cdn-129.bayfiles.com/d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip
195.96.151.84301 Moved Permanently 162 B URL HTTP/1.1 cdn-129.bayfiles.com/d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip
IP 195.96.151.84:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1
Host: cdn-129.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-129.bayfiles.com/d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5558
Expires: Mon, 03 Oct 2022 22:01:36 GMT
Date: Mon, 03 Oct 2022 20:28:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 19:46:58 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mw7QaVIwuslyvSy39AeR9WXeFasHy6y_yRzf4LAUEsz4x5hpvnjYxQ==
Age: 2520
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 74134730f642b6f6dfeca3ecc61a329e
668914cc93cceb123d199a45df13ad764704fa84
d681a4c2e20a6019c7e2d980cbfa77b34db9356899099296c3b8b4263ca5fb5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3483
Expires: Mon, 03 Oct 2022 21:27:01 GMT
Date: Mon, 03 Oct 2022 20:28:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: c3Ocxzn/kyBebbS/M01pBjlAT6D2HuoTA/R0D3b5RzEfCtLmX4N9WYhP9v+uyo/yxmI0SS7hUAU=
x-amz-request-id: NE208ZWBRZT0CJ1P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 19:50:45 GMT
age: 2293
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdn-129.bayfiles.com/d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip
195.96.151.84301 Moved Permanently 0 B URL HTTP/1.1 cdn-129.bayfiles.com/d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip
IP 195.96.151.84:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d8bf7amcy0/6ee497f5-1664792096/idm.6.41.02.silent.kuyhaa.zip HTTP/1.1
Host: cdn-129.bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://bayfiles.com/d8bf7amcy0
X-Cache-Host: filecache-01
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:28:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash eed352622b64bc8eb65c0dfb68a5bf23
a30a3b23367dab91bce824952b0ec490d6ca030b
90e049e5f7a0b2129d2e38744911f7bd0cc24bda2ece2ea6685f5701f72c7ba8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90E049E5F7A0B2129D2E38744911F7BD0CC24BDA2ECE2EA6685F5701F72C7BA8"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9419
Expires: Mon, 03 Oct 2022 23:05:57 GMT
Date: Mon, 03 Oct 2022 20:28:58 GMT
Connection: keep-alive
bayfiles.com/d8bf7amcy0
45.154.253.152404 Not Found 2.3 kB IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 0807cc424a4b4bb967fa7f86dce29f9a
852255eee7de93511d69856520fdb5f03349c17b
075b0caef004b47bbe0e68f371be81a7cbcb2ca98b7dadbd80f1ddfbce3eb73d
GET /d8bf7amcy0 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 27
Content-Encoding: gzip
bayfiles.com/css/bayfiles.css?1661352192
45.154.253.152200 OK 25 kB URL HTTP/1.1 bayfiles.com/css/bayfiles.css?1661352192
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash 896df88019eabed295bc78a2f053ab92
1bca351d99600fb10583eb28c638dd58482535a0
b1555a31747d1f471ea748a1363cf9c588d66dd15dcf42cf7fa0b2911d0424d0
GET /css/bayfiles.css?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 858
Content-Encoding: gzip
bayfiles.com/sw.js
45.154.253.152200 OK 14 kB IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 7439
Content-Encoding: gzip
bayfiles.com/js/app.js?1661352192
45.154.253.152200 OK 58 kB URL HTTP/1.1 bayfiles.com/js/app.js?1661352192
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1661352192 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 192
Content-Encoding: gzip
bayfiles.com/img/flags/24/fr.png
45.154.253.152200 OK 536 B URL HTTP/1.1 bayfiles.com/img/flags/24/fr.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1036
accept-ranges: bytes
bayfiles.com/img/flags/24/ru.png
45.154.253.152200 OK 403 B URL HTTP/1.1 bayfiles.com/img/flags/24/ru.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 988
accept-ranges: bytes
bayfiles.com/img/flags/24/no.png
45.154.253.152200 OK 611 B URL HTTP/1.1 bayfiles.com/img/flags/24/no.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1645
accept-ranges: bytes
bayfiles.com/static/logo.png
45.154.253.152200 OK 39 kB URL HTTP/1.1 bayfiles.com/static/logo.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 292 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash d39dfc9566d5264e198224dc249dd6bb
