sakurafile.com/wy2iucvx9gf1/4600191673.rar
89.249.49.147200 OK 8.7 kB URL HTTP/1.1 sakurafile.com/wy2iucvx9gf1/4600191673.rar
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 6d8285696d623bc18547c7c862d79341
85bb2df9f20f8d8cf7d9dc960bdcfdf92e44ab0d
2105ba284eb7ed2b664d7517d640203ca910b8c23fd6ad0a5cf2bdb93366edda
GET /wy2iucvx9gf1/4600191673.rar HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Expires: Mon, 17 Oct 2022 21:02:45 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html ; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 20:51:31 GMT
Expires: Tue, 18 Oct 2022 21:09:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Cr3CmDDJOG4lv3AFT0Y1UJK0KmGrqogpVryH5-TIRCkyrVIZapwnFw==
Age: 679
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3007
Expires: Tue, 18 Oct 2022 21:52:57 GMT
Date: Tue, 18 Oct 2022 21:02:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10846
Expires: Wed, 19 Oct 2022 00:03:36 GMT
Date: Tue, 18 Oct 2022 21:02:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9cp5kIwCSA2iXSd2F79Sl3TsW3TfbD7MUii7c0Qm9Ci6h4AHxe8KgGeBbMhPxSNzWDXizEgiSmY=
x-amz-request-id: RND22TMP2S67XEEM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 20:36:01 GMT
age: 1609
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sakurafile.com/css/style.css
89.249.49.147200 OK 48 kB URL HTTP/1.1 sakurafile.com/css/style.css
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash ebf0d9b705a939be747e80fc5efb933e
e5e9b45ff5ef00ab97e7fb96bdec202cd144e3b7
d6196747f0e1d51259cd8f9b46749c27203bbfe0a453cc9a666ae479122d695f
GET /css/style.css HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "ba19-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 47641
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
sakurafile.com/js/jquery.cookie.js
89.249.49.147200 OK 4.0 kB URL HTTP/1.1 sakurafile.com/js/jquery.cookie.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (418)
Hash 1e16b14dcd3d882ec44ce1dfba605f33
b97d6de860c43539a1f4112fe1ab49a2f50e4688
38d424a116d57910c9d3233b1d6c0108287bd2c15f9784b0cab4f3f830913050
GET /js/jquery.cookie.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Accept-Ranges: bytes
Content-Length: 3989
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/js/paging.js
89.249.49.147200 OK 1.7 kB URL HTTP/1.1 sakurafile.com/js/paging.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document, ASCII text
Hash 43e50aa00ad654da80af8f7936afd4c6
fb5921b855cce329191077b7e93563029d703545
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
GET /js/paging.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "6ad-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 1709
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/js/jquery.paging.js
89.249.49.147200 OK 19 kB URL HTTP/1.1 sakurafile.com/js/jquery.paging.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
Hash d7a2c1c7af2a004a6d68e1e55b1cfb46
7fd6daa7076c30381880519ad06ef5639b19ee28
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
GET /js/jquery.paging.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "4ba5-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 19365
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
sakurafile.com/js/jquery-1.9.1.min.js
89.249.49.147200 OK 93 kB URL HTTP/1.1 sakurafile.com/js/jquery-1.9.1.min.js
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /js/jquery-1.9.1.min.js HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:45 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "169d5-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 21:02:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sakurafile.com/images/homecur.cur
89.249.49.147200 OK 1.2 kB URL HTTP/1.1 sakurafile.com/images/homecur.cur
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type MS Windows cursor resource - 1 icon, 16x16, hotspot @0x0\012- data
Hash fcbb13cd43bdf87ad66570bdbf56dea9
5e36d2de4943189afd2e60e7d725f19df7add2c7
a93eee4314f9387b8c3b2c3e10a3b086fd2f8a0e704cc2b76f9495f71801ee4e
GET /images/homecur.cur HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "47e-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
sakurafile.com/images/logo.png
89.249.49.147404 Not Found 1.0 kB URL HTTP/1.1 sakurafile.com/images/logo.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d91136cb1ed8d2bd49eaaf77c893a383
