www.upload-4ever.com/wrfvvguscirc/keygen%20autocom%202020.23.rar
172.67.152.107301 Moved Permanently 0 B URL HTTP/1.1 www.upload-4ever.com/wrfvvguscirc/keygen%20autocom%202020.23.rar
IP 172.67.152.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wrfvvguscirc/keygen%20autocom%202020.23.rar HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Feb 2023 09:10:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 21 Feb 2023 10:10:32 GMT
Location: https://www.upload-4ever.com/wrfvvguscirc/keygen%20autocom%202020.23.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Fh1AHNwx52FW1aDawYny0fs5pdRtoUqYfOl7svWY923fIgX4yvEmqP6rP5MgsUpqHEfu5LBNxoLguaL4%2BVpPGi2m4%2FzmkTsej1a1e14yWJedvkpOPg3hoxbrR9rUnUTPg24QDzFxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79ce59775cc81c06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6346
Expires: Tue, 21 Feb 2023 10:56:18 GMT
Date: Tue, 21 Feb 2023 09:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5720
Expires: Tue, 21 Feb 2023 10:45:53 GMT
Date: Tue, 21 Feb 2023 09:10:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6047
Expires: Tue, 21 Feb 2023 10:51:20 GMT
Date: Tue, 21 Feb 2023 09:10:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Feb 2023 08:38:04 GMT
content-type: application/json
age: 1949
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ukitxBCilfZALM2NhB+CK5uCoPFAZLfBr+nl9M85I3ZfLb2VNca218YxaIpSJUk2Ci9J+F1t0VIPTc12LTy5gw==
x-amz-request-id: 9F6GBKMHZQ0CWD2Z
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Tue, 21 Feb 2023 08:52:41 GMT
age: 1072
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67bf20f66a04fefc75b5ab03816f331b
a9f56074cb3377284450549227e928c210db5b1b
c4fa6c232364b3073966d0b3690077894c0ddd9fa26d6c8da8ccd93ef698e89b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=166428
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:33 GMT
Etag: "63f45ccc-117"
Expires: Thu, 23 Feb 2023 07:24:21 GMT
Last-Modified: Tue, 21 Feb 2023 05:55:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:10:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67bf20f66a04fefc75b5ab03816f331b
a9f56074cb3377284450549227e928c210db5b1b
c4fa6c232364b3073966d0b3690077894c0ddd9fa26d6c8da8ccd93ef698e89b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=166428
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:33 GMT
Etag: "63f45ccc-117"
Expires: Thu, 23 Feb 2023 07:24:21 GMT
Last-Modified: Tue, 21 Feb 2023 05:55:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
www.upload-4ever.com/wrfvvguscirc/keygen%20autocom%202020.23.rar
172.67.152.107200 OK 68 kB URL HTTP/2 www.upload-4ever.com/wrfvvguscirc/keygen%20autocom%202020.23.rar
IP 172.67.152.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (54147)
Hash 5ce646630fa2f11cc3eb7cd91e915e7c
c8d184e56e17e5f968fbbb408390840703d6b8fb
0202321b5d5396402d7064f595cfefa480d76c1daeaeddb10a0378422d0bc4aa
GET /wrfvvguscirc/keygen%20autocom%202020.23.rar HTTP/1.1
Host: www.upload-4ever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:10:33 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Mon, 20 Feb 2023 09:10:33 GMT
cf-cache-status: BYPASS
set-cookie: aff=737; domain=.upload-4ever.com; path=/; expires=Tue, 07-Mar-2023 09:10:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0uMFgU%2FF%2FiBaLXutuAZFUP08QDFHeZID%2F3oUUHr85MrqJ4e%2Bas9q%2BVy%2F681j7szywk%2FuIYCQ3uDfzxwvcfm2VD3APxNSdROJWcrjuq3hhTx%2Bm8y9f6ngAA1hlkbPaHRrDlgGN%2BhXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79ce5978be10b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 987 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
Hash 53c764d56b2e16c8cc63cc6fe4957f67
3b731890ab4b17e71d5c137e32e5d42f8559fedc
e0fe8f36a48bf7bd19da6138de98ae5f4d1500ed7d0fed36c5c43e9936d60fc1
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Feb 2023 08:51:26 GMT
age: 1147
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d987952cc7eb5d0a84958676ef5ac183
533afd805dde6bca3d0de59c3dd0220aee08b9e1
aa99cb1b07ee16381cc5f08f65efd39759c428ab8a494129811b52b8b38919a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA99CB1B07EE16381CC5F08F65EFD39759C428AB8A494129811B52B8B38919A0"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8202
Expires: Tue, 21 Feb 2023 11:27:15 GMT
Date: Tue, 21 Feb 2023 09:10:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d987952cc7eb5d0a84958676ef5ac183
533afd805dde6bca3d0de59c3dd0220aee08b9e1
aa99cb1b07ee16381cc5f08f65efd39759c428ab8a494129811b52b8b38919a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA99CB1B07EE16381CC5F08F65EFD39759C428AB8A494129811B52B8B38919A0"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8202
Expires: Tue, 21 Feb 2023 11:27:15 GMT
Date: Tue, 21 Feb 2023 09:10:33 GMT
Connection: keep-alive
cagothie.net/tag.min.js
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 43cbbc1dff1c3ca8c5dc7d6bb4b373e6
6ae37ca2f7053a7a2aefb3897781d6f6ca6488ba
52d7ee36e36e880fe775c6e10c9592bf532f2f0e456a43739f7c4398f5776fcd
GET /tag.min.js HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:10:33 GMT
