www.upload-4ever.com/gt600rsn5kob
301 Moved Permanently 0 B URL HTTP/1.1 www.upload-4ever.com/gt600rsn5kob
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gt600rsn5kob HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Feb 2023 22:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Feb 2023 23:50:06 GMT
Location: https://www.upload-4ever.com/gt600rsn5kob
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg51zNbyk4LgnHudP6A%2FdezZCG04zq1iW8FInBv%2FZS%2FBgdD60MSV11vb9%2Bk8E5bwFGs0nNUuMPoRZoskTOk2fki388UneLJYsDVSM%2FDHYlos3G2dnCWjXM%2FJKsnShPv%2FqyU8YP6SsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e384c04b740b65-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Fri, 24 Feb 2023 00:19:54 GMT
Date: Thu, 23 Feb 2023 22:50:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16613
Expires: Fri, 24 Feb 2023 03:27:00 GMT
Date: Thu, 23 Feb 2023 22:50:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 21:53:57 GMT
content-type: application/json
age: 3370
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f22ee8ff5d175fc77e6bd4f345e2a275
c74fa0a358a620fbf6c87ba320d558f03ce16537
f3d3cd593d12a66150e4dedf8ada8a394003071a324a6d598ed19cfd752bde08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: max-age=118282
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:07 GMT
Etag: "63f6ff9e-118"
Expires: Sat, 25 Feb 2023 07:41:29 GMT
Last-Modified: Thu, 23 Feb 2023 05:54:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2412
Expires: Thu, 23 Feb 2023 23:30:19 GMT
Date: Thu, 23 Feb 2023 22:50:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HKE7ffZxr60658YWECSKdh5NngACNVg7gxMXNTLuqjEfUEZTJVBUIARo+09BU9fEGWb0W0VYrr5PC5Ostf8JGA==
x-amz-request-id: AWAWHJVYC9YKT7C6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 22:49:27 GMT
age: 40
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 22:50:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f22ee8ff5d175fc77e6bd4f345e2a275
c74fa0a358a620fbf6c87ba320d558f03ce16537
f3d3cd593d12a66150e4dedf8ada8a394003071a324a6d598ed19cfd752bde08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: max-age=118282
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:07 GMT
Etag: "63f6ff9e-118"
Expires: Sat, 25 Feb 2023 07:41:29 GMT
Last-Modified: Thu, 23 Feb 2023 05:54:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
200 OK 130 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP
Size 130 kB (129845 bytes)
Hash bbf93e8c5934a1e8ad45e38ddd95e1e9
9c1cae6a82c860975abe5b71df1b751486ce2c8f
aa62245a0e6031e4ed7e943b955f174bf5683c4185036521e7527d30156e0086
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116588
date: Thu, 23 Feb 2023 22:50:07 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zbLfJXUnvwTNbQlkcY7iVuuhq-gQr9ENXsPKpe6TCCnQ9AnWe4WP1g==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a503e51f129578fd344ab97a28f9ee1a
f141944a32e73e8db4c362fefffac1b4c7043ad4
bf30c275ceab2a4c047f64f39761761f4a592d541c7a2627e0e01b935cd23f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF30C275CEAB2A4C047F64F39761761F4A592D541C7A2627E0E01B935CD23F7D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Fri, 24 Feb 2023 01:54:46 GMT
Date: Thu, 23 Feb 2023 22:50:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a503e51f129578fd344ab97a28f9ee1a
f141944a32e73e8db4c362fefffac1b4c7043ad4
bf30c275ceab2a4c047f64f39761761f4a592d541c7a2627e0e01b935cd23f7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF30C275CEAB2A4C047F64F39761761F4A592D541C7A2627E0E01B935CD23F7D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Fri, 24 Feb 2023 01:54:46 GMT
Date: Thu, 23 Feb 2023 22:50:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 22:20:35 GMT
age: 1772
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cagothie.net/tag.min.js
200 OK 24 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5b4e284543498d1238765a31b152cf9c
a6e82d871d11b6f393f76dc296e9e8850b67b062
695afcadc3c25703a91d713cb89d29fa18d4d5ae15a32fa245c89f77236cfcf2
GET /tag.min.js HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 22:50:07 GMT
content-type: text/javascript; charset=utf-8
content-length: 23689
content-encoding: br
x-trace-id: e5ff0d704fb88b89350a41fa29710981
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 22 Feb 2023 09:05:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2333
Expires: Thu, 23 Feb 2023 23:29:01 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
