dWQhnfloHX2l8T0AFPnRYCEopPQhEGSl0WBYFNC8GDUosdFgeXHR7RwBKL3RYFhgqKA4NXXw5HUQAZ3hfBlhucV8AW2JwXQQ HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tfSCo6uecxSjVsauQrNXQG8keO21DB4aHDw4WYxfIRMKP6X%2F2IXL1eJrWJ8zc9FPSyiOIv%2FhYV08jfcYbd%2Bw6ZbrljHTZ76Hcl%2Fr5lJnTtpaYUjrZoScN9WuXQAoMmC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7527badc1a6ab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ehasnoconve.xyz/cTR3N2EQVhRaXhAJFREUA1hKElM3EUVxBRtCTg4SCVsGRxdABVlUDR5BE1ETHloDGQ8UQFIFJxZVGn01JlgmfSUlBE9WGUV4OQUFG2MhYQYQYxN6IjJ1RngJAVI4c1UGdjF6Uj5mBHQnMH0ncDcZcT1OIAZiRn1QP14iciMmAU96MCB2FVoVCHcAbhkrBjV6Jxh5RmdQEnE5YwoccQBcCyFNAGMzMm1AVjASejxjLEV2EHlTEHY9UTU2elIFJytYB3wqQ0AbY1A0ZhEFOxBwHVhROGY9fzgmWwRiDSB5FXAjIWElcURDci1bDiB+Lw4POgUDWwU2ZjNlU1xyBnoWSXY4czcJYzRlCRBZIVY0HH4GbTRIZS5NFkhzNlRQP2cPZzQzYh1uCiNnE2RYAWMAEQsCWxlHXBpQE1lQFVc4XxcgYToF
143.204.55.54200 OK 1.2 kB URL HTTP/2 ehasnoconve.xyz/cTR3N2EQVhRaXhAJFREUA1hKElM3EUVxBRtCTg4SCVsGRxdABVlUDR5BE1ETHloDGQ8UQFIFJxZVGn01JlgmfSUlBE9WGUV4OQUFG2MhYQYQYxN6IjJ1RngJAVI4c1UGdjF6Uj5mBHQnMH0ncDcZcT1OIAZiRn1QP14iciMmAU96MCB2FVoVCHcAbhkrBjV6Jxh5RmdQEnE5YwoccQBcCyFNAGMzMm1AVjASejxjLEV2EHlTEHY9UTU2elIFJytYB3wqQ0AbY1A0ZhEFOxBwHVhROGY9fzgmWwRiDSB5FXAjIWElcURDci1bDiB+Lw4POgUDWwU2ZjNlU1xyBnoWSXY4czcJYzRlCRBZIVY0HH4GbTRIZS5NFkhzNlRQP2cPZzQzYh1uCiNnE2RYAWMAEQsCWxlHXBpQE1lQFVc4XxcgYToF
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Hash 246dd319729327a5f6a29f4c209be132
71c833a4a78926160f2e5c82e03c9e81d9b63ff7
cbcca94330629d841a392571abe1fe511fce26e8bca652449f523eb90370e486
GET /cTR3N2EQVhRaXhAJFREUA1hKElM3EUVxBRtCTg4SCVsGRxdABVlUDR5BE1ETHloDGQ8UQFIFJxZVGn01JlgmfSUlBE9WGUV4OQUFG2MhYQYQYxN6IjJ1RngJAVI4c1UGdjF6Uj5mBHQnMH0ncDcZcT1OIAZiRn1QP14iciMmAU96MCB2FVoVCHcAbhkrBjV6Jxh5RmdQEnE5YwoccQBcCyFNAGMzMm1AVjASejxjLEV2EHlTEHY9UTU2elIFJytYB3wqQ0AbY1A0ZhEFOxBwHVhROGY9fzgmWwRiDSB5FXAjIWElcURDci1bDiB+Lw4POgUDWwU2ZjNlU1xyBnoWSXY4czcJYzRlCRBZIVY0HH4GbTRIZS5NFkhzNlRQP2cPZzQzYh1uCiNnE2RYAWMAEQsCWxlHXBpQE1lQFVc4XxcgYToF HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e8gubrHuRkxBmvyR3VeR_Yzz3uRAEWjb6JAPgVxQKF1qaEJ9zq5O-Q==
X-Firefox-Spdy: h2
medadelem.xyz/TUhSUFhidzEjZRx5IgILGyRlCTUbfTAYAjwSCmUsKCUiPzsKfHQkMSl1ZWVufn9kdigkLG9iYWs7JjEsODtvYX4kJjQ/ZWs+b2F2fWZkYHZ9bidtaWs8IjE/cHl0ICw5JG9hbnt8ZmhufX9qaWt8
172.67.189.15204 No Content 0 B URL HTTP/2 medadelem.xyz/TUhSUFhidzEjZRx5IgILGyRlCTUbfTAYAjwSCmUsKCUiPzsKfHQkMSl1ZWVufn9kdigkLG9iYWs7JjEsODtvYX4kJjQ/ZWs+b2F2fWZkYHZ9bidtaWs8IjE/cHl0ICw5JG9hbnt8ZmhufX9qaWt8
IP 172.67.189.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TUhSUFhidzEjZRx5IgILGyRlCTUbfTAYAjwSCmUsKCUiPzsKfHQkMSl1ZWVufn9kdigkLG9iYWs7JjEsODtvYX4kJjQ/ZWs+b2F2fWZkYHZ9bidtaWs8IjE/cHl0ICw5JG9hbnt8ZmhufX9qaWt8 HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koygbrEO3dBgTdCOg8wIUBExwEk3tLwpTIAJmA17gmVeuX%2FULFSMmNbBYxzaAUCmJaTtXC5ESMFK5SzCw15rAnyyQEOm%2BA1Zfg%2BdoTlyNy1L52MAtUSjJO73UjVhs5dw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7527badc2a7cb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10432