content-type: text/javascript; charset=utf-8
content-length: 23689
content-encoding: br
x-trace-id: 00d4146e916c68dac312c3106de2592e
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 20 Feb 2023 12:24:32 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Tue, 21 Feb 2023 10:49:21 GMT
Date: Tue, 21 Feb 2023 09:10:33 GMT
Connection: keep-alive
gfdrkskillso.xyz/QkpCdTdtdSEGCiAdKh5mFBgnLVsmeiAjRycfCjddFBwqJlMFH2QBXiZ3e0IBc3txU0crLn9ED2Q5NhRDNzl/RBErJCQaCmQ8f0QZcmRwWwRkP39EETY6IxIKc2wyAUMud3NDAHRzdUUBcXl6TQE
188.114.97.1204 No Content 0 B URL HTTP/2 gfdrkskillso.xyz/QkpCdTdtdSEGCiAdKh5mFBgnLVsmeiAjRycfCjddFBwqJlMFH2QBXiZ3e0IBc3txU0crLn9ED2Q5NhRDNzl/RBErJCQaCmQ8f0QZcmRwWwRkP39EETY6IxIKc2wyAUMud3NDAHRzdUUBcXl6TQE
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /QkpCdTdtdSEGCiAdKh5mFBgnLVsmeiAjRycfCjddFBwqJlMFH2QBXiZ3e0IBc3txU0crLn9ED2Q5NhRDNzl/RBErJCQaCmQ8f0QZcmRwWwRkP39EETY6IxIKc2wyAUMud3NDAHRzdUUBcXl6TQE HTTP/1.1
Host: gfdrkskillso.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 09:10:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRVsKMNrWDEB3DxxqSKIQPZ6%2Bx%2BPo6uTKTpEsFt0HnP5t6PVHg68ZywwVlYeCWuNhdGeHv4EAlOT2USXrbgax43XC9u0jZIBDDFNomE6eWh%2BzcVTXEBYl%2FVL8nlIhsFjw9p%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79ce597dbb4bb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gfdrkskillso.xyz/VDlvSkl7Bgw5dAIJBwgaOX8FLxEWHF0IHxNdFy8RGmMNeSVnXDkTbyBQC3dwYw9ee3tySQYudGUfHD4oIEwcd3hyUAEsJmkfGXd4egpbZHpmF15sPGkIST45NV5Se28kTRsmdGUPWHxwYwlZeXpsD1c
188.114.97.1204 No Content 0 B URL HTTP/2 gfdrkskillso.xyz/VDlvSkl7Bgw5dAIJBwgaOX8FLxEWHF0IHxNdFy8RGmMNeSVnXDkTbyBQC3dwYw9ee3tySQYudGUfHD4oIEwcd3hyUAEsJmkfGXd4egpbZHpmF15sPGkIST45NV5Se28kTRsmdGUPWHxwYwlZeXpsD1c
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VDlvSkl7Bgw5dAIJBwgaOX8FLxEWHF0IHxNdFy8RGmMNeSVnXDkTbyBQC3dwYw9ee3tySQYudGUfHD4oIEwcd3hyUAEsJmkfGXd4egpbZHpmF15sPGkIST45NV5Se28kTRsmdGUPWHxwYwlZeXpsD1c HTTP/1.1
Host: gfdrkskillso.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 09:10:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTVxdPCsc2dUsJ1oW5wA1f15Qa0BBEkLiSHRZRYay%2FPQJRB5Rawzjkn27Z93qHc%2FSJltU%2FG%2B2SluZzewgjvHq%2FoI7k2eRf7OEJFTauByjNvbsvi%2FQZrC08JX640qrel1BNWE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79ce597dbb46b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gfdrkskillso.xyz/RHd5ZnBrSBoVTSUxERY9ABMYBzZ8PTgKNjQiOD81HCAVBDMFIl8SGSBKQFFGcEdBQAAtE0RXVjcDGBIFN0pIQBkqERZbVjJKSEhDcFlKVF51UQxbQWIDCQcXeUZfFgQwG0RXRnNBQFFAckRKX0B3
188.114.97.1204 No Content 0 B URL HTTP/2 gfdrkskillso.xyz/RHd5ZnBrSBoVTSUxERY9ABMYBzZ8PTgKNjQiOD81HCAVBDMFIl8SGSBKQFFGcEdBQAAtE0RXVjcDGBIFN0pIQBkqERZbVjJKSEhDcFlKVF51UQxbQWIDCQcXeUZfFgQwG0RXRnNBQFFAckRKX0B3
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RHd5ZnBrSBoVTSUxERY9ABMYBzZ8PTgKNjQiOD81HCAVBDMFIl8SGSBKQFFGcEdBQAAtE0RXVjcDGBIFN0pIQBkqERZbVjJKSEhDcFlKVF51UQxbQWIDCQcXeUZfFgQwG0RXRnNBQFFAckRKX0B3 HTTP/1.1
Host: gfdrkskillso.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 09:10:34 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym%2BYpMPKErXciYpFBaZJOJognjNPLtvqfugxLzJ0K1XdxHpvm%2F7mdSGqdEpOqI1PKqVQDB%2BAFJ55IMMMgJZJ%2BP45u%2F0gyXJOU37y9UVnCLprjCgpMKCe0b%2FFwxTgFm%2BKpsH7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79ce597ddb7cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obeyedortostr.cc/d0g3VFMWKlQ5bBZ1VXImBSQKcWExbQUSN0YiBT4lQCpBNyAPOVB6MBsnQjA1BSdZIH0ZLUNxYTFwVWU/IitwMx45IlgDBQ87QBkWRhpgE2oQGXEWGToxVDIRH3FcFjsEBnAXOCAFQCc+ETF2HxcxAkc3OwACdgBmBx5QZBE4JVsWBxB8Dho4RitkB2McAEAaACcMXBwSH3gFGDQcBXZnax8NYQEQOSEDDhE2BQM3Bj49YDo3HB5hJDUUG3oOERA7BR0kOQZvAzhBCnJlNxYfYRUBG3EPDik9Bm8DOB0PZg4JFRBxEBgcOEUOEh8tYGcrGQVcZTcWGxoNFCMeQA0JIgpTBQQbcWECIxEYXREHNj91bAkdElYMYR8jZhI/ESl/EhAgCVwjGR8deBUQMTBmPWYSKWASNiANXCcyIg0RPiAYJkdpARwtQCQRNCt+
108.157.229.97200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/d0g3VFMWKlQ5bBZ1VXImBSQKcWExbQUSN0YiBT4lQCpBNyAPOVB6MBsnQjA1BSdZIH0ZLUNxYTFwVWU/IitwMx45IlgDBQ87QBkWRhpgE2oQGXEWGToxVDIRH3FcFjsEBnAXOCAFQCc+ETF2HxcxAkc3OwACdgBmBx5QZBE4JVsWBxB8Dho4RitkB2McAEAaACcMXBwSH3gFGDQcBXZnax8NYQEQOSEDDhE2BQM3Bj49YDo3HB5hJDUUG3oOERA7BR0kOQZvAzhBCnJlNxYfYRUBG3EPDik9Bm8DOB0PZg4JFRBxEBgcOEUOEh8tYGcrGQVcZTcWGxoNFCMeQA0JIgpTBQQbcWECIxEYXREHNj91bAkdElYMYR8jZhI/ESl/EhAgCVwjGR8deBUQMTBmPWYSKWASNiANXCcyIg0RPiAYJkdpARwtQCQRNCt+
IP 108.157.229.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash 0c7624c5bf20b505581cc156a40cc27c
58f769066593cae85a5567cb4ab0b65b709ed0ee
b5df32417f2385326c0206244d2c9be531beb0f99000890f5569f4f411ca1ba4
GET /d0g3VFMWKlQ5bBZ1VXImBSQKcWExbQUSN0YiBT4lQCpBNyAPOVB6MBsnQjA1BSdZIH0ZLUNxYTFwVWU/IitwMx45IlgDBQ87QBkWRhpgE2oQGXEWGToxVDIRH3FcFjsEBnAXOCAFQCc+ETF2HxcxAkc3OwACdgBmBx5QZBE4JVsWBxB8Dho4RitkB2McAEAaACcMXBwSH3gFGDQcBXZnax8NYQEQOSEDDhE2BQM3Bj49YDo3HB5hJDUUG3oOERA7BR0kOQZvAzhBCnJlNxYfYRUBG3EPDik9Bm8DOB0PZg4JFRBxEBgcOEUOEh8tYGcrGQVcZTcWGxoNFCMeQA0JIgpTBQQbcWECIxEYXREHNj91bAkdElYMYR8jZhI/ESl/EhAgCVwjGR8deBUQMTBmPWYSKWASNiANXCcyIg0RPiAYJkdpARwtQCQRNCt+ HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1186