ayanpleasek.xyz/UWVuRHR+Wg03STUICjQlCScvEjI5Hz0RIgMwNgIwAzMkHREUDkgwHTVYV3NCYFRcYgQ4AVN1UiIRDzABIlhfYh0/AwF5UidYX2pHZUtddlpgQxt5RXcRHiUTbFRINAAlCVN1QmZSX31GZ1ZddkNj
204 No Content 0 B URL HTTP/2 ayanpleasek.xyz/UWVuRHR+Wg03STUICjQlCScvEjI5Hz0RIgMwNgIwAzMkHREUDkgwHTVYV3NCYFRcYgQ4AVN1UiIRDzABIlhfYh0/AwF5UidYX2pHZUtddlpgQxt5RXcRHiUTbFRINAAlCVN1QmZSX31GZ1ZddkNj
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UWVuRHR+Wg03STUICjQlCScvEjI5Hz0RIgMwNgIwAzMkHREUDkgwHTVYV3NCYFRcYgQ4AVN1UiIRDzABIlhfYh0/AwF5UidYX2pHZUtddlpgQxt5RXcRHiUTbFRINAAlCVN1QmZSX31GZ1ZddkNj HTTP/1.1
Host: ayanpleasek.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7IfSplBJOusvOGdWJU1XWL%2FAVN53aoMM55%2BPq6CtogQAusJBC2Q2VG%2Fi%2FGVK%2BC%2FhVdOaGTghVFYH7Z1%2BQMLUKe%2FTdDmnFGNml8qZynVKYQ5TVaNXCVAtNiSwiVHMeWcJ44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e384c7ea32b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/5/2726715/?oo=1&aab=1
200 OK 1.3 kB URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1
IP
File type JSON data\012- , ASCII text, with very long lines (2770), with no line terminators
Hash bd778a36b68ca7e8455705a702584a5b
b79f45d2e1feef735553516406616ba015adcfff
11fb3f940e146b7c1537e48b06a21cc8e55d707b1f8720024d8f0ff06b7cc92b
GET /5/2726715/?oo=1&aab=1 HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 22:50:07 GMT
content-type: application/json
x-trace-id: c2a785a93863d34f8818757221fd82ac
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=221c61d526e8482787141873badcf8d0; expires=Fri, 23 Feb 2024 22:50:07 GMT; path=/; secure; SameSite=None
oaidts=1677192607; expires=Fri, 23 Feb 2024 22:50:07 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ayanpleasek.xyz/a0FITEdEfis/eiZwDiQKWSYPLREmABA7NwUXGR4jKnMGGwYtBG44Lg98cXtxX3FwajcCJXV9YRg1KTgyGHx5ai4FJydxYR18eWJ0X297fmlaZz1xdk01OC0gVnBuPDMfLXV9cVx2eXV1XXJ7f3df
204 No Content 0 B URL HTTP/2 ayanpleasek.xyz/a0FITEdEfis/eiZwDiQKWSYPLREmABA7NwUXGR4jKnMGGwYtBG44Lg98cXtxX3FwajcCJXV9YRg1KTgyGHx5ai4FJydxYR18eWJ0X297fmlaZz1xdk01OC0gVnBuPDMfLXV9cVx2eXV1XXJ7f3df
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a0FITEdEfis/eiZwDiQKWSYPLREmABA7NwUXGR4jKnMGGwYtBG44Lg98cXtxX3FwajcCJXV9YRg1KTgyGHx5ai4FJydxYR18eWJ0X297fmlaZz1xdk01OC0gVnBuPDMfLXV9cVx2eXV1XXJ7f3df HTTP/1.1
Host: ayanpleasek.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFfm3X%2FBv3ge5yulG5uVOGprEkXHf69ILnkOAUzoH9kbHqHDdub5cSpikFKsFag3H1%2Bx9JkuaUcbGJvE1YGSTojGtZxaICUzRGhBNi%2BLFz4hQvHtVfFtg97cav5hhiHsIf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e384c81a65b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raglassofrum.cc/Z2syUEcGCVE9eAZWUHYyFQcPdXUhTgAWI1YBADoxUAlEMzQfGlV+JAsERzQhFQRcJGkJDkZ1dSEjfz1/EDxYOBUmLQZoBVcydQYABClwBiwlCkU/EiU+f2ERDCFhBgAtOHMofgA7XCQEJix3JiExLl4CdB8mYRE0KQpaZSIjBwZpBTU6eQgtDC1zYCs1O14/FzATayUUIVt3FBMlOWABdjQgZB4TJj1gaBMxJWEIEzEoZScJBCRKYAYsOmRgBCUPVhEPLTtlJwEyJWdpBTQMeCERDDF5ESoIIXM7AiYNRSQwNAx4IRNWGHASKlMPcwN3MQpzOAwwOh8CYlUtcWMFLCpfIAw1Ll0UABAAcQcvUhp3AiMDKnZhIzI6YDYhEBsCCBYlGXERDQIqdSMjJi0LBwpXG2oTEV8CegEGFyplPwkvLQoHCxA+dnYtFARcIHoDU1hhNzcPcSAoNh53Mw0Q
200 OK 1.2 kB URL HTTP/2 raglassofrum.cc/Z2syUEcGCVE9eAZWUHYyFQcPdXUhTgAWI1YBADoxUAlEMzQfGlV+JAsERzQhFQRcJGkJDkZ1dSEjfz1/EDxYOBUmLQZoBVcydQYABClwBiwlCkU/EiU+f2ERDCFhBgAtOHMofgA7XCQEJix3JiExLl4CdB8mYRE0KQpaZSIjBwZpBTU6eQgtDC1zYCs1O14/FzATayUUIVt3FBMlOWABdjQgZB4TJj1gaBMxJWEIEzEoZScJBCRKYAYsOmRgBCUPVhEPLTtlJwEyJWdpBTQMeCERDDF5ESoIIXM7AiYNRSQwNAx4IRNWGHASKlMPcwN3MQpzOAwwOh8CYlUtcWMFLCpfIAw1Ll0UABAAcQcvUhp3AiMDKnZhIzI6YDYhEBsCCBYlGXERDQIqdSMjJi0LBwpXG2oTEV8CegEGFyplPwkvLQoHCxA+dnYtFARcIHoDU1hhNzcPcSAoNh53Mw0Q
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash 7a4ea573844891cceecb4e4ab6c78e8d
d3c7bc288eb449096c35858966eed5fca4988e9a
8ca8839d6f446bf0999adbaccf81f302c809ad0c0c9b9d0585736bed66166642
GET /Z2syUEcGCVE9eAZWUHYyFQcPdXUhTgAWI1YBADoxUAlEMzQfGlV+JAsERzQhFQRcJGkJDkZ1dSEjfz1/EDxYOBUmLQZoBVcydQYABClwBiwlCkU/EiU+f2ERDCFhBgAtOHMofgA7XCQEJix3JiExLl4CdB8mYRE0KQpaZSIjBwZpBTU6eQgtDC1zYCs1O14/FzATayUUIVt3FBMlOWABdjQgZB4TJj1gaBMxJWEIEzEoZScJBCRKYAYsOmRgBCUPVhEPLTtlJwEyJWdpBTQMeCERDDF5ESoIIXM7AiYNRSQwNAx4IRNWGHASKlMPcwN3MQpzOAwwOh8CYlUtcWMFLCpfIAw1Ll0UABAAcQcvUhp3AiMDKnZhIzI6YDYhEBsCCBYlGXERDQIqdSMjJi0LBwpXG2oTEV8CegEGFyplPwkvLQoHCxA+dnYtFARcIHoDU1hhNzcPcSAoNh53Mw0Q HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1199
