200 OK 2.7 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2702), with no line terminators
Hash f83370b1e36d4b264ea77c98c65a4b6d
797e939fb6524f84a130873c0ea876f8c52e1b80
39d2ba3651e624f97c57ec200b7e9c5a9426d8662c9b6dc007dc40c3bab2f5e1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 2702
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 28 Nov 2023 03:05:02 GMT
Date: Tue, 28 Nov 2023 08:38:23 GMT
rmesthmoaygdev.com/css/app.6054a985.css
200 OK 14 kB URL GET HTTP/1.1 rmesthmoaygdev.com/css/app.6054a985.css
IP
Requested by http://rmesthmoaygdev.com/
File type ASCII text, with very long lines (14103), with no line terminators
Hash 1f719b8ea369fda5cf7511606077e647
eec72204f54a537c1ad6eab588cf0762ccc255af
03180bd4c22f4d7e7959d24712a5b3f3c77dbb4bb977f476975b083987c3cb0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/app.6054a985.css HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 14103
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 28 Nov 2023 03:05:00 GMT
Date: Tue, 28 Nov 2023 08:38:24 GMT
rmesthmoaygdev.com/css/chunk-vendors.c57533e1.css
200 OK 156 kB URL GET HTTP/1.1 rmesthmoaygdev.com/css/chunk-vendors.c57533e1.css
IP
Requested by http://rmesthmoaygdev.com/
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (156544 bytes)
Hash ebfffebc1f62c3be51082e6595a0a005
e278fbd6fd48150b3f366b50ed388983d934978c
f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 156544
Content-Type: text/css; charset=utf-8
Last-Modified: Tue, 28 Nov 2023 03:05:01 GMT
Date: Tue, 28 Nov 2023 08:38:24 GMT
rmesthmoaygdev.com/js/app.22a273d1.js
200 OK 171 kB URL GET HTTP/1.1 rmesthmoaygdev.com/js/app.22a273d1.js
IP
Requested by http://rmesthmoaygdev.com/
File type ASCII text, with very long lines (65536), with no line terminators
Size 171 kB (171433 bytes)
Hash cddf4fb8447e8a5761bd400e58b6eac4
3bb1915a0bb5dd188b05757c4144beca738b42ea
2a43027086e5cb0898195ae04756869c41235f6633799bd719a128065327a699
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/app.22a273d1.js HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 171433
Content-Type: text/javascript; charset=utf-8
Last-Modified: Tue, 28 Nov 2023 03:05:10 GMT
Date: Tue, 28 Nov 2023 08:38:24 GMT
rmesthmoaygdev.com/js/chunk-vendors.ea790e22.js
200 OK 949 kB URL GET HTTP/1.1 rmesthmoaygdev.com/js/chunk-vendors.ea790e22.js
IP
Requested by http://rmesthmoaygdev.com/
File type Unicode text, UTF-8 text, with very long lines (51759)
Size 949 kB (949174 bytes)
Hash 4fee178f809d1b2a829099a8bb91c56c
178b6322fdc40c08fcbda0c096c668855ad49b51
c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 949174
Content-Type: text/javascript; charset=utf-8
Last-Modified: Tue, 28 Nov 2023 03:05:12 GMT
Date: Tue, 28 Nov 2023 08:38:24 GMT
rmesthmoaygdev.com/getlog
200 OK 12 kB URL GET HTTP/1.1 rmesthmoaygdev.com/getlog
IP
Requested by http://rmesthmoaygdev.com/
File type JSON data\012- , ASCII text, with very long lines (12040), with no line terminators
Hash ac2b00b14d57240a666d2ac07ddadd78
3d7ac7318416c8d831d7fafaa22ed9e70d7b9792
c44ec6bda39b23f80649be490149d6778bb811e57855356d657edeedecd17633
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /getlog HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Tue, 28 Nov 2023 08:38:24 GMT
Transfer-Encoding: chunked
goxsr2.de/socket.io/?EIO=3&transport=websocket
4.1 kB URL goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6229), with no line terminators
Hash 2a5f2b9a0fb55508bc7109aec338d9f7
2919ee4e9a3041ae7615d30eb2331adef6e0f3a8
582941c1d18e3b63e6deaf02428ef031e566de5ae19438800cb628d1f0d804bb
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IMFulB3uLS/Qsqt2cPLMJg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMEp0Z8oBtEcujTjeVH2aHMU0%2FjoewbDJR7WCvuKwhB%2F8rlLayEAAGG4%2FkJHYbpqHTRHAlnfTnPbH6psJi%2Fv5FLWl46H0nNQaz6YeHgT%2Fo9Qqqi1D89UwGOFdzc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b63dbe61bfe-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
cdn.discordapp.com/attachments/1178855801687904296/1178855851193286686/drb851e.mp4