67ec60e7df6257a32f41e45e6877dc65f036ef0f
0b959f7dd25865a8a0636b6bb81d523c07fb03f76905313b9b8d677ae294b25a
GET /static/logo.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 38607
Connection: keep-alive
last-modified: Thu, 13 Aug 2020 11:36:54 GMT
etag: "5f3525d6-96cf"
vjs.zencdn.net/7.3.0/video.min.js
151.101.86.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Mon, 03 Oct 2022 20:28:58 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.86.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.86.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Mon, 03 Oct 2022 20:28:58 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 2517
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/se.png
45.154.253.152200 OK 581 B URL HTTP/1.1 bayfiles.com/img/flags/24/se.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1655
accept-ranges: bytes
bayfiles.com/img/flags/24/in.png
45.154.253.152200 OK 593 B URL HTTP/1.1 bayfiles.com/img/flags/24/in.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1635
accept-ranges: bytes
bayfiles.com/img/flags/24/kr.png
45.154.253.152200 OK 988 B URL HTTP/1.1 bayfiles.com/img/flags/24/kr.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1709
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 19:29:33 GMT
Expires: Mon, 03 Oct 2022 20:15:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kEGUAx4e3ZAbtHxtYj5MsjfwH1rxmYkoiELbAxZkmqv4ASVqy368Hg==
Age: 3565
bayfiles.com/img/flags/24/br.png
45.154.253.152200 OK 1.1 kB URL HTTP/1.1 bayfiles.com/img/flags/24/br.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1621
accept-ranges: bytes
bayfiles.com/img/flags/24/es.png
45.154.253.152200 OK 666 B URL HTTP/1.1 bayfiles.com/img/flags/24/es.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:58 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 972
accept-ranges: bytes
bayfiles.com/img/flags/24/fi.png
45.154.253.152200 OK 456 B URL HTTP/1.1 bayfiles.com/img/flags/24/fi.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1021
accept-ranges: bytes
bayfiles.com/img/flags/24/pl.png
45.154.253.152200 OK 347 B URL HTTP/1.1 bayfiles.com/img/flags/24/pl.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1960
accept-ranges: bytes
bayfiles.com/img/flags/24/de.png
45.154.253.152200 OK 483 B URL HTTP/1.1 bayfiles.com/img/flags/24/de.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1664
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:28:59 GMT
Last-Modified: Mon, 03 Oct 2022 18:39:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
bayfiles.com/img/flags/24/us.png
45.154.253.152200 OK 656 B URL HTTP/1.1 bayfiles.com/img/flags/24/us.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1026
accept-ranges: bytes
bayfiles.com/img/flags/24/dk.png
45.154.253.152200 OK 537 B URL HTTP/1.1 bayfiles.com/img/flags/24/dk.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1594
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737333
54.230.245.208200 OK 98 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737333
IP 54.230.245.208:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 9861e8f97a5101ace56327c55080950e
278038452cc67d0f8c7cc5efc1b258bf9fa61d38
598c0f903bafa8fcf2b35f9498a21559347c3d032fc8b7b55781cc6b48e73b3f
GET /?xsvjd=737333 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 98041
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jD51O_KOU1A5GZwnW4kRNs39G0Ii3iOx0AHR9sdSkwDR10DikqAc5w==
X-Firefox-Spdy: h2
bayfiles.com/img/flags/24/jp.png
45.154.253.152200 OK 599 B URL HTTP/1.1 bayfiles.com/img/flags/24/jp.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1595
accept-ranges: bytes
bayfiles.com/sw.js?VzU4OGYMFw8LUWQHDhpKdRcUGgQ1BVtdXzRTFQhTMVQVDAVjABUBXmEEFQ5RMQwMWVFiVgleBXUZGgADb1AJXQRhGAwBXmQYDABXMxhZDFQzGAALXzENAQEHblQKWUR7F0tPRHsXSFcKPlZRTB8kUEpRCTMbUVYAOBcUGlN5Bxpl
45.154.253.152200 OK 14 kB URL HTTP/1.1 bayfiles.com/sw.js?VzU4OGYMFw8LUWQHDhpKdRcUGgQ1BVtdXzRTFQhTMVQVDAVjABUBXmEEFQ5RMQwMWVFiVgleBXUZGgADb1AJXQRhGAwBXmQYDABXMxhZDFQzGAALXzENAQEHblQKWUR7F0tPRHsXSFcKPlZRTB8kUEpRCTMbUVYAOBcUGlN5Bxpl
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (39060), with no line terminators