Expires: Fri, 30 Sep 2022 00:08:34 GMT
Date: Thu, 29 Sep 2022 21:14:42 GMT
Connection: keep-alive
bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597318614
45.154.253.150200 OK 1.4 kB URL HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597318614
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9549584e9288a5dd9d163daa26a6f34d
0c7a71967bd4570770aa9b1043a1d82cd8969252
d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
GET /img/favicon/favicon-32x32-bayfiles.png?1597318614 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 21:14:42 GMT
Content-Type: image/png
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 294
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdd6cc32fbdb5603995e45c2cba3bd60
3e5338633410c2714fa9c44ef5528c9a4cfa59c9
103af480989f65c65190deee9d9af15a94b98d040858b50647e694e628cfef4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:42 GMT
Last-Modified: Thu, 29 Sep 2022 20:41:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebb0e967f0fc1336702c06db04f14e92
6a943161f391bb6da370ca4d0937bf884155434c
6d8773833fc4e73a3bb17aac15bf1e0279fa3e702b27fde10fd39b683ac6fa50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebb0e967f0fc1336702c06db04f14e92
6a943161f391bb6da370ca4d0937bf884155434c
6d8773833fc4e73a3bb17aac15bf1e0279fa3e702b27fde10fd39b683ac6fa50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15995
Expires: Fri, 30 Sep 2022 01:41:17 GMT
Date: Thu, 29 Sep 2022 21:14:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15995
Expires: Fri, 30 Sep 2022 01:41:17 GMT
Date: Thu, 29 Sep 2022 21:14:42 GMT
Connection: keep-alive
ehasnoconve.xyz/utx?cb=WO1qjE4DcJBo&top=bayfiles.com&tid=756376
143.204.55.54204 No Content 0 B URL HTTP/2 ehasnoconve.xyz/utx?cb=WO1qjE4DcJBo&top=bayfiles.com&tid=756376
IP 143.204.55.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=WO1qjE4DcJBo&top=bayfiles.com&tid=756376 HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 21:15:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gPDrCEPB4yXhorhNQTEoHVQIflKVOGXouaTtteEW31TvLxT77na7gQ==
X-Firefox-Spdy: h2
ehasnoconve.xyz/utx?cb=HDHXX3AfiRe8&top=bayfiles.com&tid=737333
143.204.55.54204 No Content 0 B URL HTTP/2 ehasnoconve.xyz/utx?cb=HDHXX3AfiRe8&top=bayfiles.com&tid=737333
IP 143.204.55.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=HDHXX3AfiRe8&top=bayfiles.com&tid=737333 HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 21:15:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m1hmr-l-k1G3_E-L2__Qgd2-PysXCD-9OxNcL5fusZ1OjVFDXDm-6g==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash 6742dece2feff3031849a7995c6327a6
ec6d04e0ac2571968eaf9ca6628cb6445d17a656
a23640b3409befff6e47395985f967918aa62be09f5e87ecea77bc486a88e99e