date: Thu, 23 Feb 2023 22:50:08 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: X0TaMDaZ5pUbEOPeySVtnbShEfO92jkummWPB9dIk2fLNeVfRdWmNw==
X-Firefox-Spdy: h2
raglassofrum.cc/cXEzSGIQE1AlXRBMUW4XAx0ObVA3VAEOBkAbASIURhNFKxEJAFRmAR0eRiwEAx5dPEwfFEdtUDcbZh8SHj51BRszIGktADIkdwwjJwBpJBoSMnQ8UTAzRxAyIjdrATooF3U/KxQnVCMzPhZhJywzM34AJzhCUQ4SPid3AUdDN3ceNxQ/WXAoJyBfeS8wRXgKNRVCeyAKKT50PyMwJAswLwkadx82QUBnClMrE1k/JDQddm1QNyFiPCwyGWUjMDcWVxE1NzJ7eSdIP2IdBCJCaSI1Fit+LA8/EGQZCkgoZnEAFB9pIjUZSGEYNRUUZxkRIxV1IDsgNmUkNkBcR34GHD9SDwlEQ2ohFisydBJHQzdkIycVKGQNLDUnQHwyGkhSLg83GWR5BTgoXg4AJSBDIiwGPFIQNiRUAQonGkF4DjUzEGsaOBsVS3E0MiAVIhEeH0N1Kz89dSAUHytyGA4hFnI
200 OK 1.2 kB URL HTTP/2 raglassofrum.cc/cXEzSGIQE1AlXRBMUW4XAx0ObVA3VAEOBkAbASIURhNFKxEJAFRmAR0eRiwEAx5dPEwfFEdtUDcbZh8SHj51BRszIGktADIkdwwjJwBpJBoSMnQ8UTAzRxAyIjdrATooF3U/KxQnVCMzPhZhJywzM34AJzhCUQ4SPid3AUdDN3ceNxQ/WXAoJyBfeS8wRXgKNRVCeyAKKT50PyMwJAswLwkadx82QUBnClMrE1k/JDQddm1QNyFiPCwyGWUjMDcWVxE1NzJ7eSdIP2IdBCJCaSI1Fit+LA8/EGQZCkgoZnEAFB9pIjUZSGEYNRUUZxkRIxV1IDsgNmUkNkBcR34GHD9SDwlEQ2ohFisydBJHQzdkIycVKGQNLDUnQHwyGkhSLg83GWR5BTgoXg4AJSBDIiwGPFIQNiRUAQonGkF4DjUzEGsaOBsVS3E0MiAVIhEeH0N1Kz89dSAUHytyGA4hFnI
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash c6c43c40818910f69ace3e5dc0b6ddf5
7599723dd3b0ce1eabef069fe95e7bcd2b431049
55db539750180a8402e99c10720da8a523e1f96f487d53ebeef43e40b9c1edc3
GET /cXEzSGIQE1AlXRBMUW4XAx0ObVA3VAEOBkAbASIURhNFKxEJAFRmAR0eRiwEAx5dPEwfFEdtUDcbZh8SHj51BRszIGktADIkdwwjJwBpJBoSMnQ8UTAzRxAyIjdrATooF3U/KxQnVCMzPhZhJywzM34AJzhCUQ4SPid3AUdDN3ceNxQ/WXAoJyBfeS8wRXgKNRVCeyAKKT50PyMwJAswLwkadx82QUBnClMrE1k/JDQddm1QNyFiPCwyGWUjMDcWVxE1NzJ7eSdIP2IdBCJCaSI1Fit+LA8/EGQZCkgoZnEAFB9pIjUZSGEYNRUUZxkRIxV1IDsgNmUkNkBcR34GHD9SDwlEQ2ohFisydBJHQzdkIycVKGQNLDUnQHwyGkhSLg83GWR5BTgoXg4AJSBDIiwGPFIQNiRUAQonGkF4DjUzEGsaOBsVS3E0MiAVIhEeH0N1Kz89dSAUHytyGA4hFnI HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1199
date: Thu, 23 Feb 2023 22:50:08 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 4uJdjg09sKaqXXaxKPOdaMGaDI14I6GyBkBS2Y4MxBrUZgZleQubcA==
X-Firefox-Spdy: h2
raglassofrum.cc/RXJ0SnckEBcnSCRPFmwCNx5Jb0UDV0YME3QYRiABchACKQQ9AxNkFCkdAS4RNx0aPlkrFwBvRQNAInstdyAfLUcKIBMtEzw/UXgxABwAMi4CMDwuRDEKJAsiNTgdLgUACiEGMy0gPAYzdVdGDC0uMzYvMxcFNSAANhMZECYOGx9/OhAGEwYjLkMneRMwPB4DIiBBDDI+PRZDACMiATwzGC48GgQyBDpFfy0pPEQvP30aPDMQNj03DzEcQQQkOAQ4Hi8aIRwmJx9xERkfRxxBBCQ+F0obLBoLCCYbJTEoIxM4JjoMMy0RIB4vGiYZNQ05cjQZLjAmQC4kEXRfOnoSATMODCR1HBcnJjIWPCIaHxkueRICKA4YPxwHJCMmETs3KQEmQiULEhIWHh0/Hwc9JwMNVB45GCsCSS8kBis2ex0wGkR8MHUR
200 OK 1.8 kB URL HTTP/2 raglassofrum.cc/RXJ0SnckEBcnSCRPFmwCNx5Jb0UDV0YME3QYRiABchACKQQ9AxNkFCkdAS4RNx0aPlkrFwBvRQNAInstdyAfLUcKIBMtEzw/UXgxABwAMi4CMDwuRDEKJAsiNTgdLgUACiEGMy0gPAYzdVdGDC0uMzYvMxcFNSAANhMZECYOGx9/OhAGEwYjLkMneRMwPB4DIiBBDDI+PRZDACMiATwzGC48GgQyBDpFfy0pPEQvP30aPDMQNj03DzEcQQQkOAQ4Hi8aIRwmJx9xERkfRxxBBCQ+F0obLBoLCCYbJTEoIxM4JjoMMy0RIB4vGiYZNQ05cjQZLjAmQC4kEXRfOnoSATMODCR1HBcnJjIWPCIaHxkueRICKA4YPxwHJCMmETs3KQEmQiULEhIWHh0/Hwc9JwMNVB45GCsCSS8kBis2ex0wGkR8MHUR
IP
Hash f193fba0ee483a2c87373f0a0d226344
488bf79e7852a973a9db6322f79a1d051ffbf694
29c278d95b6ed69bda4de666dfce4187a95e9b1a5e4398f327f925045624bc3d
GET /RXJ0SnckEBcnSCRPFmwCNx5Jb0UDV0YME3QYRiABchACKQQ9AxNkFCkdAS4RNx0aPlkrFwBvRQNAInstdyAfLUcKIBMtEzw/UXgxABwAMi4CMDwuRDEKJAsiNTgdLgUACiEGMy0gPAYzdVdGDC0uMzYvMxcFNSAANhMZECYOGx9/OhAGEwYjLkMneRMwPB4DIiBBDDI+PRZDACMiATwzGC48GgQyBDpFfy0pPEQvP30aPDMQNj03DzEcQQQkOAQ4Hi8aIRwmJx9xERkfRxxBBCQ+F0obLBoLCCYbJTEoIxM4JjoMMy0RIB4vGiYZNQ05cjQZLjAmQC4kEXRfOnoSATMODCR1HBcnJjIWPCIaHxkueRICKA4YPxwHJCMmETs3KQEmQiULEhIWHh0/Hwc9JwMNVB45GCsCSS8kBis2ex0wGkR8MHUR HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Thu, 23 Feb 2023 22:50:08 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 5HUWkgpjeo7yBbWrzdvER5ZgxzguVwnSksHEi9Y0slAve91r_4bpiA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Last-Modified: Thu, 23 Feb 2023 21:27:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c27dc8b124493de1831a83e287d1428
8cbcc7437171c33d06fa025e4c470226a73eeb28
d5eb3bb3fabe6eceeec57988ff6f99fe2fe03c954b12cf8108088a9be4485c29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 56cd85a02d031d2f7b794f1f2cfda4eb
878162e77393da15f0a1c8bf8a83a777a6caf317
15bc2ef238d6cf940adc4a29a31bd3fa0ee1712529d89c1a2fd74fb32d5ffe5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 4.9 kB IP
Hash f293399825d026a5f3a5d1125c627790
a7998bd48363ac68e4323088ec5d925f61a718df