06a4f366867d41b263be3e518c2e50f293606251
93853950068a3f7cf0c3a98f494f00d9aeebb7914858642ad12372f012abde92
GET /images/logo.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 404 Not Found
Date: Tue, 18 Oct 2022 21:02:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:50 GMT
ETag: "3f0-5e9f38f0ef480"
Accept-Ranges: bytes
Content-Length: 1008
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
sakurafile.com/images/flags.png
89.249.49.147200 OK 15 kB URL HTTP/1.1 sakurafile.com/images/flags.png
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7e0406e09ea913dc344ca9974ec94a
084fcf2d8e96661354a7e563f64801dfd13bead7
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
GET /images/flags.png HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Last-Modified: Sat, 01 Oct 2022 06:52:51 GMT
ETag: "3b4c-5e9f38f1e36c0"
Accept-Ranges: bytes
Content-Length: 15180
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash 2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
date: Tue, 18 Oct 2022 20:57:59 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 1061225663
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:4935_2E69C9F0:0050_634F147B_26071:16C85
x-iplb-instance: 40744
sakurafile.com/wy2iucvx9gf1/favicon.ico
89.249.49.147200 OK 8.7 kB URL HTTP/1.1 sakurafile.com/wy2iucvx9gf1/favicon.ico
IP 89.249.49.147:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 11eebdb66edffab4fd7218d096cd7783
b50b2c420f0c3fe5e5ce284051311323f7ecb072
67be47e1e3e508c61a72438aae602c4072c299ff609de23f8ba150d4f3868175
GET /wy2iucvx9gf1/favicon.ico HTTP/1.1
Host: sakurafile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/wy2iucvx9gf1/4600191673.rar
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fcgid/2.3.9
Expires: Mon, 17 Oct 2022 21:02:46 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html ; charset=UTF-8
d2fbvay81k4ji3.cloudfront.net/?avbfd=930121
143.204.42.113200 OK 116 kB URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/?avbfd=930121
IP 143.204.42.113:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 116 kB (115556 bytes)
Hash c16e49f60dd9c9c65c82b0df65ec062b
0ebce126b036d8bd7d4c2216a734bdc0c4afe317
82c27e1858924652079d3e34874252286d5ca2fff86c5539010c8c9b00e5702f
GET /?avbfd=930121 HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
Content-Length: 115556
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -_VV96dFGSYHFmDC4nIC-0g2ITuzDDiFXkNEhVVjRNljL0BMAZnF3A==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 20:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 20:54:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W-kibXbRWlfCbwKDY3nfkVZ-JmG88VX4dTHaEBjM112YHyOBLvyHYg==
Age: 1151
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a90089c5c6ff60379ce085f4d9d3938b
4f06267b9b5a0b95aa19c2ca102cab3132b889be
5471a6986342429442ba83113da88f2ee89208789e4a79c9ca2996903482d982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5471A6986342429442BA83113DA88F2EE89208789E4A79C9CA2996903482D982"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6584
Expires: Tue, 18 Oct 2022 22:52:35 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a90089c5c6ff60379ce085f4d9d3938b
4f06267b9b5a0b95aa19c2ca102cab3132b889be
5471a6986342429442ba83113da88f2ee89208789e4a79c9ca2996903482d982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5471A6986342429442BA83113DA88F2EE89208789E4A79C9CA2996903482D982"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6584
Expires: Tue, 18 Oct 2022 22:52:35 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a90089c5c6ff60379ce085f4d9d3938b
4f06267b9b5a0b95aa19c2ca102cab3132b889be
5471a6986342429442ba83113da88f2ee89208789e4a79c9ca2996903482d982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5471A6986342429442BA83113DA88F2EE89208789E4A79C9CA2996903482D982"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6584
Expires: Tue, 18 Oct 2022 22:52:35 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
getherefwu.xyz/bWRTWHQMBjA1SwxZMX4BHwhufUYrQWEeEF8CMS4VFFxiM0AHDWB2FwELJjwSHws9LFoDASd9RisUMjVNJiobDT4sJwELJwVQFBQTASkLNE1aJmNpOS8wPzozFRQAHyUVJxshGxQyK2A8JQMkCzU/JR88Az8wET9ABjFjMDkuDQEAJysQGRNFLDwFaQAeNRINMi8sNwoxLwsxCEUkIBIgH1ghNBk4OA03OjAaKRcSGDs1BBsYSFYVHx87NAsAGw4gBSwRDxMwayBcVWUPNhohFDI9PzZiNywOAxopLCsQJRoOCTQLAAQqJWNhFy4TYhwmK105HSEJBRAbWVQ8Gz8iJgEbEjw6CGZuNig2MgAZVSMBCQMqKxUdIC82Ny42ByoHDyM8IQYgTT4BJH4eHgs9KEk+XGQtMRUHOTUFKw