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 21:14:42 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S2030991831%3A1664486082172083&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWq05197QW_Wcqqc8P_wypgVsAN0fEpZJfKchahfbD6eEUwGSvIISct467DYy0aL44861Hap
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--_V7ZLSH9-fmqexLun1hFg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:RzjGgVoqLUmZqPP-OS__25iInWThSA:3fbk0mYDEpPKWp8W;Path=/;Expires=Sat, 28-Sep-2024 21:14:42 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/aS1J3VVgoPRkzZz87E2hvfmREYm5tOAQ6NjtvGzktOAAEYx0FP1EhIi9vR3M0KjwQaH4uPBRoaW0zEzdlf3QDJTcgbxEzOzkrHCU9MytRIDl2PxgvMSc+FnBqDWdZZX15Yl8taXp3RBd9eWIbPDY+KlJnaDNqQQpuf3dEF315YgUjfXgTTmN2e3tSZ2gsNx-Q+N25gMWdoemJHZGh6d0VlPiIgEjM3M3dFE2F9fEdzLXZj
54.230.245.208200 OK 439 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/aS1J3VVgoPRkzZz87E2hvfmREYm5tOAQ6NjtvGzktOAAEYx0FP1EhIi9vR3M0KjwQaH4uPBRoaW0zEzdlf3QDJTcgbxEzOzkrHCU9MytRIDl2PxgvMSc+FnBqDWdZZX15Yl8taXp3RBd9eWIbPDY+KlJnaDNqQQpuf3dEF315YgUjfXgTTmN2e3tSZ2gsNx-Q+N25gMWdoemJHZGh6d0VlPiIgEjM3M3dFE2F9fEdzLXZj
IP 54.230.245.208:0
File type ASCII text, with very long lines (578), with no line terminators
Hash 06749d8f73df8b2dc74b1f4ca5a3f19b
ff9df741cd9eac90747a528edec4cbab33087d4c
e1663b727b546c7bfd0e8c9271762b5db304463f90d60305cb8f4747cace5565
Analyzer Verdict Alert fortinet Malware
GET /aS1J3VVgoPRkzZz87E2hvfmREYm5tOAQ6NjtvGzktOAAEYx0FP1EhIi9vR3M0KjwQaH4uPBRoaW0zEzdlf3QDJTcgbxEzOzkrHCU9MytRIDl2PxgvMSc+FnBqDWdZZX15Yl8taXp3RBd9eWIbPDY+KlJnaDNqQQpuf3dEF315YgUjfXgTTmN2e3tSZ2gsNx-Q+N25gMWdoemJHZGh6d0VlPiIgEjM3M3dFE2F9fEdzLXZj HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ehasnoconve.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 439
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rdlb8w78X2BCRlHN8j_IDvyYtTHNOqZOFMob3P8UiiNqtW4DCOcsoA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash c8463b231fdd1345e09b9ea76baac9c8
5c60d0ce0d400706d2aeaa25ae16c777a15d92d8
bc77b0c3d763d564fb6c8f2afc17db71505abcba750e8b118e74977096055f61
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 21:14:42 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1779002824%3A1664486082221207&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG6i3bodmzmLoAEYk3HFu9LRT5sRgjQSGjRen0upN2ceNpqWrylDsb4EBKTCb2xVx0b3Dt
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-MeQoi2B7SA0bFQbvlotKzg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:s3__7ckIlF80_Vg3X-0SIvPnIrYPeQ:fkLnVIhTheSqZNPz;Path=/;Expires=Sat, 28-Sep-2024 21:14:42 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdd6cc32fbdb5603995e45c2cba3bd60
3e5338633410c2714fa9c44ef5528c9a4cfa59c9
103af480989f65c65190deee9d9af15a94b98d040858b50647e694e628cfef4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 21:14:42 GMT
Last-Modified: Thu, 29 Sep 2022 20:41:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15995