8d2bc1abda1304f08e48d2abab94d7630cb08abbee312cea8932bd366d50efce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mB2qdYbKCEBYP9mUvrfBXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: stNDI0sw5YO4/Sc0CvZ5nr2Rl9U=
ssl.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 23 Feb 2023 22:41:40 GMT
expires: Fri, 24 Feb 2023 00:41:40 GMT
cache-control: public, max-age=7200
age: 508
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Thu, 23 Feb 2023 23:45:33 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Thu, 23 Feb 2023 23:45:33 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
raglassofrum.cc/utx?cb=sahUBTj8RULc&top=www.upload-4ever.com&tid=976112
204 No Content 0 B URL HTTP/2 raglassofrum.cc/utx?cb=sahUBTj8RULc&top=www.upload-4ever.com&tid=976112
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=sahUBTj8RULc&top=www.upload-4ever.com&tid=976112 HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 22:50:08 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Feb 2023 22:51:08 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7LxqcbuQSdva5S628tba2bBNHZ6QZpFDNnfn-giSqRMW6kgTrMratA==
X-Firefox-Spdy: h2
raglassofrum.cc/utx?cb=gOcnWlPaMLUW&top=www.upload-4ever.com&tid=976408
204 No Content 0 B URL HTTP/2 raglassofrum.cc/utx?cb=gOcnWlPaMLUW&top=www.upload-4ever.com&tid=976408
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=gOcnWlPaMLUW&top=www.upload-4ever.com&tid=976408 HTTP/1.1
Host: raglassofrum.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 22:50:08 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Feb 2023 22:51:08 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fb71d06ef6b006f750bfcf682863ded0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: fCexc40UGtKKnJVYEQkXmDflFLFtHLyDe6HKtkfRkU_hAtevsTE8Qw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Thu, 23 Feb 2023 23:45:33 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 6444c5ca1c32bdb5129735c26731f4cf
b1a30ea790293bfc486ce4090a13c49c66758559
b98ab8ea9d7b648bf1429b0926afeefffe1b40a73aabb047f9b0577bbd063f05
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 22:50:08 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1510069471%3A1677192608339413&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd3YaxOMMRDRd-3G1a5yoSHHvbevb3bBkReDPBFqUcpiWjmfsjqiHuK7suOlY6f4T55YPr1PQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-yqB5CrJy48raagGtKurerg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:wEaDTp1ZjZaVoag-a0-Xw7FnFN_iGQ:_2dyB-UgkqgA-68z;Path=/;Expires=Sat, 22-Feb-2025 22:50:08 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3649)
Hash 5920d7f555e8278cad825d60baf8503b
245ec2fd297cb53eec66ce2a4dd9d51fc37d8a0d
d8ea183f89ca153e1c2b664d16cedbc2c528ea1fd8b062a7761dada7000924a6
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Feb 2023 22:50:08 GMT
expires: Thu, 23 Feb 2023 22:50:08 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8923543700252927690
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Thu, 23 Feb 2023 23:45:33 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 56cd85a02d031d2f7b794f1f2cfda4eb
878162e77393da15f0a1c8bf8a83a777a6caf317
15bc2ef238d6cf940adc4a29a31bd3fa0ee1712529d89c1a2fd74fb32d5ffe5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 16bedb90a35b60d98db8a166ad73d22e
4be76dd6975d277343c9f3fd1da6635e1734f753
2ae142cbe5443777d868392aa863910659e5ea8cc4cbcb36a4d425b2b22ea176
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 22:50:08 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-352290554%3A1677192608370251&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeZZELnejI9aLsWKJ1MwcH5bVY9_HV8ObUENGuE3gMRxK7p4357L7P6qjmyCzsRTkm6g1HChQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-oS1iVtUOcNZA7WVUS0fxQw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:S6d728Aeirmj9IY2U8mxV47px9QJqw:Y2J6UFAY3RFgpvGW;Path=/;Expires=Sat, 22-Feb-2025 22:50:08 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
200 OK 503 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP
Hash 22ed48249f9e9529abadd57d3a95496a
437cb183d8bf52833d2a3a132266726407af0df0
24c73d485b3df19b32f9382ac389b8429cc050afdf164ebe8de127250080ee2e
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116588
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nW8X55s92H9yARskFEG3L2HUXLNJtaOFxUNhZHkCtKlbzJ9k9qWQWw==
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 12 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