Hash fefdeff3180d9772f08a2cadce9a55b0
5610f0290b7f4c81c57a65703825fc2830aeac96
0009589421c540c0b0ee37fde74f5373962096bc8e9869a953b4cb59547a8f61
GET /sw.js?VzU4OGYMFw8LUWQHDhpKdRcUGgQ1BVtdXzRTFQhTMVQVDAVjABUBXmEEFQ5RMQwMWVFiVgleBXUZGgADb1AJXQRhGAwBXmQYDABXMxhZDFQzGAALXzENAQEHblQKWUR7F0tPRHsXSFcKPlZRTB8kUEpRCTMbUVYAOBcUGlN5Bxpl HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 8826
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.225200 OK 344 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 67cbb3221d37aca3be1c252d9f81b0fd
f599180585437bb80c5d6ca08d89a75b37aa01f6
3d5d815685e5db44e257e8fd06f89bc6b72edaa6192df7809f67904a78e03fd5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D5D815685E5DB44E257E8FD06F89BC6B72EDAA6192DF7809F67904A78E03FD5"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9716
Expires: Mon, 03 Oct 2022 23:10:55 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.225200 OK 344 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 67cbb3221d37aca3be1c252d9f81b0fd
f599180585437bb80c5d6ca08d89a75b37aa01f6
3d5d815685e5db44e257e8fd06f89bc6b72edaa6192df7809f67904a78e03fd5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D5D815685E5DB44E257E8FD06F89BC6B72EDAA6192DF7809F67904A78E03FD5"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9716
Expires: Mon, 03 Oct 2022 23:10:55 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Sd9stRELiVY0xodu8d9A/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NOzka7/POeq/XuIGuhJwFodsH/I=
feltlonelyand.xyz/UHM4UHIxEVs9TTFOWnYHIh8FdUAWVgoWFjoFAWkBKBxJIARhQhYzHj8GXDYAPx1Mfhw1Bx1iNCMQQho5M0FpASoDIm4HBTQRdDtHBCJ5BkcBNVwGJRQYWxMVHSNzAis9OGAnIx8KYQMhPjoAARU0OnQ7RwUlbmQAGCJ2HzQTS1wSQmQ3WhI7ETZpaVdiMW4CMxQraxY9EiJiFSISMl0WJxEdfxU7FyYLMxcTBFQyODhLfgYVET5qOwIUNQs4NgQySxQXYSlgHSA0R2knFTErfGg+ASZ9Ez87B2scMwJWChIkPBBAFkE4N343JwgWbBoWAiFAZiU7NXoRG31DbxIKOBdaYDc5ImkaRQFCahMzPgdvBhkeJnEnNxI1bmALBh9hYTFjC1wGNAY7XGA7dhlLPxwgTls1MAo9YhgwMQsAHw
143.204.55.106200 OK 1.2 kB URL HTTP/2 feltlonelyand.xyz/UHM4UHIxEVs9TTFOWnYHIh8FdUAWVgoWFjoFAWkBKBxJIARhQhYzHj8GXDYAPx1Mfhw1Bx1iNCMQQho5M0FpASoDIm4HBTQRdDtHBCJ5BkcBNVwGJRQYWxMVHSNzAis9OGAnIx8KYQMhPjoAARU0OnQ7RwUlbmQAGCJ2HzQTS1wSQmQ3WhI7ETZpaVdiMW4CMxQraxY9EiJiFSISMl0WJxEdfxU7FyYLMxcTBFQyODhLfgYVET5qOwIUNQs4NgQySxQXYSlgHSA0R2knFTErfGg+ASZ9Ez87B2scMwJWChIkPBBAFkE4N343JwgWbBoWAiFAZiU7NXoRG31DbxIKOBdaYDc5ImkaRQFCahMzPgdvBhkeJnEnNxI1bmALBh9hYTFjC1wGNAY7XGA7dhlLPxwgTls1MAo9YhgwMQsAHw
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash e43eeb6295bcba62869d9710033d912f
b5953fbe5b4950e434a5e1a42c3b9a9b2cccb40b
d0652fb314476f928c15c806eb8c7181ca77114ba80e598d4938712d4c1f15ac
GET /UHM4UHIxEVs9TTFOWnYHIh8FdUAWVgoWFjoFAWkBKBxJIARhQhYzHj8GXDYAPx1Mfhw1Bx1iNCMQQho5M0FpASoDIm4HBTQRdDtHBCJ5BkcBNVwGJRQYWxMVHSNzAis9OGAnIx8KYQMhPjoAARU0OnQ7RwUlbmQAGCJ2HzQTS1wSQmQ3WhI7ETZpaVdiMW4CMxQraxY9EiJiFSISMl0WJxEdfxU7FyYLMxcTBFQyODhLfgYVET5qOwIUNQs4NgQySxQXYSlgHSA0R2knFTErfGg+ASZ9Ez87B2scMwJWChIkPBBAFkE4N343JwgWbBoWAiFAZiU7NXoRG31DbxIKOBdaYDc5ImkaRQFCahMzPgdvBhkeJnEnNxI1bmALBh9hYTFjC1wGNAY7XGA7dhlLPxwgTls1MAo9YhgwMQsAHw HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Mon, 03 Oct 2022 20:28:59 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jJ3icIDHOk80mnu8nTLx8dGzX54XRAJtlN9FmRMz1jxS9GBvh9PDdw==
X-Firefox-Spdy: h2
feltlonelyand.xyz/SHJkTUspEAcgdClPBms+Oh5ZaHkOV1YLLyIEXXQ4MB0VPT15Q0ouJycHACs5JxwQYyUtBkF/DSc9MzUBKkMILAoxES4XIHg0KBsBPTYiPX0fNVwrCSIdJQN7JCA0HhIEFAMiIAIjHDUYIkIyHRoaEQY6BnwkEzl7GyYcFQ97IAErei87L3wBPDocKn4JNi0IDxwFPgF6JyUoNXt4Jw8icwwfNhgKMj8jAx0dPAYLey42IQd+Gx8XBxkMNAEsCTAUJ307OjE1DCwJIRwPGBAGAgQaDhMiISc8OiJ1BxsfFwcDIksvLCUgJAJ9DTg3ISF8EAhRLg8xXy0MLQkBFSh6cR0nGzN8KlYqKBAcDwcGDQEuATwJGiwLfxgkCXUTEDVcLBEJFUInOCccFHA/ASAjKyYCJyw
143.204.55.106200 OK 1.2 kB URL HTTP/2 feltlonelyand.xyz/SHJkTUspEAcgdClPBms+Oh5ZaHkOV1YLLyIEXXQ4MB0VPT15Q0ouJycHACs5JxwQYyUtBkF/DSc9MzUBKkMILAoxES4XIHg0KBsBPTYiPX0fNVwrCSIdJQN7JCA0HhIEFAMiIAIjHDUYIkIyHRoaEQY6BnwkEzl7GyYcFQ97IAErei87L3wBPDocKn4JNi0IDxwFPgF6JyUoNXt4Jw8icwwfNhgKMj8jAx0dPAYLey42IQd+Gx8XBxkMNAEsCTAUJ307OjE1DCwJIRwPGBAGAgQaDhMiISc8OiJ1BxsfFwcDIksvLCUgJAJ9DTg3ISF8EAhRLg8xXy0MLQkBFSh6cR0nGzN8KlYqKBAcDwcGDQEuATwJGiwLfxgkCXUTEDVcLBEJFUInOCccFHA/ASAjKyYCJyw