2.3 MB URL cdn.discordapp.com/attachments/1178855801687904296/1178855851193286686/drb851e.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 2.3 MB (2263409 bytes)
Hash 3826f70c725b39fc6d02b792010a0bc6
a27bbeae9d090c9eefb0031c347484b487d37106
5d35ff8d1ab404418161d7f8cb13b2254063dd0e3278019339e9390a79fd2ab5
GET /attachments/1178855801687904296/1178855851193286686/drb851e.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Tue, 28 Nov 2023 08:38:24 GMT
content-type: video/mp4
content-length: 2263409
content-range: bytes 0-2263408/2263409
cf-ray: 82d14b64a86f712d-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 19371
cache-control: public, max-age=31536000
content-disposition: attachment; filename=drb851e.mp4
etag: "3826f70c725b39fc6d02b792010a0bc6"
expires: Wed, 27 Nov 2024 08:38:24 GMT
last-modified: Tue, 28 Nov 2023 00:32:17 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1701131537141292
x-goog-hash: crc32c=afEt0A==, md5=OCb3DHJbOfxtAreSAQoLxg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2263409
x-guploader-uploadid: ABPtcPpIe8fKfjLNkVdq9eqbqjFuhDD5qLSYwBX5N8Y_5YcIx70-BBb1Nf-8tCPl9TTOebx8NtA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox%2Fr%2BDuRONQAmIUOdH7Q5FnuTzy6uN%2For8EoRt6cl%2BobzBGxG3lZHMo4oEJjWptequn6rsZLgBdhtybPJZl%2FjwpVY0Wf1R9lNVVBM3PkhGvTMnMSZ%2Bybs2%2BtpSgTUd7%2FOqorlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=QPhn6goLAXkKse8cAXJJHUacsbmijRzjqSlCDpA_gPM-1701160704-0-ATeJKUhVIDByFwdji6Aq5xEF74BLLt5+T/Dx4KCxwKCKSOrfhiO7i0N7W5BYZKX4BSX4lMK0FWcu/QMn+5s9xbw=; path=/; expires=Tue, 28-Nov-23 09:08:24 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=KgjLmZSBThtRwm7wViy8GfEp3VpaTM5svrA4M9YFERw-1701160704773-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
rmesthmoaygdev.com/img/icons/apple-touch-icon-152x152.png
200 OK 4.0 kB URL GET HTTP/1.1 rmesthmoaygdev.com/img/icons/apple-touch-icon-152x152.png
IP
Requested by http://rmesthmoaygdev.com/
File type PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Hash 1a034e64d80905128113e5272a5ab95e
92328e60f63d690f33cd4961b9934a539dc29b82
4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 4046
Content-Type: image/png
Last-Modified: Tue, 28 Nov 2023 03:05:04 GMT
Date: Tue, 28 Nov 2023 08:38:24 GMT
rmesthmoaygdev.com/img/icons/favicon.svg
200 OK 2.7 kB URL GET HTTP/1.1 rmesthmoaygdev.com/img/icons/favicon.svg
IP
Requested by http://rmesthmoaygdev.com/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2702), with no line terminators
Hash f83370b1e36d4b264ea77c98c65a4b6d
797e939fb6524f84a130873c0ea876f8c52e1b80
39d2ba3651e624f97c57ec200b7e9c5a9426d8662c9b6dc007dc40c3bab2f5e1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/icons/favicon.svg HTTP/1.1
Host: rmesthmoaygdev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 08:38:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
ocsp.sectigochina.com/
472 B IP
Hash 830ced6159e7c8c418246d76ea13b233
bc5c9a3bea6baa310fb0a9821defc94c6dbd8fb4
94684f284bce02e43dcff1b8b0ffe02e9db80cb167f345f9efbb63d8d9bc0d06
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 08:38:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 26 Nov 2023 00:42:47 GMT
Expires: Sun, 03 Dec 2023 00:42:46 GMT
Etag: "bc5c9a3bea6baa310fb0a9821defc94c6dbd8fb4"
Cache-Control: max-age=404066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d14b6b199356bd-OSL
b.yzcdn.cn/vant/icon-demo-1126.png
200 OK 8.9 kB URL GET HTTP/2 b.yzcdn.cn/vant/icon-demo-1126.png
IP
ASN #138915 Kaopu Cloud HK Limited
Requested by http://rmesthmoaygdev.com/
Certificate IssuersslTrus
Subject*.yzcdn.cn
Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f87c46f346a5548224ccbe0b6bd75df5
8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd
b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:38:25 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC197_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC26_DE-Frankfurt-Frankfurt-7-cache-2
x-cache: HIT from BC26_DE-Frankfurt-Frankfurt-7-cache-2(baishan)
X-Firefox-Spdy: h2