Hash cb5828b4f2ad5b69664d32aca5ce6026
9a21767a7d53949c7bd01687d4a982837470a326
025a375fc5423cc41b243208c4d6f796f8d28f90b7d90e5d5d6ed5f33c67cd4a
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 10522aqjZrphYPTOez1BEyQ4aBx3a37Mzv0tTx2k2sVtoqFRs93dabiPVi5nHIzcEexo7qi6JG32UnR7DobMIA==
date: Thu, 23 Feb 2023 22:50:08 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Last-Modified: Thu, 23 Feb 2023 21:27:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
d1j2jv7bvcsxqg.cloudfront.net/HMm8wWjhRAF48B0YGVGcBBVkBawoUBUM1VkJSVGJSAx9gPntCAGEvfVElR3xMSAsNah5eDl49BRQKXjkFA0lRPloPWxYuSF0EDTBRRQ1SKVNTAVR8TVNSXTVCWwNcOx0AKQV0CBddAHJPWwFUNU9BSgJqVkZKAmoJAkEAfwtwSgJqT1sBBm4dAS0VaAhKWQ-R/C3BKAmpKREoDGwkCWh5qERddAD1dUQRffwp0XQBrCAJeAGsdAF9WM0pXCV8iHQApAWoNHF8WLwUD
200 OK 521 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/HMm8wWjhRAF48B0YGVGcBBVkBawoUBUM1VkJSVGJSAx9gPntCAGEvfVElR3xMSAsNah5eDl49BRQKXjkFA0lRPloPWxYuSF0EDTBRRQ1SKVNTAVR8TVNSXTVCWwNcOx0AKQV0CBddAHJPWwFUNU9BSgJqVkZKAmoJAkEAfwtwSgJqT1sBBm4dAS0VaAhKWQ-R/C3BKAmpKREoDGwkCWh5qERddAD1dUQRffwp0XQBrCAJeAGsdAF9WM0pXCV8iHQApAWoNHF8WLwUD
IP
File type ASCII text, with very long lines (712), with no line terminators
Hash 29416e55b7101635e8f696386e569b36
869155f4800a7268ec1e311689878b21083b9632
29ff133cd28e24028e74f50aacedf105a958bbdf61822d5d4a2b3581ddcb4ee7
GET /HMm8wWjhRAF48B0YGVGcBBVkBawoUBUM1VkJSVGJSAx9gPntCAGEvfVElR3xMSAsNah5eDl49BRQKXjkFA0lRPloPWxYuSF0EDTBRRQ1SKVNTAVR8TVNSXTVCWwNcOx0AKQV0CBddAHJPWwFUNU9BSgJqVkZKAmoJAkEAfwtwSgJqT1sBBm4dAS0VaAhKWQ-R/C3BKAmpKREoDGwkCWh5qERddAD1dUQRffwp0XQBrCAJeAGsdAF9WM0pXCV8iHQApAWoNHF8WLwUD HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 521
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: encHTj1s1fllxkaLUbcHbvnpuGM3b5gad8uVDuDPKZyIDQEBs3cwng==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d5a81909f9ba52a4b5b4beca7189f10a
216a773aef7239d68c979f6c24013a31f085c779
79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1j2jv7bvcsxqg.cloudfront.net/jUWpoOFMyBQZebCUDDAVqZlxcCGt3ABtXPSFXIXYfFwIeVgkQOgRoNBBMHEI3bFpOVDI/DVUeNj8JVQl1MA4KBWd3HhhXOGwAAU8xMxkDWT01TB1ZbjwFElE/PQtNChVkRFgdYWFCH1E9NQUfS3ZjWgZMdmNaWQh9YU9benZjWh9RPWdeTQsRdFhYQGVlT1-t6dmNaGk52YitZCGZ/WkEdYWENDVs4Pk9afmFhW1gIYmFbTQpjNwMaXTU+Ek0KFWBaXRZjdx9VCQ
200 OK 567 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/jUWpoOFMyBQZebCUDDAVqZlxcCGt3ABtXPSFXIXYfFwIeVgkQOgRoNBBMHEI3bFpOVDI/DVUeNj8JVQl1MA4KBWd3HhhXOGwAAU8xMxkDWT01TB1ZbjwFElE/PQtNChVkRFgdYWFCH1E9NQUfS3ZjWgZMdmNaWQh9YU9benZjWh9RPWdeTQsRdFhYQGVlT1-t6dmNaGk52YitZCGZ/WkEdYWENDVs4Pk9afmFhW1gIYmFbTQpjNwMaXTU+Ek0KFWBaXRZjdx9VCQ
IP
File type ASCII text, with very long lines (794), with no line terminators
Hash 24ab3183b71a565ff8e67e589003d97e
3fe058aca13f85c796a1c4ac5ea3b191fdf10a88
05d4660a077fe71e98702ef7bbb958f681f818cca3d41bb432e3f69120093fad
GET /jUWpoOFMyBQZebCUDDAVqZlxcCGt3ABtXPSFXIXYfFwIeVgkQOgRoNBBMHEI3bFpOVDI/DVUeNj8JVQl1MA4KBWd3HhhXOGwAAU8xMxkDWT01TB1ZbjwFElE/PQtNChVkRFgdYWFCH1E9NQUfS3ZjWgZMdmNaWQh9YU9benZjWh9RPWdeTQsRdFhYQGVlT1-t6dmNaGk52YitZCGZ/WkEdYWENDVs4Pk9afmFhW1gIYmFbTQpjNwMaXTU+Ek0KFWBaXRZjdx9VCQ HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 567
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N2_chFe4hqiiiw286snOtveZ8_vxT6QvO_07ATDyhaWG3pDyJptd0A==
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=221c61d526e8482787141873badcf8d0
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=221c61d526e8482787141873badcf8d0
IP
File type JSON data\012- , ASCII text
Hash 09ce8a14197eca4ab51efa2026f1a89d
003e0baece2dfdac7ed0a02b20a5ee5772394aad
cb637218ac3c4a0dc42f6a9826284fa96d36604eae662ef16fe5f8326c1e5e9b
GET /gid.js?userId=221c61d526e8482787141873badcf8d0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=221c61d526e8482787141873badcf8d0; expires=Fri, 23 Feb 2024 22:50:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230222/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 23 Feb 2023 00:15:51 GMT
expires: Thu, 09 Mar 2023 00:15:51 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
age: 81257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1d6de03255d867fb8344f9dc8f732fcb
74283f272a386fbbf4cc910a990858206e198e5b
92f9d62d4714cbcd874dee5787a1d457e47f06bd9abbbb14edab0be73cf5424e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92F9D62D4714CBCD874DEE5787A1D457E47F06BD9ABBBB14EDAB0BE73CF5424E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Thu, 23 Feb 2023 23:45:33 GMT