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3010), with no line terminators
Hash da85b82771bcf6410e78d943be7a76af
5ed23440e0bb86c8bbf9cedef8c1a3d87334c1e9
bae0e145d521aa2575d19967d03a005864567fe17bf044b17cb5dab9c43ad93b
GET /SHJkTUspEAcgdClPBms+Oh5ZaHkOV1YLLyIEXXQ4MB0VPT15Q0ouJycHACs5JxwQYyUtBkF/DSc9MzUBKkMILAoxES4XIHg0KBsBPTYiPX0fNVwrCSIdJQN7JCA0HhIEFAMiIAIjHDUYIkIyHRoaEQY6BnwkEzl7GyYcFQ97IAErei87L3wBPDocKn4JNi0IDxwFPgF6JyUoNXt4Jw8icwwfNhgKMj8jAx0dPAYLey42IQd+Gx8XBxkMNAEsCTAUJ307OjE1DCwJIRwPGBAGAgQaDhMiISc8OiJ1BxsfFwcDIksvLCUgJAJ9DTg3ISF8EAhRLg8xXy0MLQkBFSh6cR0nGzN8KlYqKBAcDwcGDQEuATwJGiwLfxgkCXUTEDVcLBEJFUInOCccFHA/ASAjKyYCJyw HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1167
date: Mon, 03 Oct 2022 20:28:59 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z8Npbw_jgrdcoN68qVKO3mac2J-6q7qnOjwyPEIrHXSmHhoI8H8BZw==
X-Firefox-Spdy: h2
feltlonelyand.xyz/cVFOQnEQMy0vThBsLGQEAz1zZ0M3dHwEFRsnd3sCCT4/MgdAYGAhHR4kKiQDHj86bB8UJWtwNzUDNBgIED0HKSYjJgMgJT83CC4VHTUPBDMmBioqKTAUCBI1Eh0IEzMbGhh7MDkWHzUlCQB2DzY3Eg0DRAc1NgMUMis5JTJAAB4SMiAdH3IGCxh/ECEpPx87J0FpBhIlQDcGJSgLCCkTQSliNnE0QRMvJxtJGR9ySBkTHAwwJjt6NyYwMh0mQiQWDS47GhYPADYlYwsENEETLws1NAUfEQUDMhwqMiBiKnMzGQQeDyIJCxhzFiQ1Hxg1JjwEcDMafAASKDk1HwUJFmIHFBo6BXwDMzVhHAcoHBcKFkACdyQxHh8hcyUbQD8ncAdHJjckJxM
143.204.55.106200 OK 1.2 kB URL HTTP/2 feltlonelyand.xyz/cVFOQnEQMy0vThBsLGQEAz1zZ0M3dHwEFRsnd3sCCT4/MgdAYGAhHR4kKiQDHj86bB8UJWtwNzUDNBgIED0HKSYjJgMgJT83CC4VHTUPBDMmBioqKTAUCBI1Eh0IEzMbGhh7MDkWHzUlCQB2DzY3Eg0DRAc1NgMUMis5JTJAAB4SMiAdH3IGCxh/ECEpPx87J0FpBhIlQDcGJSgLCCkTQSliNnE0QRMvJxtJGR9ySBkTHAwwJjt6NyYwMh0mQiQWDS47GhYPADYlYwsENEETLws1NAUfEQUDMhwqMiBiKnMzGQQeDyIJCxhzFiQ1Hxg1JjwEcDMafAASKDk1HwUJFmIHFBo6BXwDMzVhHAcoHBcKFkACdyQxHh8hcyUbQD8ncAdHJjckJxM
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators
Hash 12ee13ddddb0607824d9f8590c5cd073
32281be7f3b0d08f4097e4e50134c12099ee2f5a
e7f7132e3c26bbe29431b7069f304415d55856a85f077b4df8404fa2624f78a9
GET /cVFOQnEQMy0vThBsLGQEAz1zZ0M3dHwEFRsnd3sCCT4/MgdAYGAhHR4kKiQDHj86bB8UJWtwNzUDNBgIED0HKSYjJgMgJT83CC4VHTUPBDMmBioqKTAUCBI1Eh0IEzMbGhh7MDkWHzUlCQB2DzY3Eg0DRAc1NgMUMis5JTJAAB4SMiAdH3IGCxh/ECEpPx87J0FpBhIlQDcGJSgLCCkTQSliNnE0QRMvJxtJGR9ySBkTHAwwJjt6NyYwMh0mQiQWDS47GhYPADYlYwsENEETLws1NAUfEQUDMhwqMiBiKnMzGQQeDyIJCxhzFiQ1Hxg1JjwEcDMafAASKDk1HwUJFmIHFBo6BXwDMzVhHAcoHBcKFkACdyQxHh8hcyUbQD8ncAdHJjckJxM HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1157
date: Mon, 03 Oct 2022 20:28:59 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4B7ad6rHhFKvmQwcC8WyjKiBriMMX54JYHaZ1dFD_r_07Q45e6z1LQ==
X-Firefox-Spdy: h2
panyinadiin.xyz/RWs1UmFqVFYhXBARYxgFAg9fECl8LWMFOAAOYDY3HxwEZDUTPhMmCCFWAmdXdlwDdBEsDwhgWGMYQTMVMBgIY0csBVM9XGMdCGNPdUUDYk91TUBvUGMfRTMGeFoTIhUxBwhjV3NfDWBZfFgMYFB3
172.67.179.219204 No Content 0 B URL HTTP/2 panyinadiin.xyz/RWs1UmFqVFYhXBARYxgFAg9fECl8LWMFOAAOYDY3HxwEZDUTPhMmCCFWAmdXdlwDdBEsDwhgWGMYQTMVMBgIY0csBVM9XGMdCGNPdUUDYk91TUBvUGMfRTMGeFoTIhUxBwhjV3NfDWBZfFgMYFB3
IP 172.67.179.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RWs1UmFqVFYhXBARYxgFAg9fECl8LWMFOAAOYDY3HxwEZDUTPhMmCCFWAmdXdlwDdBEsDwhgWGMYQTMVMBgIY0csBVM9XGMdCGNPdUUDYk91TUBvUGMfRTMGeFoTIhUxBwhjV3NfDWBZfFgMYFB3 HTTP/1.1
Host: panyinadiin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FKzZ3g4kMNkTe1mncXkskBy5uPrN96Vg2NFm7UQ6HnHfIPHt8%2FPI9RPDZQRuGOidz0gy6Anm5%2FNBm0S%2Bq8LZhvI1ORhMMIl2Dql3O%2B2rJz%2FyNpLH5jUp1JZ0JL2Mx7cTnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75486d67e8e81c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panyinadiin.xyz/TGE4Ym9jXlsRUi0LeRg8fQ1sIAgKG1lTWwYgcA4AFAZhJAkLBh4WBihcD1FYf1INRB8lBQVTV2oSTAMbORIFU0klD14NUmoXBVNBfE8KTF9qFAVTSTgRWQVSfUdIFhsgXAlUWXhZClpWf1gKUF8
172.67.179.219204 No Content 0 B URL HTTP/2 panyinadiin.xyz/TGE4Ym9jXlsRUi0LeRg8fQ1sIAgKG1lTWwYgcA4AFAZhJAkLBh4WBihcD1FYf1INRB8lBQVTV2oSTAMbORIFU0klD14NUmoXBVNBfE8KTF9qFAVTSTgRWQVSfUdIFhsgXAlUWXhZClpWf1gKUF8
IP 172.67.179.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TGE4Ym9jXlsRUi0LeRg8fQ1sIAgKG1lTWwYgcA4AFAZhJAkLBh4WBihcD1FYf1INRB8lBQVTV2oSTAMbORIFU0klD14NUmoXBVNBfE8KTF9qFAVTSTgRWQVSfUdIFhsgXAlUWXhZClpWf1gKUF8 HTTP/1.1