54.230.111.98200 OK 1.2 kB URL HTTP/1.1 getherefwu.xyz/bWRTWHQMBjA1SwxZMX4BHwhufUYrQWEeEF8CMS4VFFxiM0AHDWB2FwELJjwSHws9LFoDASd9RisUMjVNJiobDT4sJwELJwVQFBQTASkLNE1aJmNpOS8wPzozFRQAHyUVJxshGxQyK2A8JQMkCzU/JR88Az8wET9ABjFjMDkuDQEAJysQGRNFLDwFaQAeNRINMi8sNwoxLwsxCEUkIBIgH1ghNBk4OA03OjAaKRcSGDs1BBsYSFYVHx87NAsAGw4gBSwRDxMwayBcVWUPNhohFDI9PzZiNywOAxopLCsQJRoOCTQLAAQqJWNhFy4TYhwmK105HSEJBRAbWVQ8Gz8iJgEbEjw6CGZuNig2MgAZVSMBCQMqKxUdIC82Ny42ByoHDyM8IQYgTT4BJH4eHgs9KEk+XGQtMRUHOTUFKw
IP 54.230.111.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3016), with no line terminators
Hash eae2177471b195ee3242c22c6a109f25
82dca042a7bfc6dd066a0154fd548f9e825f1b84
85afa732db39cc5c2cdeecf326731424ecc672c1b0c5e87ddaece7be4f09cf60
Analyzer Verdict Alert quad9 Sinkholed
GET /bWRTWHQMBjA1SwxZMX4BHwhufUYrQWEeEF8CMS4VFFxiM0AHDWB2FwELJjwSHws9LFoDASd9RisUMjVNJiobDT4sJwELJwVQFBQTASkLNE1aJmNpOS8wPzozFRQAHyUVJxshGxQyK2A8JQMkCzU/JR88Az8wET9ABjFjMDkuDQEAJysQGRNFLDwFaQAeNRINMi8sNwoxLwsxCEUkIBIgH1ghNBk4OA03OjAaKRcSGDs1BBsYSFYVHx87NAsAGw4gBSwRDxMwayBcVWUPNhohFDI9PzZiNywOAxopLCsQJRoOCTQLAAQqJWNhFy4TYhwmK105HSEJBRAbWVQ8Gz8iJgEbEjw6CGZuNig2MgAZVSMBCQMqKxUdIC82Ny42ByoHDyM8IQYgTT4BJH4eHgs9KEk+XGQtMRUHOTUFKw HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1173
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NDPvUIKwSgN7RoXy-A_VPWVwk9zgmxvKLkiLr1cfIJtXJhHdBdjmvg==
getherefwu.xyz/VEZzcVQ1JBAcazV7EVchJipOVGYSY0E3MGYgEQc1LX5CGmA+L0BfNzgpBhUyJikdBXo6IwdUZhI0EiQ8FhwePB8eP0swDBZ2GzsCICckHzwjEDU7BB0sOjsQBipCOxIaEiMwPy0MMgUGNiwmEhZlFEcrIzsFMQhtbBcyKBwfdQspBgUhADhlIB4nCyMsBSIZARgVIiYSLDEGPyNsEDQcYGQEQkURHjwAIRAjEwMrEgUqKzYOLBdCNw4NAh8pAT8+RDBkGhQkIgU7BTEoBjYePSYTZQBWQxYcKjEpABw1NyBlEhw8GzAQEzAZLDB2GyUFE3cJJzMFCzgIeTsMIR0nGyVCKwcDHhsGAjgMPhQ6EQcwGScgDAQaNgAOHDkMZRA7FBM3EisdM3IsAB46JHsWRGQBBwAzPGw
54.230.111.98200 OK 1.2 kB URL HTTP/1.1 getherefwu.xyz/VEZzcVQ1JBAcazV7EVchJipOVGYSY0E3MGYgEQc1LX5CGmA+L0BfNzgpBhUyJikdBXo6IwdUZhI0EiQ8FhwePB8eP0swDBZ2GzsCICckHzwjEDU7BB0sOjsQBipCOxIaEiMwPy0MMgUGNiwmEhZlFEcrIzsFMQhtbBcyKBwfdQspBgUhADhlIB4nCyMsBSIZARgVIiYSLDEGPyNsEDQcYGQEQkURHjwAIRAjEwMrEgUqKzYOLBdCNw4NAh8pAT8+RDBkGhQkIgU7BTEoBjYePSYTZQBWQxYcKjEpABw1NyBlEhw8GzAQEzAZLDB2GyUFE3cJJzMFCzgIeTsMIR0nGyVCKwcDHhsGAjgMPhQ6EQcwGScgDAQaNgAOHDkMZRA7FBM3EisdM3IsAB46JHsWRGQBBwAzPGw
IP 54.230.111.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Hash a9ca98453c240e19b0b5db851a5b7d7d
b180607c918bb057fb4e52ea2c86e5189fe79aba
65d06c3b1ae2dfc11fe419f919dcbb7b2a05d86335a0e0f738ef43f7005615e0
Analyzer Verdict Alert quad9 Sinkholed
GET /VEZzcVQ1JBAcazV7EVchJipOVGYSY0E3MGYgEQc1LX5CGmA+L0BfNzgpBhUyJikdBXo6IwdUZhI0EiQ8FhwePB8eP0swDBZ2GzsCICckHzwjEDU7BB0sOjsQBipCOxIaEiMwPy0MMgUGNiwmEhZlFEcrIzsFMQhtbBcyKBwfdQspBgUhADhlIB4nCyMsBSIZARgVIiYSLDEGPyNsEDQcYGQEQkURHjwAIRAjEwMrEgUqKzYOLBdCNw4NAh8pAT8+RDBkGhQkIgU7BTEoBjYePSYTZQBWQxYcKjEpABw1NyBlEhw8GzAQEzAZLDB2GyUFE3cJJzMFCzgIeTsMIR0nGyVCKwcDHhsGAjgMPhQ6EQcwGScgDAQaNgAOHDkMZRA7FBM3EisdM3IsAB46JHsWRGQBBwAzPGw HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1167
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3c-Zj7ITsT5f1PSq7eehOqd1u7t1k_hDMlAl3ARpuqyWV4IHfjsUcQ==
getherefwu.xyz/cjRMeFITVi8VbRMJLl4nAFhxXWA0EX4+NkBSLg4zCwx9E2YYXX9WMR5bORw0AFsiDHwcUThdYDR7Lj4QKGYbIQIiTi8SBSBTeSgKGlIUShQGVwocGT1dIwkRMEw4PSUZXwcpMSB3HiE7Fl18XWA0dSA+NRRNJzATGFAnISU/dwFKAEJlDUhiPQckKwEbYXgdEwFwBxITAncrSWMTQwIsAx92dBxjKHEHPzpCZX1AARR8KC8TNl9/NRBHfhUVOUtsIBcCEAcKPAoKfnQcYytRBhYqQH59Lj8WBxooASV+PDE1P2QDAggVYg8IOxNsHi8KNXI8HBc8URU8f0pHCjk5QHomSRYqXBYfMUJcLxw7CgAaD3QYRyMWIk9+ADoXJXwACBw
54.230.111.98200 OK 1.2 kB URL HTTP/1.1 getherefwu.xyz/cjRMeFITVi8VbRMJLl4nAFhxXWA0EX4+NkBSLg4zCwx9E2YYXX9WMR5bORw0AFsiDHwcUThdYDR7Lj4QKGYbIQIiTi8SBSBTeSgKGlIUShQGVwocGT1dIwkRMEw4PSUZXwcpMSB3HiE7Fl18XWA0dSA+NRRNJzATGFAnISU/dwFKAEJlDUhiPQckKwEbYXgdEwFwBxITAncrSWMTQwIsAx92dBxjKHEHPzpCZX1AARR8KC8TNl9/NRBHfhUVOUtsIBcCEAcKPAoKfnQcYytRBhYqQH59Lj8WBxooASV+PDE1P2QDAggVYg8IOxNsHi8KNXI8HBc8URU8f0pHCjk5QHomSRYqXBYfMUJcLxw7CgAaD3QYRyMWIk9+ADoXJXwACBw
IP 54.230.111.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2990), with no line terminators
Hash c31f42dfcabed2cdc0cac11c3c588b3c