Expires: Fri, 30 Sep 2022 01:41:17 GMT
Date: Thu, 29 Sep 2022 21:14:42 GMT
Connection: keep-alive
djv99sxoqpv11.cloudfront.net/UTmZIZkUtCSYAejoPLFtyfVF7VXBoDDsJKz5bKzAfPBIyKTw2QDwcIXNWbgokIAF1QCAgBXVXYy8CKltxaBMpWyghHCEKKS9DeiBwYFZtVHVmHnlXYH0kbVR1Ig8mEz1rVHgefXg5flJgfSRtVHU8EG1VBHdQZlZsa1R4ASAtDSdDdwhUeFd1fld4V2B8Vi-4PNysAJx5gfCBxUGt+QD1bdA
54.230.245.208200 OK 183 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/UTmZIZkUtCSYAejoPLFtyfVF7VXBoDDsJKz5bKzAfPBIyKTw2QDwcIXNWbgokIAF1QCAgBXVXYy8CKltxaBMpWyghHCEKKS9DeiBwYFZtVHVmHnlXYH0kbVR1Ig8mEz1rVHgefXg5flJgfSRtVHU8EG1VBHdQZlZsa1R4ASAtDSdDdwhUeFd1fld4V2B8Vi-4PNysAJx5gfCBxUGt+QD1bdA
IP 54.230.245.208:0
File type ASCII text, with no line terminators
Hash c5374f934681c9e8cadb81ba4eb70d99
092472d027e620e115b0c77b4d46b13612f423c7
fa0129bc47d98f5cda54ab3bdbf869338644a4c912b34c8e8b2be3bbfe41e70d
Analyzer Verdict Alert fortinet Malware
GET /UTmZIZkUtCSYAejoPLFtyfVF7VXBoDDsJKz5bKzAfPBIyKTw2QDwcIXNWbgokIAF1QCAgBXVXYy8CKltxaBMpWyghHCEKKS9DeiBwYFZtVHVmHnlXYH0kbVR1Ig8mEz1rVHgefXg5flJgfSRtVHU8EG1VBHdQZlZsa1R4ASAtDSdDdwhUeFd1fld4V2B8Vi-4PNysAJx5gfCBxUGt+QD1bdA HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ehasnoconve.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 183
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JU_LgRQD2sAsaWqH3unJo63CpQUS1QrO6ZtRsVtoaS6gIQ0H7DqhFQ==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/gamJTWlQJDT08ax4LN2djWVVgaWdMCCA1OhpfOD4wBFM3ORsCFAIPGVhEJyAwV1J1NjUEBW58MQQBbmtyCwYxZ2BMFiM1P1cENTkmEwkjPywTRCY7aQcNKTM4BgN2aBJfTGN/ZlpKK2tlT1ERf2ZaDjo0IRJHYWosUlQMbGBPURF/ZloQJX9nK1tldGRDR2-FqMw8BODVxWCRhamVaUmJqZU9QYzw9GAc1NSxPUBVjYkRSdS9pWw
54.230.245.208200 OK 543 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/gamJTWlQJDT08ax4LN2djWVVgaWdMCCA1OhpfOD4wBFM3ORsCFAIPGVhEJyAwV1J1NjUEBW58MQQBbmtyCwYxZ2BMFiM1P1cENTkmEwkjPywTRCY7aQcNKTM4BgN2aBJfTGN/ZlpKK2tlT1ERf2ZaDjo0IRJHYWosUlQMbGBPURF/ZloQJX9nK1tldGRDR2-FqMw8BODVxWCRhamVaUmJqZU9QYzw9GAc1NSxPUBVjYkRSdS9pWw
IP 54.230.245.208:0
File type ASCII text, with very long lines (766), with no line terminators
Hash 31cae890f84792f3dbe5b28ccc8d6a8e
e7a15229749fe2576198c0b6753c41ac9f4a3913
f915d5bf086179602ee7902bc53a415a2683d69048abea4940d1e7a4dc88e8ab
Analyzer Verdict Alert fortinet Malware
GET /gamJTWlQJDT08ax4LN2djWVVgaWdMCCA1OhpfOD4wBFM3ORsCFAIPGVhEJyAwV1J1NjUEBW58MQQBbmtyCwYxZ2BMFiM1P1cENTkmEwkjPywTRCY7aQcNKTM4BgN2aBJfTGN/ZlpKK2tlT1ERf2ZaDjo0IRJHYWosUlQMbGBPURF/ZloQJX9nK1tldGRDR2-FqMw8BODVxWCRhamVaUmJqZU9QYzw9GAc1NSxPUBVjYkRSdS9pWw HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ehasnoconve.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 543
date: Thu, 29 Sep 2022 21:14:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ww9pZI0L-JabgQIejV_h-uyOnBAwTLS6GGylBsuDigKqRFXjcizC1A==
X-Firefox-Spdy: h2