Host: panyinadiin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEqwtcJoQ42mkdtwpa%2BeWPcvowViv9T3h1K9noQfH8vGdP7Sf5E4wl%2Bzo%2BYCGIvaG4caFyGeOsQeVewAfbZjegLipbjqmgPumZ0vZ4GnBLUoJD6v56%2BT73JdnOu20MW8I14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75486d67e8ed1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panyinadiin.xyz/ZVp6bG5KZRkfUzIPDhk0IxwJCjg/DSArLFANSy4EBGkCDTgiD1wYBwFnTV9ZVmlJSh4MPkddSBYuGxgbFmdLSgcLPBVRSBNnS0JdUXRIVUBVfA9RX0MuCg0JWGtcHBoRNkddWFNuQl5WXGlDXVdT
172.67.179.219204 No Content 0 B URL HTTP/2 panyinadiin.xyz/ZVp6bG5KZRkfUzIPDhk0IxwJCjg/DSArLFANSy4EBGkCDTgiD1wYBwFnTV9ZVmlJSh4MPkddSBYuGxgbFmdLSgcLPBVRSBNnS0JdUXRIVUBVfA9RX0MuCg0JWGtcHBoRNkddWFNuQl5WXGlDXVdT
IP 172.67.179.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZVp6bG5KZRkfUzIPDhk0IxwJCjg/DSArLFANSy4EBGkCDTgiD1wYBwFnTV9ZVmlJSh4MPkddSBYuGxgbFmdLSgcLPBVRSBNnS0JdUXRIVUBVfA9RX0MuCg0JWGtcHBoRNkddWFNuQl5WXGlDXVdT HTTP/1.1
Host: panyinadiin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWZvt20b4tDEhzG5Nr7Wqs%2But5I92R%2BzSYBdxJOd%2BWTWyRyaahuMzZ5N8tlXqfRc%2Flo8J%2BoR5jYh2aLHX0PYIo1HVngg%2FCygoRjxzrgCyVIIqHXUvO3RkaSCOz%2BFsjmP9ao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75486d67e8eb1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.225200 OK 344 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 67cbb3221d37aca3be1c252d9f81b0fd
f599180585437bb80c5d6ca08d89a75b37aa01f6
3d5d815685e5db44e257e8fd06f89bc6b72edaa6192df7809f67904a78e03fd5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D5D815685E5DB44E257E8FD06F89BC6B72EDAA6192DF7809F67904A78E03FD5"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9716
Expires: Mon, 03 Oct 2022 23:10:55 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597318614
45.154.253.152200 OK 1.4 kB URL HTTP/1.1 bayfiles.com/img/favicon/favicon-32x32-bayfiles.png?1597318614
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9549584e9288a5dd9d163daa26a6f34d
0c7a71967bd4570770aa9b1043a1d82cd8969252
d18e625001a778074faea9e00ae801988818827c121732ba020390e84897578e
GET /img/favicon/favicon-32x32-bayfiles.png?1597318614 HTTP/1.1
Host: bayfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/d8bf7amcy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 20:28:59 GMT
Content-Type: image/png
Content-Length: 1368
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 118
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 429a962c9e9796af4cd7a3bb499a72b9
01d59b862d62ede70da6aef2ea8ce6731ec3c2f9
5767aa13c4cb06d50991f8e1851e30c6f6d365468353e3b68d5f19af6dda7fad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:28:59 GMT
Last-Modified: Mon, 03 Oct 2022 19:41:50 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a7b92212ae4106a9ed5d5e1799853f2
c1fef7d0e5389a9dc047bb1ff0bd7f923cf83d97
ba1b8ae206d40083e34aeb116ac4356070aa12bc09e051765154e8a1648fe2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a7b92212ae4106a9ed5d5e1799853f2
c1fef7d0e5389a9dc047bb1ff0bd7f923cf83d97
ba1b8ae206d40083e34aeb116ac4356070aa12bc09e051765154e8a1648fe2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.225200 OK 345 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 16441444a614c24e9dec5b59ca86d07c
135d180aed3bd344132c1305521407e498215d5c
7fcddd79a00a1550423d40ee04b1e4b595f5808c4c855389b5783056296a5878
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7FCDDD79A00A1550423D40EE04B1E4B595F5808C4C855389B5783056296A5878"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Mon, 03 Oct 2022 23:47:02 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.225200 OK 345 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 16441444a614c24e9dec5b59ca86d07c
135d180aed3bd344132c1305521407e498215d5c
7fcddd79a00a1550423d40ee04b1e4b595f5808c4c855389b5783056296a5878
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7FCDDD79A00A1550423D40EE04B1E4B595F5808C4C855389B5783056296A5878"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Mon, 03 Oct 2022 23:47:02 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.225200 OK 345 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 16441444a614c24e9dec5b59ca86d07c
135d180aed3bd344132c1305521407e498215d5c
7fcddd79a00a1550423d40ee04b1e4b595f5808c4c855389b5783056296a5878