goxsr2.de/socket.io/?EIO=3&transport=websocket
4.1 kB URL goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6229), with no line terminators
Hash 52a98e6351dab57ddd341d0a9494c407
027e81c595fc3e878bbfdeba2f1e5f8b5369dc26
5e9c4325dd7815fcc4a09d55405be6ed84aee3b83f2cea122fe0d97d5302c957
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EbdDvxjJkdtaQPv3EzMarg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXiPQEqrwv7PJ1JCpTuoH9NZFYc3ot6bCnQPK0acJDTuw6y5rImGAivLc%2FEwkuoF%2B0r0D2j8NLu9NaE3M6eVyFdaTba0bie08i7%2Fngn9rn9W4ErTYQsCWGQjTQg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b6c1ab9712f-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
4.1 kB URL goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6229), with no line terminators
Hash 29dad5849315518efe70bee1709e9723
760fb00be4d92ed0bf339852ec4b951596ffcf2d
fbb69d935fdffc9f811271cde0bed8b6217ddf3a961556c184c00f5681c0a276
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3BKMQsfUQG5a7fp4z9L8qg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkiJJjU1%2BvXueFlrVAOk0f62sBjxcaz9nux5rFe2RcJs%2Fm6b%2BIct4qP0RLBB3ktqP%2Bspyy94sPo73MLs%2Bh87E0VuDeV6YGO%2B8QLzTY2ClA2YQHl4zDXMpjggVj8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b749d5f56ca-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
4.1 kB URL goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6229), with no line terminators
Hash bcff1846b7df030a84af908a0d356b64
093016c364082809ebce67cd5b35705c69489d8a
8c0667ce9b55108945c2edd5cdd4f16d29022efc2fc2d3eac22ca5e3ed603cdd
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BXI7LAWdRt9gwVs3fWTJMA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bkgTCeHIXIsDDGezKkPW2qzqs6ZANTtli6eUxkX3H%2FenwaTfOi0RUZjiYbfAtvhSFJiZ%2F2xsUX4EeYguwn1036XCTIhclHADHD06XgUX9s3tEFtS6%2BiNTHldCA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b9419d20b31-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
4.4 kB URL goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6677), with no line terminators
Hash e1625dcda82412ed4788b88c3a5c36e0
378936a776dd2c4d2548c717b1ddfa4f2a96c65d
0f0e6c0adc0382690159cdbf46a518d130d70a3752e5916b5ea6ab49f8dffcc2
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rxL59G9zgAL+KbW6fRiotw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzXlARAZBVy3CJdbsRJDcsls%2BwDXSqyWUL0FUvtwNdLsu7EV8Gthz6Tdcf3h7gDdDAB%2BcShalVNRRM6t3XfXaMwScPg%2FanDY7WRgtpN3H1pDi850mTt2rRUZR80%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14bb38df556c1-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
403 Forbidden 0 B URL GET HTTP/1.1 goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerGoogle Trust Services LLC
Subjectgoxsr2.de
Fingerprint66:BD:4F:E5:F9:B5:70:6D:DC:48:60:77:C0:94:6F:D6:E9:03:91:85
ValidityFri, 24 Nov 2023 15:07:27 GMT - Thu, 22 Feb 2024 15:07:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IMFulB3uLS/Qsqt2cPLMJg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMEp0Z8oBtEcujTjeVH2aHMU0%2FjoewbDJR7WCvuKwhB%2F8rlLayEAAGG4%2FkJHYbpqHTRHAlnfTnPbH6psJi%2Fv5FLWl46H0nNQaz6YeHgT%2Fo9Qqqi1D89UwGOFdzc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b63dbe61bfe-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
403 Forbidden 0 B URL GET HTTP/1.1 goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerGoogle Trust Services LLC
Subjectgoxsr2.de
Fingerprint66:BD:4F:E5:F9:B5:70:6D:DC:48:60:77:C0:94:6F:D6:E9:03:91:85
ValidityFri, 24 Nov 2023 15:07:27 GMT - Thu, 22 Feb 2024 15:07:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3BKMQsfUQG5a7fp4z9L8qg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkiJJjU1%2BvXueFlrVAOk0f62sBjxcaz9nux5rFe2RcJs%2Fm6b%2BIct4qP0RLBB3ktqP%2Bspyy94sPo73MLs%2Bh87E0VuDeV6YGO%2B8QLzTY2ClA2YQHl4zDXMpjggVj8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b749d5f56ca-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
403 Forbidden 0 B URL GET HTTP/1.1 goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerGoogle Trust Services LLC
Subjectgoxsr2.de
Fingerprint66:BD:4F:E5:F9:B5:70:6D:DC:48:60:77:C0:94:6F:D6:E9:03:91:85