1c0c194f876a19d3869ab16a3083c1e849b1c9ae
d5a7d910d9f1ccaac0602a4e11488fc0eb1d5bdd898b5fffce4c40b5d831c4dd
Analyzer Verdict Alert quad9 Sinkholed
GET /cjRMeFITVi8VbRMJLl4nAFhxXWA0EX4+NkBSLg4zCwx9E2YYXX9WMR5bORw0AFsiDHwcUThdYDR7Lj4QKGYbIQIiTi8SBSBTeSgKGlIUShQGVwocGT1dIwkRMEw4PSUZXwcpMSB3HiE7Fl18XWA0dSA+NRRNJzATGFAnISU/dwFKAEJlDUhiPQckKwEbYXgdEwFwBxITAncrSWMTQwIsAx92dBxjKHEHPzpCZX1AARR8KC8TNl9/NRBHfhUVOUtsIBcCEAcKPAoKfnQcYytRBhYqQH59Lj8WBxooASV+PDE1P2QDAggVYg8IOxNsHi8KNXI8HBc8URU8f0pHCjk5QHomSRYqXBYfMUJcLxw7CgAaD3QYRyMWIk9+ADoXJXwACBw HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1152
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LlOgJh_500A8PaGu68Z7CHxpT-e09Pbmfg5M_9p-bXPVpAmJPnyniA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3542
Cache-Control: max-age=129776
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:05:47 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
entriflingw.xyz/YmFDeWNNXiAKXgA0Mz03JVQVHyskVhVIE1QFCys5Og96SAckBmUNCgZcekpTU1NyXxMLBX5IRREVIg0WEVxyXwoMByxERRRccldQVk9xQE1SRzZEUkQVMxgEX1BlCRcWDX5IVVRXcktVW1Z7QFBa
104.21.31.33204 No Content 0 B URL HTTP/2 entriflingw.xyz/YmFDeWNNXiAKXgA0Mz03JVQVHyskVhVIE1QFCys5Og96SAckBmUNCgZcekpTU1NyXxMLBX5IRREVIg0WEVxyXwoMByxERRRccldQVk9xQE1SRzZEUkQVMxgEX1BlCRcWDX5IVVRXcktVW1Z7QFBa
IP 104.21.31.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YmFDeWNNXiAKXgA0Mz03JVQVHyskVhVIE1QFCys5Og96SAckBmUNCgZcekpTU1NyXxMLBX5IRREVIg0WEVxyXwoMByxERRRccldQVk9xQE1SRzZEUkQVMxgEX1BlCRcWDX5IVVRXcktVW1Z7QFBa HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aWb%2BaSvhcpkd2zBvrBk%2B0wfh85WRFURdVQXhCclXP6hnk%2B8vxRIEa8ri%2FtlkjP4WSDZTVeECFI98HTXEBzxGspkFGA3O3eKAXrMMsilTWAIZLGSLxlOB%2FqLLPPHC19kI%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c437a3f962fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
entriflingw.xyz/eFVxd1dXahIEahw5GRwGFD02FQEcZBAcERADQgc/KmcdIjQvZVcDPhxoSENnSWZJUScRMUxGcQshEAMiC2hAUT4WMx5KcQ5oQFlkTHtDTnlIcwRKZl4hARYwRWRXByMMOUxGYU5jQEVhQWJJTmJK
104.21.31.33204 No Content 0 B URL HTTP/2 entriflingw.xyz/eFVxd1dXahIEahw5GRwGFD02FQEcZBAcERADQgc/KmcdIjQvZVcDPhxoSENnSWZJUScRMUxGcQshEAMiC2hAUT4WMx5KcQ5oQFlkTHtDTnlIcwRKZl4hARYwRWRXByMMOUxGYU5jQEVhQWJJTmJK
IP 104.21.31.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eFVxd1dXahIEahw5GRwGFD02FQEcZBAcERADQgc/KmcdIjQvZVcDPhxoSENnSWZJUScRMUxGcQshEAMiC2hAUT4WMx5KcQ5oQFlkTHtDTnlIcwRKZl4hARYwRWRXByMMOUxGYU5jQEVhQWJJTmJK HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky%2FovIdUBG6tO7Y8GPwli%2BwZnlOjZnpvYZjsX0S435nUJ0WuWaXvj28q%2FM7diBbPQq4obVPjnBAwmGtPfC%2FiXKq%2BY93qL1WL3N3pdO6PZpmtdrBscdh%2BAvRvP4P9Yjo3tWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c437a3f963fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
entriflingw.xyz/bWRaSkhCWzk5dTogOTAROxQpCC83PTsnCS8laxw+DxNuAh5fKXw+IQlZY3l5WVFrbDgEAGd7cEsXLis8GBdne24ECjwldUsSZ3tmXUpoZHhLEWd7bhkUOy11XEIqPjwBWWt8fltVaHxxWlxjfHs
104.21.31.33204 No Content 0 B URL HTTP/2 entriflingw.xyz/bWRaSkhCWzk5dTogOTAROxQpCC83PTsnCS8laxw+DxNuAh5fKXw+IQlZY3l5WVFrbDgEAGd7cEsXLis8GBdne24ECjwldUsSZ3tmXUpoZHhLEWd7bhkUOy11XEIqPjwBWWt8fltVaHxxWlxjfHs
IP 104.21.31.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bWRaSkhCWzk5dTogOTAROxQpCC83PTsnCS8laxw+DxNuAh5fKXw+IQlZY3l5WVFrbDgEAGd7cEsXLis8GBdne24ECjwldUsSZ3tmXUpoZHhLEWd7bhkUOy11XEIqPjwBWWt8fltVaHxxWlxjfHs HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzAwI1bQPLdgbaw180Lxf4qChLyg6cRjWEWKQoq7lpdYDrhM3uAO81RoWqfaMDTfpa5UWMC19C6SVMEHp7uR9J1L%2BJur%2F0mNa%2F51hpdsfM5kR7ZYiN2wiLOcDBoCYGtUCM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c437a3f964fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a90089c5c6ff60379ce085f4d9d3938b
4f06267b9b5a0b95aa19c2ca102cab3132b889be
5471a6986342429442ba83113da88f2ee89208789e4a79c9ca2996903482d982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5471A6986342429442BA83113DA88F2EE89208789E4A79C9CA2996903482D982"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6584
Expires: Tue, 18 Oct 2022 22:52:35 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 325555f8766a0c9d9f4357e77e94cb07
21eb606142da285a6a6750fba560cd99fea1c34f
642b267a9dc106c9c6bac5bbfa574cd6b28a206fa6239d30b692bb148ebdc183
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5586
Cache-Control: max-age=153067
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Etag: "634eb194-1d7"