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7FCDDD79A00A1550423D40EE04B1E4B595F5808C4C855389B5783056296A5878"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Mon, 03 Oct 2022 23:47:02 GMT
Date: Mon, 03 Oct 2022 20:28:59 GMT
Connection: keep-alive
feltlonelyand.xyz/utx?cb=fyB50cZUChKe&top=bayfiles.com&tid=737333
143.204.55.106204 No Content 0 B URL HTTP/2 feltlonelyand.xyz/utx?cb=fyB50cZUChKe&top=bayfiles.com&tid=737333
IP 143.204.55.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fyB50cZUChKe&top=bayfiles.com&tid=737333 HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 03 Oct 2022 20:28:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 03 Oct 2022 20:29:59 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hJOIhSHELu6UqsF7vyKznlfeLwDAAwB9KLt6pTQfg49Gtw67sou9aA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 400 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 7f5675c9b83ce6814ef0d8be4f812f6d
037cd6899a95e8c535ea2193136e3084bbccf5f1
88c020f5674326d377df9f8866ab01c0cc29a9d92fa1d58a57e69765d08cf26f
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 20:28:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1358326735%3A1664828939756793&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpzD8LPY1stYMqfHaj4NjU-HsYJc8bVnPWYPn23S9Kbdm03PzirUXiR16R_judsocnrQfejQw
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-0vuKLBBsQrGMwLRnmOZjsA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:bVMbEExQBfgoIdL-BFDSLKIbUoDQng:nGvEwZy0OpL8gvav;Path=/;Expires=Wed, 02-Oct-2024 20:28:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
feltlonelyand.xyz/utx?cb=luWXwSsC6fub&top=bayfiles.com&tid=756376
143.204.55.106204 No Content 0 B URL HTTP/2 feltlonelyand.xyz/utx?cb=luWXwSsC6fub&top=bayfiles.com&tid=756376
IP 143.204.55.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=luWXwSsC6fub&top=bayfiles.com&tid=756376 HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 03 Oct 2022 20:28:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 03 Oct 2022 20:29:59 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S7rNSnRoQgdIePmm3VNU7KeLFfNGQV9ok0kxDZKLmkpifaMTIz7irA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 27ef086cb7c081699ecdccd5fd90cbbe
d2f8fd488de0f0da1e7697e888ae11cdbc11d2e7
45f568c9f3aece7530f35ea9b3bb12f8b47c53d9b70eb37eb0dd2bbcbeb8dedb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 20:28:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1779018225%3A1664828939797520&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqmWjaAZZo8Yhf8RDE8_mJ5BCXHVQ-Qkbo-CjiApK5VmTK0eW9wFXBYAQUfqjqBNEnZdUDLhw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ZIJcw92IsUWMgx5n0fa4Mw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:zwGGwvbeqViqsEF0zRmAZVOi4v1BAg:DD0yia8hpsCPEtvP;Path=/;Expires=Wed, 02-Oct-2024 20:28:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
djv99sxoqpv11.cloudfront.net/sczJKc2QQXSQVWwdbLk5TQAV5QFdVWDkcCgMPKRYmKXwQOyYSSnI8QgdILk5UVV4rHQNOFC8dB04DbBIAEQ9+VRADXSFOBQZEPBAeFUAnGEIGU3ceCwlbJh8FVgAMRkpDF3hDTAsDe1ZXMRd4QwgaXD8LQUECMktSLAR+VlcxF3hDFgUXeTJdRRx6WkFBAi-0WBxhdb0EiQQJ7Q1RCAntWVkNUIwEBFV0yVlY1C3xdVFVHd0I
54.230.245.208200 OK 550 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/sczJKc2QQXSQVWwdbLk5TQAV5QFdVWDkcCgMPKRYmKXwQOyYSSnI8QgdILk5UVV4rHQNOFC8dB04DbBIAEQ9+VRADXSFOBQZEPBAeFUAnGEIGU3ceCwlbJh8FVgAMRkpDF3hDTAsDe1ZXMRd4QwgaXD8LQUECMktSLAR+VlcxF3hDFgUXeTJdRRx6WkFBAi-0WBxhdb0EiQQJ7Q1RCAntWVkNUIwEBFV0yVlY1C3xdVFVHd0I
IP 54.230.245.208:0
File type ASCII text, with very long lines (772), with no line terminators
Hash 142a0aa8c7a486292a8dbc3f1fc4195f
27d75736fc7288ff0a4acd483596f0c48d86d43f
7df3869866c489abb539e55bd6997338a3bacd1126b6c45b964264e913f0cd03
Analyzer Verdict Alert fortinet Malware
GET /sczJKc2QQXSQVWwdbLk5TQAV5QFdVWDkcCgMPKRYmKXwQOyYSSnI8QgdILk5UVV4rHQNOFC8dB04DbBIAEQ9+VRADXSFOBQZEPBAeFUAnGEIGU3ceCwlbJh8FVgAMRkpDF3hDTAsDe1ZXMRd4QwgaXD8LQUECMktSLAR+VlcxF3hDFgUXeTJdRRx6WkFBAi-0WBxhdb0EiQQJ7Q1RCAntWVkNUIwEBFV0yVlY1C3xdVFVHd0I HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://feltlonelyand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 550