Date: Thu, 23 Feb 2023 22:50:08 GMT
Connection: keep-alive
d1j2jv7bvcsxqg.cloudfront.net/2V1Z2Rkg0ORggdyM/EntxYGBHd3txPAUpJidrExULDhRHLD0/ZkABeDRwAjwsamZQKik5MUtgLTk1S3duNjIUe3xxIxd7JTgsHyokNnNEAH15ZlN0eH8hHygsOCEFY3pnOAJjemdnRmh4cmU0Y3pnIR8ofmNzRQRtZWYOcHxyZTRjemckAGN7FmdGc2Znf1-N0eDAzFS0ncmQwdHhmZkZ3eGZzRHYuPiQTICcvc0QAeWdjWHZuImtH
200 OK 186 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/2V1Z2Rkg0ORggdyM/EntxYGBHd3txPAUpJidrExULDhRHLD0/ZkABeDRwAjwsamZQKik5MUtgLTk1S3duNjIUe3xxIxd7JTgsHyokNnNEAH15ZlN0eH8hHygsOCEFY3pnOAJjemdnRmh4cmU0Y3pnIR8ofmNzRQRtZWYOcHxyZTRjemckAGN7FmdGc2Znf1-N0eDAzFS0ncmQwdHhmZkZ3eGZzRHYuPiQTICcvc0QAeWdjWHZuImtH
IP
File type ASCII text, with no line terminators
Hash c8c0211b21dc3ff7789bd12ffb6c4597
6efa9379de9c1f794390748bc0d18780e3b148d4
c6adecb2aaa6f602c32a40f936a52d1c48bc02acd824555a7fde8ccb3115df69
GET /2V1Z2Rkg0ORggdyM/EntxYGBHd3txPAUpJidrExULDhRHLD0/ZkABeDRwAjwsamZQKik5MUtgLTk1S3duNjIUe3xxIxd7JTgsHyokNnNEAH15ZlN0eH8hHygsOCEFY3pnOAJjemdnRmh4cmU0Y3pnIR8ofmNzRQRtZWYOcHxyZTRjemckAGN7FmdGc2Znf1-N0eDAzFS0ncmQwdHhmZkZ3eGZzRHYuPiQTICcvc0QAeWdjWHZuImtH HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raglassofrum.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 186
date: Thu, 23 Feb 2023 22:50:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apgSIaqhEIvtt8YHgm-evRtvz_KJPVUb9ubYrQkZNAyvGu_Qh0Kb3Q==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b071bc9b5482975fd106c517ecf32ce
779e5d086103fe19ae153f50606759302e88a5d9
ec5f6bf09033e5679826614f9fb79d296a69b16b755a428dee36548ca287ec69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370
302 Found 369 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2fc03bbdf9bf698308bd76eeafe1209e
8d4d490747d754a4b3013d102b88b1b718330be0
05e3889acfed66adc0be4f7db146ae9b74ebd9f58d9cbb3add9c9cfbdbeff48c
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 22:50:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e88c5158a176029a61adb32e89caf76d
996e3d1516ee1ce7af7f381a370509c901050146
031925a19f88298430161229d27ff7091945f35a3c294ba8441f238d7959a5fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b071bc9b5482975fd106c517ecf32ce
779e5d086103fe19ae153f50606759302e88a5d9
ec5f6bf09033e5679826614f9fb79d296a69b16b755a428dee36548ca287ec69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370
302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 22:50:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370&slf_rd=1&random=2619247584
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5c79f7689efb3e9384d23c012fbb7459
6383d131dec112059c3bb88971dc23ce47bc98f2
4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 22:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370&slf_rd=1&random=2619247584
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370&slf_rd=1&random=2619247584
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1556750835.1677192634&jid=1301179697&_v=5.7.2&z=1686699370&slf_rd=1&random=2619247584 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 22:50:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1510069471%3A1677192608339413&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd3YaxOMMRDRd-3G1a5yoSHHvbevb3bBkReDPBFqUcpiWjmfsjqiHuK7suOlY6f4T55YPr1PQ
403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1510069471%3A1677192608339413&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd3YaxOMMRDRd-3G1a5yoSHHvbevb3bBkReDPBFqUcpiWjmfsjqiHuK7suOlY6f4T55YPr1PQ
IP
Hash 58dd53332285ce7f8a8ba2a393ed8af1
be1fec9aec4027dfdbd2aac1ed555756ac0d14f1
0f79d677346879b3489aa8d4598a75f61c4b34507bdb0dd5d14f550cc5580d8c
GET /v3/signin/identifier?dsh=S1510069471%3A1677192608339413&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd3YaxOMMRDRd-3G1a5yoSHHvbevb3bBkReDPBFqUcpiWjmfsjqiHuK7suOlY6f4T55YPr1PQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 22:50:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-5dnyvKj0mE6nWLKR5ElkWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Thu, 23 Feb 2023 23:47:41 GMT
Date: Thu, 23 Feb 2023 22:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Thu, 23 Feb 2023 23:47:41 GMT
Date: Thu, 23 Feb 2023 22:50:09 GMT
Connection: keep-alive
www.upload-4ever.com/gt600rsn5kob
200 OK 52 kB URL HTTP/2 www.upload-4ever.com/gt600rsn5kob
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (54000)
Hash 9ed927e6d17c85fe4a55e6240fd239aa