Expires: Thu, 20 Oct 2022 15:33:58 GMT
Last-Modified: Tue, 18 Oct 2022 14:00:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5184bc44914d41e00006a64e227f2587
f1854d16daa5ebd8fe53abf93d8492c18f7a026f
d4d172ce9d5d01a563fc406fce21dc36f9a95e08ab5d35c5fcbfda991d26f01e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4D172CE9D5D01A563FC406FCE21DC36F9A95E08AB5D35C5FCBFDA991D26F01E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9663
Expires: Tue, 18 Oct 2022 23:43:54 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5184bc44914d41e00006a64e227f2587
f1854d16daa5ebd8fe53abf93d8492c18f7a026f
d4d172ce9d5d01a563fc406fce21dc36f9a95e08ab5d35c5fcbfda991d26f01e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4D172CE9D5D01A563FC406FCE21DC36F9A95E08AB5D35C5FCBFDA991D26F01E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9663
Expires: Tue, 18 Oct 2022 23:43:54 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 54771211784c0c7057e8eec201a79967
d8a1ef8c9d62ae7212ba02f3b9086f486f319665
397b95796f0ec0d2a79673b5b37c5f0132337eee09e6acf9d477aa7b8b914080
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 54771211784c0c7057e8eec201a79967
d8a1ef8c9d62ae7212ba02f3b9086f486f319665
397b95796f0ec0d2a79673b5b37c5f0132337eee09e6acf9d477aa7b8b914080
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2fbvay81k4ji3.cloudfront.net/ObFBZRWYPPzcjWRg5PXhfX2FtcFdKOioqCBxtEwkkKQcRCRYidi0/AlFgfykHAjdkYwMCM2R0QA00O3hSSiU4eAsDKjApCg11awNTQmB8d1ZEKGh0Q18SfHdWADk3MB5JYmk9XloPb3FDXxJ8d1YeJnx2J1Vmd3VPSWJpIgMPOzZgVCpiaXRWXGFpdENeYD-8sFAk2Nj1DXhZgc0hcdix4Vw
143.204.42.113200 OK 181 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/ObFBZRWYPPzcjWRg5PXhfX2FtcFdKOioqCBxtEwkkKQcRCRYidi0/AlFgfykHAjdkYwMCM2R0QA00O3hSSiU4eAsDKjApCg11awNTQmB8d1ZEKGh0Q18SfHdWADk3MB5JYmk9XloPb3FDXxJ8d1YeJnx2J1Vmd3VPSWJpIgMPOzZgVCpiaXRWXGFpdENeYD-8sFAk2Nj1DXhZgc0hcdix4Vw
IP 143.204.42.113:0
File type ASCII text, with no line terminators
Hash c2f24a74dd494c052abd5a17057b6f22
2ab76a43c9736877dcf230a8963c6e873eff131f
0fc2350f1f00820de23b6c2547336f9cf51499998d89b653a461092862d3bf1d
GET /ObFBZRWYPPzcjWRg5PXhfX2FtcFdKOioqCBxtEwkkKQcRCRYidi0/AlFgfykHAjdkYwMCM2R0QA00O3hSSiU4eAsDKjApCg11awNTQmB8d1ZEKGh0Q18SfHdWADk3MB5JYmk9XloPb3FDXxJ8d1YeJnx2J1Vmd3VPSWJpIgMPOzZgVCpiaXRWXGFpdENeYD-8sFAk2Nj1DXhZgc0hcdix4Vw HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getherefwu.xyz/
HTTP/1.1 200 OK
Content-Length: 181
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MNlk7ZaDyNJhn5py32PG6XMV04NQ_Wri3MlRWd79vRjW3ZOmR0HAgA==
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 158c2ce6a0d67bdea7694818ddce87b3
1c0e94df3b191bf884ebca89a975f5239d7abedd
180c9e6afeb46164cb29360aa253a62df364e5d2d86f8f4580cd12587de3c0fc
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Oct 2022 21:02:51 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-805094783%3A1666126971761741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoLDSLbqfLD1wUtEgkCJ1FOLfSzFc9QsBocnj8OY6WmPkIpaHoMMJco7QaPENLsifkuX0Kl7Q
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-UsrgXY9wOSJdCYPzHBU6mA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:mWpvixP_zrJID-qfgYpO8sC7IrAXZA:C-9xt3IG4pT3cznX;Path=/;Expires=Thu, 17-Oct-2024 21:02:51 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d2fbvay81k4ji3.cloudfront.net/raUhBZmMKJy8AXB0hJVtaWnhwVFJPIjIJDRl1JFNTPAkyJAtRbjUcB1R4ZwoCBy98QAYHK3xXRQgsI1tXTzwxCQhULSQWFxwuNw8VGm40B14EJzsPDwUpZFQlXGZxQ1FZYDlXUkx7A0NRWSQoCBYRbXNWG1F+HlBXTHsDQ1FZOjdDUChxd0hTQG1zVgQMKy-oJRlsOc1ZSWXhwVlJMenEAChstJwkbTHoHX1VHeGcTXlg
143.204.42.113200 OK 470 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/raUhBZmMKJy8AXB0hJVtaWnhwVFJPIjIJDRl1JFNTPAkyJAtRbjUcB1R4ZwoCBy98QAYHK3xXRQgsI1tXTzwxCQhULSQWFxwuNw8VGm40B14EJzsPDwUpZFQlXGZxQ1FZYDlXUkx7A0NRWSQoCBYRbXNWG1F+HlBXTHsDQ1FZOjdDUChxd0hTQG1zVgQMKy-oJRlsOc1ZSWXhwVlJMenEAChstJwkbTHoHX1VHeGcTXlg
IP 143.204.42.113:0
File type ASCII text, with very long lines (649), with no line terminators
Hash 6f0ce1136ff218472881adcaa3a1bf80
0311b76b3cee5a5b0685c1ee7ef46ff79d636eef
24ea35145c241e43192f3b60648a84b50d71e27e8edc5882306b4f660b227d75