date: Tue, 21 Feb 2023 09:10:33 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 115d56d751589aa02dcc0096dd66b552.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 3F0ZBezGIioTNtg9HkCJouxq7woQSzocOYfbOSQJ4wkg-5lVIq-Tjw==
X-Firefox-Spdy: h2
obeyedortostr.cc/UlBmUDAzMgU9DzNtBHZFIDxbdQIUdVQWVGM6VDpGZTIQM0MqIQF+Uz4/EzRWID8IJB48NRJ1AhQWKRZyIjMIOFICJwUFYmInUxRlaxIiYmoLAVYjVR04CTR2OTgSF2QlGjc4eT4aNThIAgFeE3wVYAIIZgMdNzpiBwEKZWUfAQUGYgBkVxJIFBYlCGkbFg4/dggVXhh3AwVfElc1AjAURxsGViAVYBI8BVQRCDcgVwMBMwJmOAEhEmEhND88WzEUJGFZBQUoGXY/EisBZD00PzxbFBUwCl0KBgIcVTwGBAFXEx88FUgQHw5hWQUBJx94BR0JAQA1HgA8HT4yPgFANRQOM1IHKl8dYRZkLQl2OhM1EVw1ByA0exEUPxFxEGEDAEgUCDU+BToHMzRnERg/M2RiO0A6Qz0+Fm1AHCEcEnwFAC89ViIEMx0E
108.157.229.97200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/UlBmUDAzMgU9DzNtBHZFIDxbdQIUdVQWVGM6VDpGZTIQM0MqIQF+Uz4/EzRWID8IJB48NRJ1AhQWKRZyIjMIOFICJwUFYmInUxRlaxIiYmoLAVYjVR04CTR2OTgSF2QlGjc4eT4aNThIAgFeE3wVYAIIZgMdNzpiBwEKZWUfAQUGYgBkVxJIFBYlCGkbFg4/dggVXhh3AwVfElc1AjAURxsGViAVYBI8BVQRCDcgVwMBMwJmOAEhEmEhND88WzEUJGFZBQUoGXY/EisBZD00PzxbFBUwCl0KBgIcVTwGBAFXEx88FUgQHw5hWQUBJx94BR0JAQA1HgA8HT4yPgFANRQOM1IHKl8dYRZkLQl2OhM1EVw1ByA0exEUPxFxEGEDAEgUCDU+BToHMzRnERg/M2RiO0A6Qz0+Fm1AHCEcEnwFAC89ViIEMx0E
IP 108.157.229.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash c33a9e96f4bba07ada2f98363625bb9c
9b3054cb6b25d6158077d03ea3c581b588a8a882
a4d28ff8e1f383644864ccfb351c1eb2240648002cb1220099067623168652fe
GET /UlBmUDAzMgU9DzNtBHZFIDxbdQIUdVQWVGM6VDpGZTIQM0MqIQF+Uz4/EzRWID8IJB48NRJ1AhQWKRZyIjMIOFICJwUFYmInUxRlaxIiYmoLAVYjVR04CTR2OTgSF2QlGjc4eT4aNThIAgFeE3wVYAIIZgMdNzpiBwEKZWUfAQUGYgBkVxJIFBYlCGkbFg4/dggVXhh3AwVfElc1AjAURxsGViAVYBI8BVQRCDcgVwMBMwJmOAEhEmEhND88WzEUJGFZBQUoGXY/EisBZD00PzxbFBUwCl0KBgIcVTwGBAFXEx88FUgQHw5hWQUBJx94BR0JAQA1HgA8HT4yPgFANRQOM1IHKl8dYRZkLQl2OhM1EVw1ByA0exEUPxFxEGEDAEgUCDU+BToHMzRnERg/M2RiO0A6Qz0+Fm1AHCEcEnwFAC89ViIEMx0E HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Tue, 21 Feb 2023 09:10:33 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 115d56d751589aa02dcc0096dd66b552.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: BFvRAdi8mED-zixRuHn1iYRkcYWDt7KcdU81T5f2csxr662GUHAtKQ==
X-Firefox-Spdy: h2
obeyedortostr.cc/OFY3SXdZNFQkSFlrVW8CSjoKbEV+cwUPEwk8BSMBDzRBKgRAJ1BnFFQ5Qi0RSjlZPVlWM0NsRX48ZCQtaTdcBAd7AgMEEXxiZwcxXGBRHzVQAQQPBHwVeg87bCZVCDNIZ3gzLn4BXyo9fBVtKDlQb1EHMk9legg9TAFaHBp6LAMHEVUhcxkQVHMFCxIIF08NHn5lYicuXRtOHDlaBw88J2khXgsjUyx2Iw91GF49FWgHYnw+TzkPCkViYn4OIX01BXAiYRN+eT5PMQcLI2ljZns9WRpjfDNhOkcwElM+UB1EeR9mez1ZGHQEPmI6AiQSawQGHj91L2IOWmoGVAgffA9bJg9oE3kjPAscARxEDTdWJE5tD3Z5GnMHB2xFfgIEDDpuEXUrFAsmbxAxTDtSDy4KF00MAXkSDxotVjFQECFIZG0PLQoeBHxAHjxEJhlIa2cZQUkGYnkjezxBeQJtb1M
108.157.229.97200 OK 1.2 kB URL HTTP/2 obeyedortostr.cc/OFY3SXdZNFQkSFlrVW8CSjoKbEV+cwUPEwk8BSMBDzRBKgRAJ1BnFFQ5Qi0RSjlZPVlWM0NsRX48ZCQtaTdcBAd7AgMEEXxiZwcxXGBRHzVQAQQPBHwVeg87bCZVCDNIZ3gzLn4BXyo9fBVtKDlQb1EHMk9legg9TAFaHBp6LAMHEVUhcxkQVHMFCxIIF08NHn5lYicuXRtOHDlaBw88J2khXgsjUyx2Iw91GF49FWgHYnw+TzkPCkViYn4OIX01BXAiYRN+eT5PMQcLI2ljZns9WRpjfDNhOkcwElM+UB1EeR9mez1ZGHQEPmI6AiQSawQGHj91L2IOWmoGVAgffA9bJg9oE3kjPAscARxEDTdWJE5tD3Z5GnMHB2xFfgIEDDpuEXUrFAsmbxAxTDtSDy4KF00MAXkSDxotVjFQECFIZG0PLQoeBHxAHjxEJhlIa2cZQUkGYnkjezxBeQJtb1M
IP 108.157.229.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash e29e76e6ce70f7a6b2e9c3b53631f0ff
fa82ad472c20eec78aae6355b0815607a01bb00a
5d1dd2c3eda1191e9ab66c2748debe2d9eebf26b8e969f0c890aad521a645716
GET /OFY3SXdZNFQkSFlrVW8CSjoKbEV+cwUPEwk8BSMBDzRBKgRAJ1BnFFQ5Qi0RSjlZPVlWM0NsRX48ZCQtaTdcBAd7AgMEEXxiZwcxXGBRHzVQAQQPBHwVeg87bCZVCDNIZ3gzLn4BXyo9fBVtKDlQb1EHMk9legg9TAFaHBp6LAMHEVUhcxkQVHMFCxIIF08NHn5lYicuXRtOHDlaBw88J2khXgsjUyx2Iw91GF49FWgHYnw+TzkPCkViYn4OIX01BXAiYRN+eT5PMQcLI2ljZns9WRpjfDNhOkcwElM+UB1EeR9mez1ZGHQEPmI6AiQSawQGHj91L2IOWmoGVAgffA9bJg9oE3kjPAscARxEDTdWJE5tD3Z5GnMHB2xFfgIEDDpuEXUrFAsmbxAxTDtSDy4KF00MAXkSDxotVjFQECFIZG0PLQoeBHxAHjxEJhlIa2cZQUkGYnkjezxBeQJtb1M HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Tue, 21 Feb 2023 09:10:33 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 115d56d751589aa02dcc0096dd66b552.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ghABwBvzSy14cDAsO2r__axh1RtINNKQPIYYod1ov_RP52oI6ZtEFw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.34.4.233101 Switching Protocols 16 kB URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.4.233:0
Hash 02fc1d1d9fa5e3def3b5aea11f782a5e
f8262b7a0da94499930a84c1963b79bb7084528e
f4e212a65bd1c0d66428ca0e16b24f5e9dfb73315d6a3cbdae7bcc3339fecf05
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y5tVVqOetM7ZbViwOcB/Ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yRjWtJGnbt/DyQ2Mo3ETEes1dpw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e92b7bb852b13b70a76783a804899232
7d49184483e5e2a8da350f23995917edfc0b747e
8bc7dc3017eec85ade72f43708e99aefe122941f3f81753186898fa6757d6d40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BC7DC3017EEC85ADE72F43708E99AEFE122941F3F81753186898FA6757D6D40"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11844
Expires: Tue, 21 Feb 2023 12:27:58 GMT