ehasnoconve.xyz/multi?cs=MFZzOUMIbkcJdgVmRw53CWZKAHQ&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&u=1913803340510735&agec=1664486082&fs=1&mbkb=178.25311942959&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_0kq0=1664486079519&crc=1
143.204.55.54200 OK 1.5 kB URL HTTP/2 ehasnoconve.xyz/multi?cs=MFZzOUMIbkcJdgVmRw53CWZKAHQ&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&u=1913803340510735&agec=1664486082&fs=1&mbkb=178.25311942959&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_0kq0=1664486079519&crc=1
IP 143.204.55.54:0
File type ASCII text, with very long lines (3143), with no line terminators
Hash c64ea93c02aff07d607fc5668e6d6a62
53f56b457b30e7b128b04af120727f46ed4c9643
b8aef9ec46adbc4c40dcacca4f7792e1a22424cb524a02f6b6abce19bef6dfdb
GET /multi?cs=MFZzOUMIbkcJdgVmRw53CWZKAHQ&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&u=1913803340510735&agec=1664486082&fs=1&mbkb=178.25311942959&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_0kq0=1664486079519&crc=1 HTTP/1.1
Host: ehasnoconve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1505
date: Thu, 29 Sep 2022 21:14:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=18324631-123d-4ca0-932d-205efb15cad3
csu=1913803340510735
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PYiK-l2BUtJGqCKolBXBxgbKBLIaLYowrcGxWLQJr14L3eWes8nxNQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:14:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:14:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:14:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 21:14:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 60843
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 84257
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 83385
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 84301
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 7.8 kB IP 172.64.199.35:0
File type ASCII text, with no line terminators
Hash 3b8cfab92adfe2979ce894c1a13b6d0f
13f49c60db27ab88ab269f675e590ea5ee8992bb
b3e4f5e180aa04d80395823c63de1111c482a9305e84d121b2a0f6beb8b6b256
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 21:14:42 GMT
content-type: text/plain
set-cookie: csu=558328988269819@1@1664486082; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty%2BqScEXhYn9hLq%2BM0NZl0OdkX9qrmDE5mvM1AphEnOQT7BPxB0jjDHWtWz7xfzg7hTr3pYyiTYa5o1%2F9xid7Is2oLYLTNyNMlGVETvtWMuA40uAIQ6W2aPEmBOMxn3V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7527baddbf4675de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 110 kB IP 172.64.199.35:0
Size 110 kB (110259 bytes)
Hash c79b8ad481ffc300df138aad382313c5
e587fc492f1bc5afce6658b61df07fc837e7c713
b5aac1f81de218c8ab53aedaaa98d534bf9217127e504ce2211dc4f56d37843e
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 29 Sep 2022 21:14:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 91