GET /raUhBZmMKJy8AXB0hJVtaWnhwVFJPIjIJDRl1JFNTPAkyJAtRbjUcB1R4ZwoCBy98QAYHK3xXRQgsI1tXTzwxCQhULSQWFxwuNw8VGm40B14EJzsPDwUpZFQlXGZxQ1FZYDlXUkx7A0NRWSQoCBYRbXNWG1F+HlBXTHsDQ1FZOjdDUChxd0hTQG1zVgQMKy-oJRlsOc1ZSWXhwVlJMenEAChstJwkbTHoHX1VHeGcTXlg HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getherefwu.xyz/
HTTP/1.1 200 OK
Content-Length: 470
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fntIUVm5KiY1oTLA68qyVaE1ecgvybJOoGBeAmQ5qRNYPHeAHmUFGg==
getherefwu.xyz/utx?cb=ApYVCbTOMawH&top=sakurafile.com&tid=930121
54.230.111.98204 No Content 0 B URL HTTP/2 getherefwu.xyz/utx?cb=ApYVCbTOMawH&top=sakurafile.com&tid=930121
IP 54.230.111.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=ApYVCbTOMawH&top=sakurafile.com&tid=930121 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 18 Oct 2022 21:02:51 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 18 Oct 2022 21:03:51 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eNtjiMDBiiXu2Ygl0gtFdhmeH1_n1tdarbmNjgbvnYWtI10judDw9g==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash eb53463d6b1b79d5b6c8a3bf24fa990d
b175524c54f2e4c351b76558ab91a9b9296d12df
e2718ebc96eab830c4e9f0cc24d514596cb15b671baaae3a5bc666253a698e41
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Oct 2022 21:02:51 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1928414427%3A1666126971772755&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoIsHdK-oZGJ44G36V5XOcHYFd4FWHkqjyu29bFGehCEE2UjVPvx9bK50GBMKvXwjA6yLxfPQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-xoBxuOuQ67Z_UfgmtAsNBg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:LOt006rjZXDA2gNujxVe6qVxN2hELg:HOYFvEe73_N_7vNl;Path=/;Expires=Thu, 17-Oct-2024 21:02:51 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
getherefwu.xyz/utx?cb=Ir9yLDohyFe3&top=sakurafile.com&tid=940138
54.230.111.98204 No Content 0 B URL HTTP/2 getherefwu.xyz/utx?cb=Ir9yLDohyFe3&top=sakurafile.com&tid=940138
IP 54.230.111.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=Ir9yLDohyFe3&top=sakurafile.com&tid=940138 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sakurafile.com
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 18 Oct 2022 21:02:51 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://sakurafile.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 18 Oct 2022 21:03:51 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LppP4xne-jFGdANnQCW8tKxz0ldlMzhNfPnUIbjwa95iuBga-IlHxw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc71911d4c07bede48cfda542aba33f0
6332e65663215375ab3a4fd4e02d9557ef739b0d
c9078ff8f478fa763f2521bc0d1db2c4d4d48aa21c6f249331e236b6b53a0ecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2fbvay81k4ji3.cloudfront.net/pam9KNHUJACRSSh4GLglMXl97B01MBTlbGxpSGQxCHyoyVx8HHgwSARALdwRTBg4kU0hMCiRXSFtJK1AXV1tsQAUFBHdREBobP1IDAxk5EgALUidbDwMDJlVQWCl/GkVPXXocDVtebwc3T116WBwEGjIRR1oXcgIqXFtvBzdPXXpGA09cCw1DRF9jEUdaCC-9XHgVKeHJHWl56BERaXm8GRQwGOFETBRdvBjNTWWQEUx9Sew
143.204.42.113200 OK 468 B URL HTTP/1.1 d2fbvay81k4ji3.cloudfront.net/pam9KNHUJACRSSh4GLglMXl97B01MBTlbGxpSGQxCHyoyVx8HHgwSARALdwRTBg4kU0hMCiRXSFtJK1AXV1tsQAUFBHdREBobP1IDAxk5EgALUidbDwMDJlVQWCl/GkVPXXocDVtebwc3T116WBwEGjIRR1oXcgIqXFtvBzdPXXpGA09cCw1DRF9jEUdaCC-9XHgVKeHJHWl56BERaXm8GRQwGOFETBRdvBjNTWWQEUx9Sew
IP 143.204.42.113:0
File type ASCII text, with very long lines (655), with no line terminators
Hash a78415980c7875a7f59b0fa1b4161cc8
c85f65cb1fbd205c21356dda31a4edc4d77017cf
153b152ce3e036de3a26190505a2d42ee8cfa4a3b90058b6a00395849972eef7
GET /pam9KNHUJACRSSh4GLglMXl97B01MBTlbGxpSGQxCHyoyVx8HHgwSARALdwRTBg4kU0hMCiRXSFtJK1AXV1tsQAUFBHdREBobP1IDAxk5EgALUidbDwMDJlVQWCl/GkVPXXocDVtebwc3T116WBwEGjIRR1oXcgIqXFtvBzdPXXpGA09cCw1DRF9jEUdaCC-9XHgVKeHJHWl56BERaXm8GRQwGOFETBRdvBjNTWWQEUx9Sew HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getherefwu.xyz/
HTTP/1.1 200 OK
Content-Length: 468
Connection: keep-alive
Date: Tue, 18 Oct 2022 21:02:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y0XDrPK70ssm9I9l9CuErdRSA3qJgMB9Nx3mwbCcblqM8j83VJiMPg==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 325555f8766a0c9d9f4357e77e94cb07
21eb606142da285a6a6750fba560cd99fea1c34f
642b267a9dc106c9c6bac5bbfa574cd6b28a206fa6239d30b692bb148ebdc183
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5586
Cache-Control: max-age=153067
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:02:51 GMT
Etag: "634eb194-1d7"
Expires: Thu, 20 Oct 2022 15:33:58 GMT