c3afd5f19db495486935880fb5ad0ee4bd5b45c0
339f3bbc2bd5ad23ec14feb3f4deaf0c56e77d96aa54cd4beb39c8c32b746be3
GET /gt600rsn5kob HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Feb 2023 22:50:07 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Wed, 22 Feb 2023 22:50:07 GMT
set-cookie: aff=1012314; domain=.upload-4ever.com; path=/; expires=Thu, 09-Mar-2023 22:50:07 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zC2ol2MCmObPChEIwVSr%2FSpXGLZMnQlQHUVxxw%2F1r3IIqqWUQQm8I1S9t9NUXQfT05ezAZifLR%2FKCtnfnF1d7Gr5jYv7NVO1LPT3lQ4yri8kT4XCrx0CWxYc1lx%2F6I%2BmPkcS5n1Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e384c2ad5b1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 104 kB IP
Size 104 kB (104236 bytes)
Hash cb21220774dded4ee17d9a9866b5e8a5
439f971bec1ee866bfd068d4f829289ed1d0357d
34e7b43d333d20d95ddb5e893ab1b6e225bccdf77fd8439838e21fe3b5ba24b3
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2254
last-modified: Thu, 23 Feb 2023 22:12:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jKJYFEE7Q6qGs418PqQ2o5XS1DvJhMTQFPKVr9lXYRq0al0Gf%2FBOmpuUUMLeVYdtwBZJ4gy1ApZc3gs3BI6oOWyWOSALJab3rV42St0COGaHGP5TGaBKih80shwruYE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e384ca7aa271e1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Thu, 23 Feb 2023 23:47:41 GMT
Date: Thu, 23 Feb 2023 22:50:09 GMT
Connection: keep-alive
pogothere.xyz/
200 OK 5.5 kB IP
File type ASCII text, with no line terminators
Hash 6c6c6e14638fc2fc635305d33e4f276e
d375154300863adf018b7015e73239d0292f4ff1
e811d4c3845ea3bfd01554a00bf67d89c24efc4303b7a1a74fa69d03b75bdc7c
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: text/plain
set-cookie: csu=78728259510427@1@1677192608; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcOX60kDCgEr5xRAnMaprv2waf%2BUMn5w2I%2B4KrDB6mStNBAbmIeWtxeaqpAHtuED0rV0sDV1RRraZhAmhcC2n00fSt7s7I0FGdEwmOihblNCrWrNqeian0%2FUA%2B6%2Fx3AW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e384ca8aa571e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78bcc318c65f1f7b827f7ff792f14595
6bd53a60048a57322c3fc5d12c9f849e38fd2765
d83a699697cb6c728563b667e82a538237472ec86f841b34bc5f7639c94702e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11089
x-amzn-requestid: 8738c63f-1ac3-4ce9-afe7-d5bed232e4b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax-wyHd6IAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7119e-1fe3416019806b2550524e41;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:11:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UTWIOBVzeriNaMV_ROuRIwodof3mBbceNtk_eVlmDu01H2EtJH9-zA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:29:58 GMT
age: 55211
etag: "6bd53a60048a57322c3fc5d12c9f849e38fd2765"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb7ea2ae5c57468601af7b83ba36df84
06594136d66248e22f809e704863ab093995e804
95d91fe42664b7614d85dd6166cb26f0447dcc9ccb89c9c6849c324a0beddd6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff40ca96b-98d9-479f-b007-81e134852937.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4486
x-amzn-requestid: 2a23796a-c7b1-4030-aa4a-3082d442f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JTFwOoAMFd5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd4-7a3e4d161a3deba118b1a7d3;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nba7jmgEg0aM6n1teyRO6WbTpL7hurZTZ5dweewrobxeGCruzN_RhA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:54:08 GMT
etag: "06594136d66248e22f809e704863ab093995e804"
content-type: image/jpeg
age: 3361
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 112 kB IP
Size 112 kB (111787 bytes)
Hash 3851584c93accf7a1aadd8d68a2cc4ea
d7f71b04cfa8a97628fc99626a2251cbfd3c4018
6ab052771cc70f95e811c68f20fddd4d18d03f97e3a9452c28cd07b352f2c6b0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2254
last-modified: Thu, 23 Feb 2023 22:12:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QCyvaMBexUaGb9bgNWz54KfykgelGsRd7A9A6v8ENbVmpgiOEvDYbAPc3Fr9QR6NLi16izKgReYokXsO8jDYiNCWD9AwhYG6B86Ix%2BO4%2Bk%2B46A4thtV0UftRCuhHeiD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e384ca9abf71e1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6e0f61d-f4aa-4f95-9bb6-85293a1c2a7b.jpeg
200 OK 67 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6e0f61d-f4aa-4f95-9bb6-85293a1c2a7b.jpeg
IP
Hash 655e341a14f87d13d0ed06e0aaa95187
3a0682ad509360fafe9e2e0a02de74ab75f2958e