Date: Tue, 21 Feb 2023 09:10:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b510c08b72e922bbb9b68c74ca9c44b5
85950fbdb09c57b3531f401c3dc72b5a27f8d552
5abeebb812ed9b46fc3ac98fb948b151fa922c8f2a4ac99a60e6b561cbfaa586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1180
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Etag: "63f3ab6d-1d7"
Last-Modified: Tue, 21 Feb 2023 08:50:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cec1795729da89d9949cead8c2ea18e8
588bc0d5b65eb97ff9e57e0ec6f940616bad164a
2b0c1448791f2a02c5a047b0f5e5aa8ffe868bfa3778ba03af7a7ff79b8ac5b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash df29f8d0e5f861f7c5718cd5aa33358e
b1c844970a7f44345e33bfb47566444600454b96
1413d85f5cf82eeb272f76cf9e47bfe021a8dbfd121349a1cb797849b403931c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=291ca494a7f94be5918135028560e7c6
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=291ca494a7f94be5918135028560e7c6
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ccef3cac10220d0b3c7165ff3b7fc398
4b5a42803e0211755ed4d0fa34292c4009ae13c7
fe39f465a29fab5302b9f5ed6fa767176bd632b1545028a28fa318b85a665ce0
GET /gid.js?userId=291ca494a7f94be5918135028560e7c6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:10:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=291ca494a7f94be5918135028560e7c6; expires=Wed, 21 Feb 2024 09:10:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.8200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.8:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 21 Feb 2023 08:41:40 GMT
expires: Tue, 21 Feb 2023 10:41:40 GMT
cache-control: public, max-age=7200
age: 1734
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/8b1lUcGgMNjoWVxswME1RWG9gQFBJMycfBh9kBhsNGCkWMwsmfyAKDFJpchwJAT5pVg0BOmlBTg49Nk1cSS0kHwNSPDkHAh02LgkMA38hEVUCNi4ZBAM4cUIuWndkVVpfcSMZBgs2IwNNXWk6BE1daWVARl98ZzJNXWkjGQZZbXFDKkprZAheW3xnMk1daS-YGTVwYZUBdQWl9VVpfPjETAwB8ZjZaX2hkQFlfaHFCWAkwJhUOACFxQi5eaWFeWEksaUE
54.230.245.28200 OK 558 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/8b1lUcGgMNjoWVxswME1RWG9gQFBJMycfBh9kBhsNGCkWMwsmfyAKDFJpchwJAT5pVg0BOmlBTg49Nk1cSS0kHwNSPDkHAh02LgkMA38hEVUCNi4ZBAM4cUIuWndkVVpfcSMZBgs2IwNNXWk6BE1daWVARl98ZzJNXWkjGQZZbXFDKkprZAheW3xnMk1daS-YGTVwYZUBdQWl9VVpfPjETAwB8ZjZaX2hkQFlfaHFCWAkwJhUOACFxQi5eaWFeWEksaUE
IP 54.230.245.28:0
File type ASCII text, with very long lines (793), with no line terminators
Hash 59158bfd92356877f2a100a59332619d
85b4e910b0990e4f7fdadb56a7609bed1384b2af
ec06a4ff7b060d22939741ac441b8b4cb55e273c99ef22ebbc178e145f4533e1
GET /8b1lUcGgMNjoWVxswME1RWG9gQFBJMycfBh9kBhsNGCkWMwsmfyAKDFJpchwJAT5pVg0BOmlBTg49Nk1cSS0kHwNSPDkHAh02LgkMA38hEVUCNi4ZBAM4cUIuWndkVVpfcSMZBgs2IwNNXWk6BE1daWVARl98ZzJNXWkjGQZZbXFDKkprZAheW3xnMk1daS-YGTVwYZUBdQWl9VVpfPjETAwB8ZjZaX2hkQFlfaHFCWAkwJhUOACFxQi5eaWFeWEksaUE HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 558
date: Tue, 21 Feb 2023 09:10:34 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t3Wz68oi01yGx9UWzzsNMZiKJJDBzf83U6TzZdkeyMALplYz3dnU-w==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2570
Expires: Tue, 21 Feb 2023 09:53:24 GMT
Date: Tue, 21 Feb 2023 09:10:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2570
Expires: Tue, 21 Feb 2023 09:53:24 GMT
Date: Tue, 21 Feb 2023 09:10:34 GMT
Connection: keep-alive
d1j2jv7bvcsxqg.cloudfront.net/FOFBpcnhbPwcUR0w5DU9BD2ZYQ0seOhodFkhtGTwJQhIlJShxPQ8CLG0dXVQMQjRUQl5UMQcVRR41BxFFCXYIFhoFZE8HGQU9BggRVDwIV0p+ZUdCXQpgQQURVjQGBQsdYlkcDB1iWUNIFmBMQTodYlkFEVZmXVdLenVbQgAOZExBOh1iWQAOHWMoQ0gNfl-lbXQpgDhcbUz9MQD4KYFhCSAlgWFdKCDYAAB1ePxFXSn5hWUdWCHYcT0k
54.230.245.28200 OK 188 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/FOFBpcnhbPwcUR0w5DU9BD2ZYQ0seOhodFkhtGTwJQhIlJShxPQ8CLG0dXVQMQjRUQl5UMQcVRR41BxFFCXYIFhoFZE8HGQU9BggRVDwIV0p+ZUdCXQpgQQURVjQGBQsdYlkcDB1iWUNIFmBMQTodYlkFEVZmXVdLenVbQgAOZExBOh1iWQAOHWMoQ0gNfl-lbXQpgDhcbUz9MQD4KYFhCSAlgWFdKCDYAAB1ePxFXSn5hWUdWCHYcT0k
IP 54.230.245.28:0
File type PPMN archive data\012- , ASCII text, with no line terminators
Hash 8c551700f0d6aab3f2b69de866837f8a
c4ad87a08c10261eec0787abe1ce4fc9c182a371
35ce51d9da8b2df115fdc303ad39ce12075a9ee9bb89de1c47d75879c4b85f54
GET /FOFBpcnhbPwcUR0w5DU9BD2ZYQ0seOhodFkhtGTwJQhIlJShxPQ8CLG0dXVQMQjRUQl5UMQcVRR41BxFFCXYIFhoFZE8HGQU9BggRVDwIV0p+ZUdCXQpgQQURVjQGBQsdYlkcDB1iWUNIFmBMQTodYlkFEVZmXVdLenVbQgAOZExBOh1iWQAOHWMoQ0gNfl-lbXQpgDhcbUz9MQD4KYFhCSAlgWFdKCDYAAB1ePxFXSn5hWUdWCHYcT0k HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 188
date: Tue, 21 Feb 2023 09:10:34 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vg1LtLzRw6MI-_jttYpCQUlhKQIM4PDE-ziDBrhbjF7muLwnhgjLJg==
X-Firefox-Spdy: h2
obeyedortostr.cc/utx?cb=aFQN9Bdpd3rh&top=www.upload-4ever.com&tid=976112
108.157.229.97204 No Content 0 B URL HTTP/2 obeyedortostr.cc/utx?cb=aFQN9Bdpd3rh&top=www.upload-4ever.com&tid=976112