Last-Modified: Tue, 18 Oct 2022 14:00:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: abestZf44zyDAVaHMmf0Lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DID81SamH1SkPwlA3rgBCLeMHj0=
entriflingw.xyz/popunder.gif
104.21.31.33200 OK 58 B URL HTTP/1.1 entriflingw.xyz/popunder.gif
IP 104.21.31.33:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sakurafile.com/
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:02:51 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 15035
Last-Modified: Tue, 18 Oct 2022 16:52:16 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1unWXymp6X3bZrXqOGZ8hbjdcxS8jG0%2FhidT0Se3KsqheP6BXNuibW6BL6pgyfaKbPDGaYZ7vHMyWkS727ZR9DyebK3o0iibYBozO0BeWNMUDsK0w4ZLibEH5b04TliY6TE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c437a69c25b4fa-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5184bc44914d41e00006a64e227f2587
f1854d16daa5ebd8fe53abf93d8492c18f7a026f
d4d172ce9d5d01a563fc406fce21dc36f9a95e08ab5d35c5fcbfda991d26f01e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4D172CE9D5D01A563FC406FCE21DC36F9A95E08AB5D35C5FCBFDA991D26F01E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9663
Expires: Tue, 18 Oct 2022 23:43:54 GMT
Date: Tue, 18 Oct 2022 21:02:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7696
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:02:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7696
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:02:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7696
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:02:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e7fd6e50e59e93dd5329060ecbe7fef
1d89b8268579f42b0265df7b14f77930033b23fe
7c03b8ca2822417615d12bc133b199bb64ccdba10aa0656d1dc6843c6471b39d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: ad5ca7f1-a21c-44d3-b419-dfa7cf868e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQZHPFIAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-38b229432e2fbaa8779daa52;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3swGcXfvHjtY3ftkOeHYvdVSkGp-yli3mp4ThWqq5ziNJ0pY5oKR6Q==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:44:53 GMT
age: 83880
etag: "1d89b8268579f42b0265df7b14f77930033b23fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a982179efd8986cbd25d330699da961
61b7ec9bac922d79593a325af174f598f5c5d484
385a31eca11d64df6b7cc405036f421bffa83eb7686a41e5ed4b14046a889586
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9125
x-amzn-requestid: 889f0762-3653-42f2-bde8-0d5ee0ae3588
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aK0atFSCoAMFjtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcddd-28f2443b4ed9c64847e91922;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:49:17 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sjDsq4oiWDy1Qo4Dia7Dp8TWWVb2mEsMrPedpxeZI32EVOmIwWa5rA==
via: 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:11:49 GMT
age: 82264
etag: "61b7ec9bac922d79593a325af174f598f5c5d484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddd17c7d44a2e136710171f237ded665
577a22b126e54bfe0e4e4ce26b0fb866bc7fe007
b1327c4f33db5488ae49b1c2f7d5b49804d4245fd0bd92c41005b9045281f2a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: c0479303-34b2-45d8-b794-4b83003312ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHjNXE81IAMFWaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c7f22-702cee0d437cbdc349efa2e8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:01:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eT73QK1fx-IvCFC2OGRnsLRxjaEkC2w-HZr5ri2D4NRBESTD5ktWrQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 00:37:22 GMT
age: 73531
etag: "577a22b126e54bfe0e4e4ce26b0fb866bc7fe007"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5f3e230617c19df2161f174976caa0c
4bca04916f92c53d5f56d7553ac3677a9a14c085
b59139f61666eea62bca4ff5bb8bf36a0093f484d865f7e7c54ef94f3d31139c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7205
x-amzn-requestid: 4534c655-60a2-41bd-ac80-d60614921988
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyQxHD6oAMFbig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dca6b-1e32b5bf437ab9586a2175c5;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 40h94ez_-c9FW6b9Hy3C-bSalxkwYOjKr4dDENUxNh6BhJA9mNh6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:11:49 GMT