c43ab77309328854aa55448f37b4edea4ca215bd29a4a9ddc109829ca6ee789d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6e0f61d-f4aa-4f95-9bb6-85293a1c2a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4234
x-amzn-requestid: 555774d4-9947-40dc-a01c-4a0fcb4e2078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M5FUdoAMFY_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbeb-51fdadb066a95c0943d77264;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mkf2mhD61mrJDVubC_YtYZraPUDvIfpvqBWVtrLb6gWVhtZrHK6LbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:54 GMT
etag: "28b000d1da5b8a1f82152ebc91b3693512ba66ce"
content-type: image/jpeg
age: 4515
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
200 OK 31 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
Hash 3ee366317b51930b5a421b5eec377550
9047a66e3957b5dfec3895045398b9f30eed36dc
6252730477b5f817832d7414cd83c1cfd2d953856dc7cbcf969b3e2e6c4c7ad9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn6TjisRzQNNHhkTMjHjsiOQosH9A5TZVtJypfHstcjuAG-DLUbIag==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:54 GMT
age: 4515
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-352290554%3A1677192608370251&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeZZELnejI9aLsWKJ1MwcH5bVY9_HV8ObUENGuE3gMRxK7p4357L7P6qjmyCzsRTkm6g1HChQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-352290554%3A1677192608370251&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeZZELnejI9aLsWKJ1MwcH5bVY9_HV8ObUENGuE3gMRxK7p4357L7P6qjmyCzsRTkm6g1HChQ
IP
GET /v3/signin/identifier?dsh=S-352290554%3A1677192608370251&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeZZELnejI9aLsWKJ1MwcH5bVY9_HV8ObUENGuE3gMRxK7p4357L7P6qjmyCzsRTkm6g1HChQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 22:50:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-k5Wu9ZRMpILXxkS6TZyntw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: text/plain
set-cookie: csu=1042023820949962@1@1677192608; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfhSiPNBuSLgLzeMxlrnpEJv7snI7AhK94JAGzrsUya30DgsKMi9fFvM%2Btzi6snU%2FbqSuJrlPNToT0%2BZfP7cRhwjBC5ylClirUJvRFQ7XaBTLOWrh1ivCX7qhw%2B6JR5J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e384cb4bae71e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cagothie.net/?rb=TapkxXl68cSeduimrIAsExy0nKim_umocsWZ4dREyqW7bEgfLDYr7I9PdQfhKyqQfoQQqvYJuNKrx__INxCVO-5mEL91lhAhATB-D8n4bDa_eEOfrRfXiZhY4ncNJ8i1wf3SHambURf7E08HqoJfqZlbmBOn0fs9XK9pdAKe_Cq0zJ3o2SztMTt83Bm9ZKvcFg1yxQIZ7XkC9g1fY7tuDutfa9PReM2CIGGCtDw-SBLj0T4g&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fgt600rsn5kob&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=d9204eef-852c-4142-89e5-b7371fda4260&userId=221c61d526e8482787141873badcf8d0&m=link
200 OK 0 B URL HTTP/2 cagothie.net/?rb=TapkxXl68cSeduimrIAsExy0nKim_umocsWZ4dREyqW7bEgfLDYr7I9PdQfhKyqQfoQQqvYJuNKrx__INxCVO-5mEL91lhAhATB-D8n4bDa_eEOfrRfXiZhY4ncNJ8i1wf3SHambURf7E08HqoJfqZlbmBOn0fs9XK9pdAKe_Cq0zJ3o2SztMTt83Bm9ZKvcFg1yxQIZ7XkC9g1fY7tuDutfa9PReM2CIGGCtDw-SBLj0T4g&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fgt600rsn5kob&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=d9204eef-852c-4142-89e5-b7371fda4260&userId=221c61d526e8482787141873badcf8d0&m=link
IP
GET /?rb=TapkxXl68cSeduimrIAsExy0nKim_umocsWZ4dREyqW7bEgfLDYr7I9PdQfhKyqQfoQQqvYJuNKrx__INxCVO-5mEL91lhAhATB-D8n4bDa_eEOfrRfXiZhY4ncNJ8i1wf3SHambURf7E08HqoJfqZlbmBOn0fs9XK9pdAKe_Cq0zJ3o2SztMTt83Bm9ZKvcFg1yxQIZ7XkC9g1fY7tuDutfa9PReM2CIGGCtDw-SBLj0T4g&request_ab2=0&zoneid=2726715&js_build=iclick-v1.491&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fgt600rsn5kob&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.491&bs=d9204eef-852c-4142-89e5-b7371fda4260&userId=221c61d526e8482787141873badcf8d0&m=link HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: OAID=221c61d526e8482787141873badcf8d0; oaidts=1677192607
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 22:50:08 GMT
content-type: application/json
x-trace-id: a8a65950915514d9ebd8b1f77e2f5149
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=221c61d526e8482787141873badcf8d0; expires=Fri, 23 Feb 2024 22:50:08 GMT; path=/; secure; SameSite=None
oaidts=1677192608; expires=Fri, 23 Feb 2024 22:50:08 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Mar 2023 22:50:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.152.107
139.45.197.238
188.114.97.1
104.21.12.131
31.13.72.36
23.36.76.226