IP 108.157.229.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=aFQN9Bdpd3rh&top=www.upload-4ever.com&tid=976112 HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 09:10:34 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 21 Feb 2023 09:11:34 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 115d56d751589aa02dcc0096dd66b552.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 3FWXB80yvk-iF6TYQGlH94dmiZoxhTN5cLbg9MS4nZhgLnEx-Ck6cA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.77302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 9ffbe56ba7572bae2ac5c7652b86b639
fd4f50baab7e22df934b4d96d5f21f83f0ae5de6
33627bd1501facff91e106d94382d01ec75d273d3a1eb013a71fb7a9614b4690
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 09:10:34 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1509681863%3A1676970634244098&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdwtAFS4ALIJs0n2pDI930LDexgxnnyqX6fBqCZr8D9e7e704vyALlRD53n7Ikmc5tOEkpq
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-nKetj1PeJiDYb-czZANc_w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:pNnYrQVoB7p9BEpJSOPkr9yaq1EZrw:2nbIKFoHFO8jBsa7;Path=/;Expires=Thu, 20-Feb-2025 09:10:34 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.77302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash d8c816d64ef9f8620a2f2f13e65d2721
42611be7be583a2e80fbbba2cbc30f839b89f814
f2ea4c7571d126f94bb8b7a634dfc0ea21b25013da194403693c80e652361ac1
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 09:10:34 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1359400814%3A1676970634254464&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfw8fArX-izRIfan2qKpCbrnuP0o6TJ48QPbOyj_5avRtDfRHpEO7P4lLTSANmjO6_D-rZ6
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-NDKc5Ii3qJo_02WuwBuptg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:-rekMiR1EQL1AGRru59nfnasej_TEw:M-cFY0AKJKaP07RK;Path=/;Expires=Thu, 20-Feb-2025 09:10:34 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=691112195&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20keygen%20autocom%202020%20rar&utmhid=2096121934&utmr=-&utmp=%2Fwrfvvguscirc%2Fkeygen%252520autocom%2525202020.23.rar&utmht=1676970634374&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1162343280.1676970634.1676970634.1676970634.1%3B%2B__utmz%3D196983016.1676970634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=773658694&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.8302 Found 369 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=691112195&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20keygen%20autocom%202020%20rar&utmhid=2096121934&utmr=-&utmp=%2Fwrfvvguscirc%2Fkeygen%252520autocom%2525202020.23.rar&utmht=1676970634374&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1162343280.1676970634.1676970634.1676970634.1%3B%2B__utmz%3D196983016.1676970634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=773658694&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 360970aa015820d916577169c24e93c0
d1348e858033060cfad1e150c2d02760bf7ec82b
58055926fb215faab1918715850962c56d09bcf41cb2cec27a3af0c966ab424a
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=691112195&utmhn=www.upload-4ever.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20keygen%20autocom%202020%20rar&utmhid=2096121934&utmr=-&utmp=%2Fwrfvvguscirc%2Fkeygen%252520autocom%2525202020.23.rar&utmht=1676970634374&utmac=UA-70364639-8&utmcc=__utma%3D196983016.1162343280.1676970634.1676970634.1676970634.1%3B%2B__utmz%3D196983016.1676970634.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=773658694&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
access-control-allow-origin: *
date: Tue, 21 Feb 2023 09:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (3649)
Hash 826c59cf28ad2fb1da0410d9e20bcb04
65de8fb24a760ef5d1ad1c68b19aedc9f14a9323
b454b50e73cd080de87addad0e860362d1c32275e7b8189c7b8968543eac249a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Feb 2023 09:10:34 GMT
expires: Tue, 21 Feb 2023 09:10:34 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8021757000689416441
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49366
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/jSmZQakMpCT4MfD4PNFd6fVBhW3FsDCMFLTpbADp1OzYFWhcJDCZaNh9fNEw3MAJtWmUmBz4NfmwDPgl+e0AxDiF3UnYeMyUNbQ8uPQwiBTkzAjxMNitbPQU5Iwo8C2Z4IGVEc29UYEI0Iwg0BTQ5Q2JaLT5DYlpyekhgT3AIQ2JaNCMIZl5meSR1WHMyUG-RPcAhDYloxPENjK3J6U35aam9UYA0mKQ0/T3EMVGBbc3pXYFtmeFY2AzEvAD8SZnggYVp2ZFZ2H357
54.230.245.28200 OK 503 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/jSmZQakMpCT4MfD4PNFd6fVBhW3FsDCMFLTpbADp1OzYFWhcJDCZaNh9fNEw3MAJtWmUmBz4NfmwDPgl+e0AxDiF3UnYeMyUNbQ8uPQwiBTkzAjxMNitbPQU5Iwo8C2Z4IGVEc29UYEI0Iwg0BTQ5Q2JaLT5DYlpyekhgT3AIQ2JaNCMIZl5meSR1WHMyUG-RPcAhDYloxPENjK3J6U35aam9UYA0mKQ0/T3EMVGBbc3pXYFtmeFY2AzEvAD8SZnggYVp2ZFZ2H357
IP 54.230.245.28:0
File type ASCII text, with very long lines (684), with no line terminators
Hash bf3bc38b04213d304255442233e950c2
21dd9e1faf55eadbba46311e1cce58a5328a636e
5f505b7ecff78a7877db0658d5c56701573f483c04c740ac30ecb6d609e445ba
GET /jSmZQakMpCT4MfD4PNFd6fVBhW3FsDCMFLTpbADp1OzYFWhcJDCZaNh9fNEw3MAJtWmUmBz4NfmwDPgl+e0AxDiF3UnYeMyUNbQ8uPQwiBTkzAjxMNitbPQU5Iwo8C2Z4IGVEc29UYEI0Iwg0BTQ5Q2JaLT5DYlpyekhgT3AIQ2JaNCMIZl5meSR1WHMyUG-RPcAhDYloxPENjK3J6U35aam9UYA0mKQ0/T3EMVGBbc3pXYFtmeFY2AzEvAD8SZnggYVp2ZFZ2H357 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obeyedortostr.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 503