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VwRmwyAmTqilgVArQolxJt1cD0yfMWuc859LaVBjJtDhCaDRCRDYWw==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1358326735%3A1664828939756793&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpzD8LPY1stYMqfHaj4NjU-HsYJc8bVnPWYPn23S9Kbdm03PzirUXiR16R_judsocnrQfejQw
216.58.207.237403 Forbidden 1.2 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1358326735%3A1664828939756793&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpzD8LPY1stYMqfHaj4NjU-HsYJc8bVnPWYPn23S9Kbdm03PzirUXiR16R_judsocnrQfejQw
IP 216.58.207.237:0
Hash bc2da28561190037725426bfb331d464
e567a78b67fd251da08c111809b9465725c258cb
fac4b54263fb0c3b51ca966919fe306900d596cad3a06ec809779b3c84d86b86
GET /v3/signin/identifier?dsh=S-1358326735%3A1664828939756793&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpzD8LPY1stYMqfHaj4NjU-HsYJc8bVnPWYPn23S9Kbdm03PzirUXiR16R_judsocnrQfejQw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 20:28:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-tKP6ocbV74zGDZKfMZJsiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=fKFHXFcru9klZSgNl8qFlIQGF7ufqPaEege7xipVerWVqLCVU5t6MpIT9o9zVFWfv5b-h1_Ao00zPxqWzxsHvT7-WlDNPyHSLvYcdITHwzL2GtG7MG81XtLKlJ4baRdTGUAONhmymmzqZt44hFvmDwM_EOURuPrzjdR3yS4TkrE; expires=Tue, 04-Apr-2023 20:28:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/oOWxJb1laAycJZk0FLVJuDFp6WG8fBjoAN0lRPSYLfgokJQxxSj0VPQRcbwM4Vwt0STxXD3Ref1gIK1JtHxg5ADIEDTwZL1oWLx00Uko8DmRUAzMGNVUNbF0fDEJ5SmsJRDFeaBxfC0prCQAgASxBSXtfIQFaFlltHF8LSmsJHj9KanhVf0FpEEl7Xz5cDy-IAfAsqe19oCVx4X2gcXnkJMEsJLwAhHF4PVm8XXG8aZAg
54.230.245.208200 OK 445 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/oOWxJb1laAycJZk0FLVJuDFp6WG8fBjoAN0lRPSYLfgokJQxxSj0VPQRcbwM4Vwt0STxXD3Ref1gIK1JtHxg5ADIEDTwZL1oWLx00Uko8DmRUAzMGNVUNbF0fDEJ5SmsJRDFeaBxfC0prCQAgASxBSXtfIQFaFlltHF8LSmsJHj9KanhVf0FpEEl7Xz5cDy-IAfAsqe19oCVx4X2gcXnkJMEsJLwAhHF4PVm8XXG8aZAg
IP 54.230.245.208:0
File type ASCII text, with very long lines (585), with no line terminators
Hash 84b3b7a2ecf7f9c5fae5f254494460f1
ad9f281ad6cb239f0b8479f2bd2f31bdf2991f97
dfdda01263cd973f608f9fba844e5d93ce3b641a820b5ad3fe91f09d3b1dc1dc
Analyzer Verdict Alert fortinet Malware
GET /oOWxJb1laAycJZk0FLVJuDFp6WG8fBjoAN0lRPSYLfgokJQxxSj0VPQRcbwM4Vwt0STxXD3Ref1gIK1JtHxg5ADIEDTwZL1oWLx00Uko8DmRUAzMGNVUNbF0fDEJ5SmsJRDFeaBxfC0prCQAgASxBSXtfIQFaFlltHF8LSmsJHj9KanhVf0FpEEl7Xz5cDy-IAfAsqe19oCVx4X2gcXnkJMEsJLwAhHF4PVm8XXG8aZAg HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://feltlonelyand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 445
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CSR8Dgzj1cJdUsElQHxSZFpwAMgTnf5WEBfo2fcjJmQhaDMnx-m8PQ==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/DRzZyalIkWRwMbTNfFldldAFBWWdhXAEFPDcLFQBjKV9AHGQwTxQ8MGFCCA5vdxAeCzwgC1QPPCQLQ0wzI1RPXnQyV08HPT1fHgYzYgQ0X3x3E0Baej8HQ09hBRNAWj4uWAcSd3UGClJkGABGT2EFE0BaIDETQStrcRhCQ3d1BhUPMSxZV1gUdQZDWmJ2Bk-NPYHdQGxg3IVkKT2ABD0REYmFDT1s
54.230.245.208200 OK 188 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/DRzZyalIkWRwMbTNfFldldAFBWWdhXAEFPDcLFQBjKV9AHGQwTxQ8MGFCCA5vdxAeCzwgC1QPPCQLQ0wzI1RPXnQyV08HPT1fHgYzYgQ0X3x3E0Baej8HQ09hBRNAWj4uWAcSd3UGClJkGABGT2EFE0BaIDETQStrcRhCQ3d1BhUPMSxZV1gUdQZDWmJ2Bk-NPYHdQGxg3IVkKT2ABD0REYmFDT1s
IP 54.230.245.208:0
File type ASCII text, with no line terminators
Hash 47b20a20b6534760e9d7f3af5b0aa113
4e4643eb19eb8d04593eed25bb3091639a7d9e4a
c3614130351ca2980da032f65600dc7fca3f0eded075240f68e653bc5a8d8711
Analyzer Verdict Alert fortinet Malware
GET /DRzZyalIkWRwMbTNfFldldAFBWWdhXAEFPDcLFQBjKV9AHGQwTxQ8MGFCCA5vdxAeCzwgC1QPPCQLQ0wzI1RPXnQyV08HPT1fHgYzYgQ0X3x3E0Baej8HQ09hBRNAWj4uWAcSd3UGClJkGABGT2EFE0BaIDETQStrcRhCQ3d1BhUPMSxZV1gUdQZDWmJ2Bk-NPYHdQGxg3IVkKT2ABD0REYmFDT1s HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://feltlonelyand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 188
date: Mon, 03 Oct 2022 20:28:59 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RFoIqL_f38bcUbM6vccPDVdcLcbmZYoZDDUqIscjDt0pgZinxO2u8w==
X-Firefox-Spdy: h2
feltlonelyand.xyz/multi?cs=eVN2b0pJYkBeeExiRlx4TWtFVng&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ggoD=1664828939738&crc=1
143.204.55.106200 OK 1.6 kB URL HTTP/2 feltlonelyand.xyz/multi?cs=eVN2b0pJYkBeeExiRlx4TWtFVng&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ggoD=1664828939738&crc=1