ValidityFri, 24 Nov 2023 15:07:27 GMT - Thu, 22 Feb 2024 15:07:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EbdDvxjJkdtaQPv3EzMarg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXiPQEqrwv7PJ1JCpTuoH9NZFYc3ot6bCnQPK0acJDTuw6y5rImGAivLc%2FEwkuoF%2B0r0D2j8NLu9NaE3M6eVyFdaTba0bie08i7%2Fngn9rn9W4ErTYQsCWGQjTQg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b6c1ab9712f-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
goxsr2.de/socket.io/?EIO=3&transport=websocket
403 Forbidden 0 B URL GET HTTP/1.1 goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerGoogle Trust Services LLC
Subjectgoxsr2.de
Fingerprint66:BD:4F:E5:F9:B5:70:6D:DC:48:60:77:C0:94:6F:D6:E9:03:91:85
ValidityFri, 24 Nov 2023 15:07:27 GMT - Thu, 22 Feb 2024 15:07:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BXI7LAWdRt9gwVs3fWTJMA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bkgTCeHIXIsDDGezKkPW2qzqs6ZANTtli6eUxkX3H%2FenwaTfOi0RUZjiYbfAtvhSFJiZ%2F2xsUX4EeYguwn1036XCTIhclHADHD06XgUX9s3tEFtS6%2BiNTHldCA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14b9419d20b31-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
cdn.discordapp.com/attachments/1178855801687904296/1178855851193286686/drb851e.mp4
206 Partial Content 2.3 MB URL GET HTTP/2 cdn.discordapp.com/attachments/1178855801687904296/1178855851193286686/drb851e.mp4
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Size 2.3 MB (2263409 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1178855801687904296/1178855851193286686/drb851e.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://rmesthmoaygdev.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Tue, 28 Nov 2023 08:38:24 GMT
content-type: video/mp4
content-length: 2263409
content-range: bytes 0-2263408/2263409
cf-ray: 82d14b64a86f712d-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 19371
cache-control: public, max-age=31536000
content-disposition: attachment; filename=drb851e.mp4
etag: "3826f70c725b39fc6d02b792010a0bc6"
expires: Wed, 27 Nov 2024 08:38:24 GMT
last-modified: Tue, 28 Nov 2023 00:32:17 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1701131537141292
x-goog-hash: crc32c=afEt0A==, md5=OCb3DHJbOfxtAreSAQoLxg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2263409
x-guploader-uploadid: ABPtcPpIe8fKfjLNkVdq9eqbqjFuhDD5qLSYwBX5N8Y_5YcIx70-BBb1Nf-8tCPl9TTOebx8NtA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox%2Fr%2BDuRONQAmIUOdH7Q5FnuTzy6uN%2For8EoRt6cl%2BobzBGxG3lZHMo4oEJjWptequn6rsZLgBdhtybPJZl%2FjwpVY0Wf1R9lNVVBM3PkhGvTMnMSZ%2Bybs2%2BtpSgTUd7%2FOqorlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=QPhn6goLAXkKse8cAXJJHUacsbmijRzjqSlCDpA_gPM-1701160704-0-ATeJKUhVIDByFwdji6Aq5xEF74BLLt5+T/Dx4KCxwKCKSOrfhiO7i0N7W5BYZKX4BSX4lMK0FWcu/QMn+5s9xbw=; path=/; expires=Tue, 28-Nov-23 09:08:24 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=KgjLmZSBThtRwm7wViy8GfEp3VpaTM5svrA4M9YFERw-1701160704773-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
goxsr2.de/socket.io/?EIO=3&transport=websocket
403 Forbidden 0 B URL GET HTTP/1.1 goxsr2.de/socket.io/?EIO=3&transport=websocket
IP
Requested by http://rmesthmoaygdev.com/
Certificate IssuerGoogle Trust Services LLC
Subjectgoxsr2.de
Fingerprint66:BD:4F:E5:F9:B5:70:6D:DC:48:60:77:C0:94:6F:D6:E9:03:91:85
ValidityFri, 24 Nov 2023 15:07:27 GMT - Thu, 22 Feb 2024 15:07:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: goxsr2.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rmesthmoaygdev.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rxL59G9zgAL+KbW6fRiotw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 403 Forbidden
Date: Tue, 28 Nov 2023 08:38:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzXlARAZBVy3CJdbsRJDcsls%2BwDXSqyWUL0FUvtwNdLsu7EV8Gthz6Tdcf3h7gDdDAB%2BcShalVNRRM6t3XfXaMwScPg%2FanDY7WRgtpN3H1pDi850mTt2rRUZR80%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82d14bb38df556c1-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
193.109.85.43
185.23.181.26
172.67.162.178
162.159.135.233