date: Tue, 21 Feb 2023 09:10:34 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IWvN3jyo_7njbBuIaeYiVKUZTLLyllwJBxmiDDvs6F43pkONWWArRw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 407d753a19cf29f7e27cbabf2541ca22
fe7158003086e2aeef7a0260d3d3ec1146c75279
01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/v3/signin/identifier?dsh=S-1509681863%3A1676970634244098&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdwtAFS4ALIJs0n2pDI930LDexgxnnyqX6fBqCZr8D9e7e704vyALlRD53n7Ikmc5tOEkpq
142.250.74.77403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1509681863%3A1676970634244098&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdwtAFS4ALIJs0n2pDI930LDexgxnnyqX6fBqCZr8D9e7e704vyALlRD53n7Ikmc5tOEkpq
IP 142.250.74.77:0
Hash 7a9bea23f9bd9340ddecbcdb2f6e0c51
4f692cea4cf5f104358c121acdbd80ff45c4b6d6
18cd3296abb5bd5371e119c551f09a37093f06157c9efe92504e6c69292887fc
GET /v3/signin/identifier?dsh=S-1509681863%3A1676970634244098&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdwtAFS4ALIJs0n2pDI930LDexgxnnyqX6fBqCZr8D9e7e704vyALlRD53n7Ikmc5tOEkpq HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 09:10:34 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-O-iS_Gbhmz43m6twL4-slw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b510c08b72e922bbb9b68c74ca9c44b5
85950fbdb09c57b3531f401c3dc72b5a27f8d552
5abeebb812ed9b46fc3ac98fb948b151fa922c8f2a4ac99a60e6b561cbfaa586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1180
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Etag: "63f3ab6d-1d7"
Last-Modified: Tue, 21 Feb 2023 08:50:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
obeyedortostr.cc/utx?cb=GkXZMbtb7r0g&top=www.upload-4ever.com&tid=976408
108.157.229.97204 No Content 0 B URL HTTP/2 obeyedortostr.cc/utx?cb=GkXZMbtb7r0g&top=www.upload-4ever.com&tid=976408
IP 108.157.229.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=GkXZMbtb7r0g&top=www.upload-4ever.com&tid=976408 HTTP/1.1
Host: obeyedortostr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Feb 2023 09:10:34 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 21 Feb 2023 09:11:34 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 115d56d751589aa02dcc0096dd66b552.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: LO36mbUBsYpaZM0Dff934qPL8RqFflnp_200_qnKgDio5EgJ8FFtQw==
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
142.250.150.156302 Found 367 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
IP 142.250.150.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 041abdf80a39d00d4056a3ccaf054791
d725236d082af90796defd931bfe309661df17c4
75b47bc187c521e3d10d4b4c91229ef62933b82847fa3e119eb82be7c8fae649
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Feb 2023 09:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea54b63682fc949945a0d74d3cd302b2
1d06b7381419cdee42fd7cc5b56de7b14f6f38be
0edd103d9e5c2ec827cc683e3b691443cb992b88f1600d35fd9df23dcaf287d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0EDD103D9E5C2EC827CC683E3B691443CB992B88F1600D35FD9DF23DCAF287D6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2570
Expires: Tue, 21 Feb 2023 09:53:24 GMT
Date: Tue, 21 Feb 2023 09:10:34 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230215/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Mon, 20 Feb 2023 22:28:44 GMT
expires: Mon, 06 Mar 2023 22:28:44 GMT
cache-control: public, max-age=1209600
age: 38510
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3bbd309a8184ccda6aa0d8e1026ebbbf
d63bf14ff28427f971ba564fc722d9b8f44483b9
e3ca248b4ce7c7cd9d1b09380c8dc0a841a4b7c122a5d326d414a963d04f56b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 09:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195&slf_rd=1&random=188140778
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 082e9abf38efe3287592cadfd5cf28b5
790b8bfc4f73449f779cfd5f4702a63c3b5da47f
e49b03ef1ca823ad9fa273a31c28d7edb38c79c4f763e52760461431479c0bf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195&slf_rd=1&random=188140778
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195&slf_rd=1&random=188140778
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70364639-8&cid=1162343280.1676970634&jid=773658694&_v=5.7.2&z=691112195&slf_rd=1&random=188140778 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 09:10:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 082e9abf38efe3287592cadfd5cf28b5
790b8bfc4f73449f779cfd5f4702a63c3b5da47f
e49b03ef1ca823ad9fa273a31c28d7edb38c79c4f763e52760461431479c0bf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Feb 2023 09:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.28200 OK 117 kB URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.28:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 117 kB (116573 bytes)
Hash 7085d875e655f2e07a587ae412c795b3
95074bc9aebf5d9ec4ddffbe8e4f2d06365c2aec