IP 143.204.55.106:0
Hash 15e3ef5a95e3c9849b5b6dddac826f3e
13a18467c10074501b1c43be6b29b9f8c9df1b25
bf80f173500cf2e26528c2da5b0071047c85646c84a7153cdb438385396d71f9
GET /multi?cs=eVN2b0pJYkBeeExiRlx4TWtFVng&abt=0&red=1&sm=76&k=&v=1.0.60.0&sts=0&prn=0&emb=0&tid=756376&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fbayfiles.com%2Fd8bf7amcy0&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ggoD=1664828939738&crc=1 HTTP/1.1
Host: feltlonelyand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bayfiles.com
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1538
date: Mon, 03 Oct 2022 20:29:00 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://bayfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8d9a821a-1646-47b6-a9bc-62aa2537b890
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sBxdgO6HLBjQ83TS-xygpg8wo9MGiO292V4n3wta0nnNA2KF_URmPw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:29:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 81813
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 56769
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 81813
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 81857
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 20:14:12 GMT
age: 888
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 10 kB IP 172.64.199.35:0
File type ASCII text, with no line terminators
Hash 1a9b34b9b8430c1b2fb7a9eaf140231f
4a767eda36ae7ebbc25daa2215ade17254852c2f
f8d8d748d46ac114cfc9bab6ee22f3e6a6e17c30b675781e54034a184f956264
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:28:59 GMT
content-type: text/plain
set-cookie: csu=18335680687617@1@1664828939; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFckjs5LqC1YlvFoDbkPsDld5%2BVauFnJ6ZmPZVT6Vy3AgyjTkSrCsTM8XeLT%2BMFdw0NbrTFh9wOlJGgoAkU2N6iCLd8Z1V3mJInK1k%2BEa23WG5ODPofdjHp2Vx0Oms7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75486d69bb78773e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bayfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +X11uYQ4QTFNkgS/SE4TKuatVY+87f5EadQo+VTmkROvf/dTweEs2AITTzris7+gX7ot3WmE9wSJ81fSL7yTKA==
date: Mon, 03 Oct 2022 20:28:59 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:28:59 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5845
last-modified: Mon, 03 Oct 2022 18:51:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpqGhNNQFLZ%2BqlVzigPucaMHFChtp7Hben7ympDhlEISKVa%2BeG5MDj75n12YxOY2VKluBFE1PevsIzCJbi7Ouxko9pn5NTCiOR2A3pcWkZUdMsrcHz5lKKu8TUOqGJC4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75486d69bb61773e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1779018225%3A1664828939797520&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqmWjaAZZo8Yhf8RDE8_mJ5BCXHVQ-Qkbo-CjiApK5VmTK0eW9wFXBYAQUfqjqBNEnZdUDLhw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1779018225%3A1664828939797520&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqmWjaAZZo8Yhf8RDE8_mJ5BCXHVQ-Qkbo-CjiApK5VmTK0eW9wFXBYAQUfqjqBNEnZdUDLhw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1779018225%3A1664828939797520&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqmWjaAZZo8Yhf8RDE8_mJ5BCXHVQ-Qkbo-CjiApK5VmTK0eW9wFXBYAQUfqjqBNEnZdUDLhw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 20:28:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-OZad1zqVZ3UseeVTEV8m3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=oa943vaM8su0V8XtB0HjAtp2uDIJ6hRieJHiP1lu5FBAWiz54S1HwYpmv6qouOEj33qV5YSINnaZGWMNZ0yAfBdDPw0PN8YTBD09zqYOq2eYJpJuElULRNbUMi0lXUMr7BuBUrEqvtUHK2c9LQrcmNvAjYTDajrvTvqT9ZlYJ04; expires=Tue, 04-Apr-2023 20:28:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bayfiles.com/
Origin: https://bayfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:28:59 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://bayfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5845
last-modified: Mon, 03 Oct 2022 18:51:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaiC3y7%2F3%2F%2BdKZQBIp%2Bjs0d9dnjegDSXsq0%2FRJkFByWD2n%2FKbB94fVt7eZS8rTYRHhmuFpNUqMnfErdcmbFU6EZi8VZHBa1mwjWOdD9uypeAKKVI%2FNBPZvsywLkQEsqN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75486d69bb6c773e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2