age: 82264
etag: "4bca04916f92c53d5f56d7553ac3677a9a14c085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54edb9ab897821172fc13756df376ee7
2010f9656d87e6f5220f131628c537720c3673e1
6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-Blz23OttwJC3PacLqAd2IBfJkfEMXm4D1rhNveLqCtHyFDD9OwZw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 08:45:01 GMT
age: 44272
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e74f4de677631204256431e010756dd9
698ac04247bc52f9b200138ccfb8bf6184f3582f
a578e99e57e22f5ad3f8aaf102d80e4a6a79aab92ae1be6efdcf0c67968d31e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12891
x-amzn-requestid: 57575612-3eaa-4979-b7e6-4eca29498e9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyqfEkdIAMFvYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb0f-0cd3874a59496e6e2f685eab;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: elW7wJyFNsbA8-c-7GYRKTb7itH42gPtvvikA-MfIUflCVV0j5WiMw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:44:46 GMT
age: 83887
etag: "698ac04247bc52f9b200138ccfb8bf6184f3582f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-805094783%3A1666126971761741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoLDSLbqfLD1wUtEgkCJ1FOLfSzFc9QsBocnj8OY6WmPkIpaHoMMJco7QaPENLsifkuX0Kl7Q
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-805094783%3A1666126971761741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoLDSLbqfLD1wUtEgkCJ1FOLfSzFc9QsBocnj8OY6WmPkIpaHoMMJco7QaPENLsifkuX0Kl7Q
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-805094783%3A1666126971761741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoLDSLbqfLD1wUtEgkCJ1FOLfSzFc9QsBocnj8OY6WmPkIpaHoMMJco7QaPENLsifkuX0Kl7Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Oct 2022 21:02:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-B4dyx0srXatpMosJtfhtgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sakurafile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DVLk9jxZ5RfxIJ+e7g6bdDMVwOqk3CZfL/lmEAdUt1DAp3Mxb97qvWA1M6lMaCBThP2gHT094DUeV9ZuhOrS0A==
date: Tue, 18 Oct 2022 21:02:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1928414427%3A1666126971772755&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoIsHdK-oZGJ44G36V5XOcHYFd4FWHkqjyu29bFGehCEE2UjVPvx9bK50GBMKvXwjA6yLxfPQ
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1928414427%3A1666126971772755&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoIsHdK-oZGJ44G36V5XOcHYFd4FWHkqjyu29bFGehCEE2UjVPvx9bK50GBMKvXwjA6yLxfPQ
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1928414427%3A1666126971772755&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoIsHdK-oZGJ44G36V5XOcHYFd4FWHkqjyu29bFGehCEE2UjVPvx9bK50GBMKvXwjA6yLxfPQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Oct 2022 21:02:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-LdUxEdJlPjgp0RXDY8DaaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:02:51 GMT
content-type: text/plain
set-cookie: csu=1152416283899329@1@1666126971; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQMBs1WmdM%2Bjfp1xnwVr5WIfDsu9Z2cWjXjVY%2BfAIUFkMOfhUrXcaw%2FWfzqoyu%2BcpNm90Z%2Bhr3RomoWABWpwQZGhI0CXR2EnjqizfJv%2FI4pzKbOt%2FtTWzfgphOhoZiMQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c437a58e3d0682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:02:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 18 Oct 2022 17:09:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEPDIPpClVcD59RPbPL5zDBYFdtQjUqG60xopSpKo0zL6A5oIUVodVDbFvphWnFLur515Io1zBwCCL5499gXCs%2Bq5nHyeEDv7y7FdpnqYhaSjVNAlvGMrAu1s3C9Bm1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c437a55df40682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sakurafile.com/
Origin: http://sakurafile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:02:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://sakurafile.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 18 Oct 2022 17:09:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=345V5XwaRX%2F8RROakR3Y8aqaasdh6FhxXX2Vxqrf%2FfrCyFyUrmHE1F1TlnEWIGUSTTF6iNDBaWadPGcHFfAYId%2Bkn6iFOrXKG6xl%2Bdjg8Xo4vLOEx98tbBQD9a%2FNjaEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c437a56df90682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2