10fc9bf8bd0d8d01099c8f3a3aba4ca36cf2a93f47c2ad5410881c353bd56f16
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 116573
date: Tue, 21 Feb 2023 09:10:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload-4ever.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ytIndch2ERyd6FgCl3vmF0_d_hOyd2mprFoKK0lSMAFImBYGt4fdvQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3949
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:10:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3949
Expires: Tue, 21 Feb 2023 10:16:24 GMT
Date: Tue, 21 Feb 2023 09:10:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 09:13:17 GMT
age: 86238
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
34.120.237.76200 OK 34 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
IP 34.120.237.76:0
Hash 4415f2bd38120b3853972c08581f4f2b
4ef522378daeea1323282e319bad34110ea83417
283a97c41b3216388561ba9bbc3c801b529db0c7d9c43c9f18faf4da413cc312
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7349
x-amzn-requestid: 76a8d55e-1e03-44d3-8c54-189007f4cf2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AhffeElfIAMFWOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f0792f-30cb18357e326d222d1078b8;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 07:07:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n6XdCksCYvpPD8Otqr9wPB8zPPfSTer7MiRdZHKdacvrMsw3njP_Nw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 11:21:08 GMT
age: 78567
etag: "fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83e6132f67f7260c438854ee306526a4
da52ad870b7961e0dffb76cb204c1634c1045bcc
9375c53e5d6519f5d765dcd4a4c2e24e372d9dc507fc3331ba122c7d08babc34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 11509d28-5502-4a01-8991-96d6cf2efd4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ARBMIGeqoAMFkpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e9e24d-77c90ef925dc9b1c7ff6561b;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 07:10:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3CuK8nOPRT8XXDy3SROYVosiN-o4BFEFJCZYqwr5Y6SLhydHcobdg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 08:23:41 GMT
age: 2814
etag: "da52ad870b7961e0dffb76cb204c1634c1045bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0069a196f8b45e350860582312bc91f
abf2b8a79e5a32e0415604175e06bde712af52f9
8bdcae73ce29f1041c696b053262245747d67786f80823da402ebc4bd633365b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2979dbd8-5e4b-4b69-9ad7-7457a9340546.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3688
x-amzn-requestid: efc78b3d-3eee-4a49-be91-3527af796fcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AeLpWGfXoAMFTUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ef263b-48614c321cb9e831768a9098;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 07:01:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0WQvgAfl2NXAknJKJAGALPgfZ4DGNEJG5CeOiSwkT5z1sLkbAqs7YA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 09:41:14 GMT
age: 84561
etag: "abf2b8a79e5a32e0415604175e06bde712af52f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d5b1f36b0fce0c27bc55b1b565fc036
b6b3c4f523346bcad001b251c984d18aee522d33
d03c32dc9a6ffce9b147d6db39df6a7bd3a3a47f778242e3194aa82357138d6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13379
x-amzn-requestid: 304b3dbc-34c8-45f6-bc57-0cb24d8bcd71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkTwpHiPoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1999d-428a7455204ae54c4383071b;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 03:38:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wEimr3MFrSkUXiNK08bsd0FgzCvyhJyigthdZRTpH6-V1t88W6pNNQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 21:54:43 GMT
age: 40552
etag: "b6b3c4f523346bcad001b251c984d18aee522d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8731ce65b0b488344705b96716fc85d6
eb4964fb506fa5be323d666243923744c31c8fdf
d0af8b820331858a0b1c68b4e011da8fe441327c0e369a4c2a30d8d011c89b8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf1e2195-c852-4c89-889b-f430610b2b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4144
x-amzn-requestid: 1bdb8c7a-f0d7-4271-bd3b-2ec3b465f561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aj8-kEMGIAMF1dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f17529-1390788e6c72f3326441edd0;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 01:02:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FmoqjnFhHQnhhV053HbdBMIMdDiLDSK7hpIOYqSvzcjDVMPEebCQ-Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 14:13:07 GMT
age: 68248
etag: "eb4964fb506fa5be323d666243923744c31c8fdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:10:34 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5739
last-modified: Tue, 21 Feb 2023 07:34:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JudAQqUaxTJoitfDUNeE1fHrI3N1UihFjslo%2BnQ2ggnWddfQ%2BOZRm5W%2FWolijptWQ2CZihUrafNRDY08FM9WyMUSSp8GXy2EGhKjD3Q9Ck6R9H7AJqcLRU7IS9UbYHb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79ce59804d5823e8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1359400814%3A1676970634254464&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfw8fArX-izRIfan2qKpCbrnuP0o6TJ48QPbOyj_5avRtDfRHpEO7P4lLTSANmjO6_D-rZ6