last-modified: Thu, 29 Sep 2022 21:13:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9pcHVBWxFZmlLP4OBZ172a%2FOV4uX2hTTGjqRG8A55q7nBtqgAlX5NUQwSBLhnhy5iYBWK%2FGjV3dCjI996fVyhYOOEB8u%2FNQSxXNvL9xZXFEoufaW7imyk1Uiy3C6ISr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7527baddbf4175de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1779002824%3A1664486082221207&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG6i3bodmzmLoAEYk3HFu9LRT5sRgjQSGjRen0upN2ceNpqWrylDsb4EBKTCb2xVx0b3Dt
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1779002824%3A1664486082221207&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG6i3bodmzmLoAEYk3HFu9LRT5sRgjQSGjRen0upN2ceNpqWrylDsb4EBKTCb2xVx0b3Dt
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1779002824%3A1664486082221207&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG6i3bodmzmLoAEYk3HFu9LRT5sRgjQSGjRen0upN2ceNpqWrylDsb4EBKTCb2xVx0b3Dt HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 21:14:42 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-N-z7y6nd2umZZmqeXtOClA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=Ksu-mqw57NU5_UTQDTCdc1Dn2siDOjvEBj5yFZBD7Pcw71B_5sIAAsbQRFTRjTgK-EnEBN03OZVENEtsTf95-itArTYD5fvEUiKPFUmYGXuQBIJltSwDso0ZbsEpeW5RwXK1LxCONVONf9LQ3-bQscXtlziMSLpCmBtWMH9c-Z4; expires=Fri, 31-Mar-2023 21:14:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 29 Sep 2022 21:14:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 91
last-modified: Thu, 29 Sep 2022 21:13:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyQRJpf2vp2m%2FMkGL%2BLJNHlY7fMi8euLTRuHt1ugoH9HetlPMvxMkf6M%2Bx4BInQD91bCgjIFrHN0fx1ljrmp2Nkq67FGmlbHX%2F%2F6o6YBnxUaYir2tMbesf7IiGydsk2g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7527baddbf4475de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S2030991831%3A1664486082172083&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWq05197QW_Wcqqc8P_wypgVsAN0fEpZJfKchahfbD6eEUwGSvIISct467DYy0aL44861Hap
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S2030991831%3A1664486082172083&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWq05197QW_Wcqqc8P_wypgVsAN0fEpZJfKchahfbD6eEUwGSvIISct467DYy0aL44861Hap
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S2030991831%3A1664486082172083&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWq05197QW_Wcqqc8P_wypgVsAN0fEpZJfKchahfbD6eEUwGSvIISct467DYy0aL44861Hap HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 21:14:42 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-5KJhWsAh2ove5DRq2onJyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=bV3BRvFMOjGYNd0wZPgQ5EetsRbxu0SvrZROCTcDZtoUo02Bq_VPhqT3_suJKIYSROl7zm_S4-d87AkdUn1sFsymWN3fudgVgkm8uCu3Ui7OA3DNiEAgogom8cu18-OZWcfWknAtBcOgeT1S6uuXWYGJjLk8glQn5FwFEi-HQHA; expires=Fri, 31-Mar-2023 21:14:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xXC9GH52MrICq5a0R2ydeybSBwOrmKRrjJqqJ3C84Je7xnD2yvWvQ33/gDcazlSPMX/I0t/PgHS2z/gLQVqFWg==
date: Thu, 29 Sep 2022 21:14:42 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2