142.250.74.77403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1359400814%3A1676970634254464&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfw8fArX-izRIfan2qKpCbrnuP0o6TJ48QPbOyj_5avRtDfRHpEO7P4lLTSANmjO6_D-rZ6
IP 142.250.74.77:0
GET /v3/signin/identifier?dsh=S1359400814%3A1676970634254464&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfw8fArX-izRIfan2qKpCbrnuP0o6TJ48QPbOyj_5avRtDfRHpEO7P4lLTSANmjO6_D-rZ6 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Feb 2023 09:10:34 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-UwMv6TxwC_YvbN8BH6JrJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cagothie.net/?rb=SBGyPaPlDjBxKIKZLIthyEvzcwQ3S-LSJeU-cm4pJjmWq9RFtGD7Tm6KKIbVsYheOJWOJFl4Fpe0WK2KMGks8cDepzdNMWKRovtlQlyeHcB3VG0IwI5tEXzxa-J6CByG-ddPN7ayZOFFe6rFE_p98mCT2I5Del0A5YWj84TBgo4A-M4jkPh9LgfomHJ8gVvVHgOGy4JOqSD_jcU_02tKydmY5Z-x93HSKXueg0fi46ElaSrq&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fwrfvvguscirc%2Fkeygen%2520autocom%25202020.23.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=f449bb90-cf25-44ab-9a74-059c95195cc5&userId=291ca494a7f94be5918135028560e7c6&m=link
139.45.197.238200 OK 0 B URL HTTP/2 cagothie.net/?rb=SBGyPaPlDjBxKIKZLIthyEvzcwQ3S-LSJeU-cm4pJjmWq9RFtGD7Tm6KKIbVsYheOJWOJFl4Fpe0WK2KMGks8cDepzdNMWKRovtlQlyeHcB3VG0IwI5tEXzxa-J6CByG-ddPN7ayZOFFe6rFE_p98mCT2I5Del0A5YWj84TBgo4A-M4jkPh9LgfomHJ8gVvVHgOGy4JOqSD_jcU_02tKydmY5Z-x93HSKXueg0fi46ElaSrq&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fwrfvvguscirc%2Fkeygen%2520autocom%25202020.23.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=f449bb90-cf25-44ab-9a74-059c95195cc5&userId=291ca494a7f94be5918135028560e7c6&m=link
IP 139.45.197.238:0
GET /?rb=SBGyPaPlDjBxKIKZLIthyEvzcwQ3S-LSJeU-cm4pJjmWq9RFtGD7Tm6KKIbVsYheOJWOJFl4Fpe0WK2KMGks8cDepzdNMWKRovtlQlyeHcB3VG0IwI5tEXzxa-J6CByG-ddPN7ayZOFFe6rFE_p98mCT2I5Del0A5YWj84TBgo4A-M4jkPh9LgfomHJ8gVvVHgOGy4JOqSD_jcU_02tKydmY5Z-x93HSKXueg0fi46ElaSrq&request_ab2=0&zoneid=2726715&js_build=iclick-v1.490.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Fwww.upload-4ever.com%2Fwrfvvguscirc%2Fkeygen%2520autocom%25202020.23.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.490.0&bs=f449bb90-cf25-44ab-9a74-059c95195cc5&userId=291ca494a7f94be5918135028560e7c6&m=link HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Cookie: OAID=291ca494a7f94be5918135028560e7c6; oaidts=1676970633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:10:34 GMT
content-type: application/json
x-trace-id: a9246ae1dc47e485f66aeff9e57e8cb6
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=291ca494a7f94be5918135028560e7c6; expires=Wed, 21 Feb 2024 09:10:34 GMT; path=/; secure; SameSite=None
oaidts=1676970634; expires=Wed, 21 Feb 2024 09:10:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 28 Feb 2023 09:10:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
54.230.245.28200 OK 0 B URL HTTP/2 d1j2jv7bvcsxqg.cloudfront.net/?bvjjd=976112
IP 54.230.245.28:0
GET /?bvjjd=976112 HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116572
date: Tue, 21 Feb 2023 09:10:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qezeBp6w3fWRGBDtcdBaMkTa3phFXcQUT1im8tm21JVLf4wkKxiWNQ==
X-Firefox-Spdy: h2
cagothie.net/5/2726715/?oo=1&aab=1
139.45.197.238200 OK 0 B URL HTTP/2 cagothie.net/5/2726715/?oo=1&aab=1
IP 139.45.197.238:0
GET /5/2726715/?oo=1&aab=1 HTTP/1.1
Host: cagothie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload-4ever.com
Connection: keep-alive
Referer: https://www.upload-4ever.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 09:10:33 GMT
content-type: application/json
x-trace-id: 81f653b10742f4613a8b860ccd4fec96
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=291ca494a7f94be5918135028560e7c6; expires=Wed, 21 Feb 2024 09:10:33 GMT; path=/; secure; SameSite=None
oaidts=1676970633; expires=Wed, 21 Feb 2024 09:10:33 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:10:34 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5739
last-modified: Tue, 21 Feb 2023 07:34:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reKg1%2Bc2jyMV6GhGT%2FgAy6byTCq03%2BG8oCLPiMfUB1%2BAn7B7q904JKK0%2F%2BQibXiPvkJZ8AkVlmfmQCcngK0aXmjYPlAtikVbqIiPQbcK30gl%2BjGU%2BGDM%2B9x5hYlrseub"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79ce59804d4c23e8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload-4ever.com/
Origin: https://www.upload-4ever.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Feb 2023 09:10:34 GMT
content-type: text/plain
set-cookie: csu=631961719934508@1@1676970634; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload-4ever.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE6peHsIcKC%2B%2F2EYxpMqiJFtOYRKeFVpTSJT7SuosL0iiyqjlb2m2OpCmTbCgFMmPlOjh37Tu%2FoHPfT8b7mBFy5Dn0DkICFNmEMKzckSin2IrvHXJSF5SxREL9kxmSH5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79ce59804d5c23e8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2